Windows 8.1 64bit Trojaner wohlmöglich

ozaansnr · 06.08.2015, 17:29

Ich nutze Windows 8.1, 64 bit
Wenn ich über Chrome einen Internetseite egal welche öffne und versuche etwas anzuklicken
, öffnet sich ständig ein neuer tab mit veschiedenen Internetseiten mit Werbung in jeder art,
Hab schon in den Chrome Erweiterungen geschaut ob eine "App" aktiv ist, die dies verursacht.
Leider erfolglos.

Dazu sage ich das ich mich weniger auskenne und jemanden finde der es mir mit viel geduld und interesse erklärt.

Ich hoffe es kann mir hier jemand helfen.

Mit freundlichen grüßen Ozaansnr

schrauber · 06.08.2015, 17:47

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

ozaansnr · 06.08.2015, 18:06

Code:

ATTFilter

Addition.txt

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-08-2015
durchgeführt von Ozan (2015-08-06 18:52:26)
Gestartet von C:\Users\Ozan\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3364150796-1208467441-1766990213-500 - Administrator - Disabled)
Gast (S-1-5-21-3364150796-1208467441-1766990213-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3364150796-1208467441-1766990213-1003 - Limited - Enabled)
Ozan (S-1-5-21-3364150796-1208467441-1766990213-1001 - Administrator - Enabled) => C:\Users\Ozan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.03.2004.4 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3009 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.07.2003 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.09.2004.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled Blitz (HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\Pokki_b79314136e6ba18353f09bd5bf012d131f0304a4) (Version: 1.1.1.45891 - Pokki)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 1.1.4.155 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dragons of Atlantis (HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\Pokki_cfada041afdc4a11092a096cac66ab6a0945d92b) (Version: v1.1.7 - Pokki)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Farmerama (HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\Pokki_544f30c7fadc5b27a6dbeda7ae7467f4c2546bd9) (Version: v1.1.3 - Pokki)
Foxit PhantomPDF (HKLM-x32\...\{F74C595C-BEF2-4AF9-9C4E-68F3CD509C4D}) (Version: 6.0.120.609 - Foxit Corporation)
Foxy Secure (HKLM-x32\...\Foxy Secure) (Version: 6 - ) <==== ACHTUNG
Free YouTube Download version 3.2.49.1122 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1122 - DVDVideoSoft Ltd.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Goodgame Big Farm (HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\Pokki_146973192f4e3d4ad8e10238e5e444db3822111b) (Version: v1.0.5 - Pokki)
Goodgame Empire (HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\Pokki_149b46d4a102c0304583931ceaa3f0bf19785ee3) (Version: v1.1.7 - Pokki)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\{17BADF87-3597-46FE-8D74-69C4FA78883E}) (Version: 1.0.0 - JoWood)
Gothic 3 Enhanced Edition (HKLM-x32\...\{C28A686B-D439-4B83-B023-7402E982F69D}_is1) (Version:  - Nordic Games GmbH)
Gothic 3 Götterdämmerung Enhanced Edition (HKLM-x32\...\{6890095D-D7FE-465A-9B1D-BE605B1F5FD9}_is1) (Version:  - Nordic Games GmbH)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Grepolis (HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\Pokki_e01f070379f710c5a0b6d028894f65918638c317) (Version: v1.0.2 - Pokki)
Host App Service (HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\Pokki) (Version: 0.269.7.738 - Pokki)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.120 - McAfee, Inc.)
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4737.1003 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Minecraft PC Gamer Demo version 1.5 (HKLM-x32\...\{55D65D27-C0CD-4375-9021-F3D3D024ED90}_is1) (Version: 1.5 - Mojang)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Network Magic (HKLM-x32\...\{371EBC04-8CED-4AEB-96F6-8184EAF340BC}) (Version: 4.1.7073.2 - Pure Networks)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 333.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\Pokki_Start_Menu) (Version: 0.269.7.738 - Pokki)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Radio Canyon (HKLM-x32\...\Radio Canyon) (Version: 1.35.11.26 - Radio Canyon) <==== ACHTUNG
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Balance (HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\{9563BC59-9556-4805-8CD4-886781779D8D}) (Version: 1.2.9 - Video Total corp)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3364150796-1208467441-1766990213-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ozan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

18-07-2015 04:23:06 Windows Update
24-07-2015 00:39:43 Windows Update
28-07-2015 18:41:15 Windows Update
04-08-2015 23:37:42 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2015-07-22 20:42 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1	mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05EF6F81-02C6-4FC4-AADA-02CFDDF159B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-26] (Google Inc.)
Task: {0D3B954B-C929-412B-B062-F2C0414BE9D1} - System32\Tasks\Pokki => %LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe
Task: {0F4468D4-C206-4FE5-B687-B40BAB0FEA71} - System32\Tasks\Virtual Balance => Rundll32.exe "C:\Users\Ozan\AppData\Local\Virtual Balance\Bin\VirtualBalance.dll",#3
Task: {14D41BC2-5C03-4E4D-BF05-6276FFF2C165} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-26] (Google Inc.)
Task: {28D2A212-29D8-49E8-8843-0EC8677F9801} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {2C39A7E8-C548-4343-972B-9EA2D019FDCA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {3411840D-4C73-45BE-951F-403899A760AF} - System32\Tasks\web_disco_updating_service => C:\Program Files (x86)\web disco\web_disco_updating_service.exe [2015-04-02] () <==== ACHTUNG
Task: {3FEC52A4-C6E7-491B-A1CD-0EC030D163F5} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {47AB8697-4280-4223-9C31-5014A741B4CD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {5F760C18-3721-4631-94D4-B84C190E6EFD} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {6173FFCA-7D70-47F1-AECC-C7B4224614A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-19] (Avast Software s.r.o.)
Task: {62B4DBF4-B37C-4266-89FA-27FB7D8D0FDC} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3364150796-1208467441-1766990213-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {67327A42-F67E-48D0-A7F7-CC4E123B772F} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe 
Task: {67D435F4-9033-4251-ABFC-EB77958F7B07} - System32\Tasks\fb361c4d-71e0-4961-a784-2cbee129581d-5_user => C:\Program Files (x86)\Radio Canyon\fb361c4d-71e0-4961-a784-2cbee129581d-5.exe <==== ACHTUNG
Task: {80409ACE-71DF-4936-949A-53FBA784FEEC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {87676CB0-8349-4600-826E-BA34AEBD3BCD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {8B93519E-B08B-4FAA-934F-D91FA154E1F0} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {8F786627-FE7B-4548-B48D-AA99028FDB7D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {9187AFD2-FDF0-4B78-BEA2-905D550F51B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {95735CB2-F76F-4C2C-A8C7-DEDC7C17334F} - System32\Tasks\fb361c4d-71e0-4961-a784-2cbee129581d-1 => C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe <==== ACHTUNG
Task: {9881E429-DC6D-4BCD-ABC1-6382064B2BF4} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {A8AF2EB4-C148-45F5-A31E-DDEC02064CE9} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {ABAA4E27-B6CA-44C6-B3C9-6633494D47E4} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {B8FCBAD0-B909-4A69-9CA0-DAC97DF818B3} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {C0D65E93-0658-4608-99F5-3BCE71255221} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {C2254144-88D5-4693-B825-2AAB22A202FC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-06-09] (Microsoft Corporation)
Task: {D4F28AD4-DF14-4457-94CA-C54004EFBF7C} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-07-23] (Acer Incorporated)
Task: {D6AAF35B-1113-4897-AFC6-E6863EE796F8} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {DC23C290-EC40-4328-B342-36B77D43CD26} - System32\Tasks\avastBCLRestartS-1-5-21-3364150796-1208467441-1766990213-1001 => Chrome.exe 
Task: {E7C9B533-FA87-44DF-8FC2-8FE396F14C88} - System32\Tasks\fb361c4d-71e0-4961-a784-2cbee129581d-5 => C:\Program Files (x86)\Radio Canyon\fb361c4d-71e0-4961-a784-2cbee129581d-5.exe <==== ACHTUNG
Task: {EB4A7427-4AB4-4B20-93CB-4940986845B2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F0943DCE-A214-4FB4-A4D3-CACF799EDBEB} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-07-23] (Acer)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\fb361c4d-71e0-4961-a784-2cbee129581d-1.job => C:\Program Files (x86)\Radio Canyon\Radio Canyon-codedownloader.exe <==== ACHTUNG
Task: C:\Windows\Tasks\fb361c4d-71e0-4961-a784-2cbee129581d-5.job => C:\Program Files (x86)\Radio Canyon\fb361c4d-71e0-4961-a784-2cbee129581d-5.exe <==== ACHTUNG
Task: C:\Windows\Tasks\fb361c4d-71e0-4961-a784-2cbee129581d-5_user.job => C:\Program Files (x86)\Radio Canyon\fb361c4d-71e0-4961-a784-2cbee129581d-5.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\web_disco_updating_service.job => C:\Program Files (x86)\web disco\web_disco_updating_service.exeª /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=web_disco_updating_service /funurl=http:/stats.buildomserv.com <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-29 19:16 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-27 10:36 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-03-12 16:00 - 2014-03-12 16:00 - 00055528 _____ () C:\Program Files\Acer\User Experience Improvement Program\Framework\AcrHttp.dll
2014-09-27 10:21 - 2014-05-14 00:17 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-04-29 02:38 - 2014-04-29 02:38 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 02:35 - 2014-04-29 02:35 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-29 02:42 - 2014-04-29 02:42 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-07-27 17:46 - 2015-07-27 17:46 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-09-27 10:26 - 2013-10-01 11:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-05-05 19:36 - 2015-05-05 19:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-05 19:36 - 2015-05-05 19:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-27 19:09 - 2015-07-27 19:09 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072701\algo.dll
2015-08-06 18:13 - 2015-08-06 18:13 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15080602\algo.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-24 00:29 - 2015-07-24 00:29 - 00044032 _____ () C:\Users\Ozan\AppData\Local\Virtual Balance\Bin\VirtualBalance.dll
2015-07-24 00:29 - 2015-07-24 00:29 - 00011776 _____ () C:\Users\Ozan\AppData\Local\Virtual Balance\Bin\buvnv.dll
2015-04-02 23:19 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-26 04:20 - 2015-03-26 04:20 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00641792 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-07-27 15:30 - 2015-07-27 15:30 - 00014176 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-07-23 16:08 - 2015-07-23 16:08 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-07-23 15:56 - 2015-07-23 15:56 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-09-27 10:44 - 2014-07-01 14:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-08-06 10:42 - 2015-07-31 08:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-06 10:42 - 2015-07-31 08:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
2015-08-06 10:42 - 2015-07-31 08:19 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\PepperFlash\pepflashplayer.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 00569856 _____ () C:\Users\Ozan\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 01400846 _____ () C:\Users\Ozan\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 00151054 _____ () C:\Users\Ozan\AppData\Local\Pokki\Engine\avutil-51.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 00222734 _____ () C:\Users\Ozan\AppData\Local\Pokki\Engine\avformat-54.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ozan\Downloads\10794_967666276581667_5929142102881307545_n.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{55D1DB7B-D233-4FE1-BC3A-F577037AA8D8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{F0739CF6-717C-4E27-8C4B-7BE1B5CED4BE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FE2B0FE3-9AD2-43AE-9084-2DA703B0BB36}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{165E9C41-863E-4843-87A1-D373977C956A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CC842ED4-080C-4DB9-AD58-4C4C32157B2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{35044DE4-84B9-40CD-B74C-9F8E2636CEEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A507EB41-B936-49F2-B247-B55761A06A2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8DD71C3E-3446-41C5-94DF-515938DF5DF6}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{065C2E02-AC39-4736-9396-235CF088210F}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{2E63BD46-4FCF-4F38-9927-F583111E9928}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{70244B0B-50FE-4C4A-9F43-CA8E0160C708}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{AB00773E-3190-42B8-8D06-D8C192C6F29A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{A1299EE3-DFA4-438C-98D2-EB04822C2B29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{29943677-89E1-46B1-AE70-001DA9A3F765}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{9D92C467-5B52-4D60-8241-C1136F0B2DB4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{D6C3A023-D5E3-4EDB-8C3D-25273C897720}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{4BC52FA5-45DF-4FBF-9B19-DEA03AB368B5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{0B668F20-C0BD-4963-A2E8-3B70FA91F395}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{5898B626-18C1-43FC-8E16-D2E9C93FEBB2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{9E648065-4A11-4916-90FE-0A5DC52149D8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{24EE9CC1-18DE-49C5-A144-F201919BEC7D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{D6A6F26F-0F72-4F8A-929B-5BCED2763FC6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BD6D2348-D091-4A92-9222-1039630CCB43}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E6CB79AA-F15E-40D6-BCD9-660F73FFCC36}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{5D217ABF-4351-4F45-A235-96016A9218AD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{61833547-6504-4F45-B5D1-6AD11CB28079}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{11167B0A-7D44-4FFB-9C8B-0F78DF905597}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8A002745-8A27-4B7B-9FD3-DA0EA55135F8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B989A157-F43F-4392-A4C3-5B01C360A7AE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5152FF08-BF90-4B33-AF93-BB1BC77772C1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{72D21A94-BE53-4057-87C1-A684AC3A8326}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D42AF74B-D281-4310-A980-B968376270AB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{373FCC02-F40D-4671-B1B2-0BD0329806C5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C9DA1F31-2CD8-4739-A960-0FE8541BC8DA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3F6DF947-A758-4AF8-A41A-E4A8332287EA}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{1BF2303D-60CB-45D6-8E5D-91D29BF9AA76}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{1231887E-6FC3-4C70-AA80-740127632CDA}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{C3C652D7-2A29-4FF6-8DE4-2F01DB6E2409}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{48263A8F-F393-4E50-B2C8-38C68DFFEE90}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{BEA58867-12B7-423E-B9B0-8715A6ADF86E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{2B128FCC-16EF-4F94-A10C-38EBAE48B28B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4538EF8B-3527-4F42-823E-91981763265D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{CA8E3206-404D-417A-BB48-4EC0EB33ADEF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{498D78B4-0E81-4E5D-813C-73A74DF90A67}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{96E4C284-9AC0-4ED9-85EC-41FEAF1BBD55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1B449DB0-A6AB-4D6E-9212-EDED68629977}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D83DA591-16F3-4E0E-80D6-1F5A8D4195F9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{251B6ADF-671C-4A71-AA20-C3445142CC94}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{201F366C-E3C1-4D79-B805-5969EC32AFE3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9FC0EE36-D971-4CEF-A676-A08016F03485}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1FF4DA1A-664F-46E3-97FE-0C40F3DA0661}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0BC60D6B-17EA-4708-9265-4E80FB7B3F61}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2235DB8C-4CCE-4123-AEA6-D4177CD8D6CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{71821A50-2B48-4A89-B967-55E377EC2845}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E502F0E1-67A5-43FA-90F1-70340D3D21BD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F6293C34-9031-4645-B056-3DBE2B19EA07}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{40CC7BF1-39E0-4511-8A79-E657F94D983F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{4940A758-DE41-4ACE-964D-7E77910E0998}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [TCP Query User{C1A4E692-557B-4DE1-ABE7-03FF7F3CEB6F}C:\users\ozan\appdata\local\temp\rar$exa0.246\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.246\bin\metin2client.bin
FirewallRules: [UDP Query User{CF681299-DF6D-4331-99BB-8185FA0629B3}C:\users\ozan\appdata\local\temp\rar$exa0.246\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.246\bin\metin2client.bin
FirewallRules: [TCP Query User{DD2CAE44-84F4-4BCC-9D47-9F09AE8024A1}C:\users\ozan\appdata\local\temp\rar$exa0.645\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.645\bin\metin2client.bin
FirewallRules: [UDP Query User{17758093-A6E4-4106-82C8-AC3AEA89C373}C:\users\ozan\appdata\local\temp\rar$exa0.645\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.645\bin\metin2client.bin
FirewallRules: [TCP Query User{A12B905E-BF6F-4FA4-B179-D9C377942073}C:\users\ozan\appdata\local\temp\rar$exa0.069\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.069\bin\metin2client.bin
FirewallRules: [UDP Query User{74646D6F-631F-4CA6-8479-5E1231C4ADC8}C:\users\ozan\appdata\local\temp\rar$exa0.069\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.069\bin\metin2client.bin
FirewallRules: [TCP Query User{68FF8560-407E-4322-8426-51BE88A866DB}C:\users\ozan\appdata\local\temp\rar$exa0.097\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.097\bin\metin2client.bin
FirewallRules: [UDP Query User{5B7D9FD9-36FC-4340-BF6A-531899090DDD}C:\users\ozan\appdata\local\temp\rar$exa0.097\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.097\bin\metin2client.bin
FirewallRules: [TCP Query User{D351E3AA-8E56-4B4D-B39C-4775A9E676A0}C:\users\ozan\appdata\local\temp\rar$exa0.850\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.850\bin\metin2client.bin
FirewallRules: [UDP Query User{29B758EE-23C0-4E12-BA0F-54751443215E}C:\users\ozan\appdata\local\temp\rar$exa0.850\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.850\bin\metin2client.bin
FirewallRules: [{49AB50FD-F3A5-4860-9412-3FB05A1B957C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{657F419A-BC17-47E7-9B29-B794BAC0FB44}] => (Allow) C:\Users\Ozan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C7A85A29-A4F2-4D5B-BDFD-34138B56D791}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{424C6EAD-EFDE-4BED-8AC1-9340003E6866}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{A60AD704-0059-4252-8738-886FBC76EC9C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{BF608455-62B7-492F-B4C7-2F69B0818F9D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{0FF9F3BB-F088-4C27-9611-A81A84AE0A3E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{BD080649-4A29-4680-B93C-28B5651DF254}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{6D1AE6B8-8988-4BC9-9D9F-0E202BD56136}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{F6F4A5D0-CF90-4213-91FF-F7EF85EBDC78}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{A6686359-861F-451F-9AE6-AF36378E78D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{55021BFF-B8B3-44B4-BF4A-FEE6070C84AB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C85D57DD-866D-48CC-BA44-C3F07697FF36}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A816CB84-1760-4B7D-95AB-2F806552FCFC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FAE8D91E-4336-4527-ACA6-1EE69176EBD0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{91FE3F17-2951-455B-BF2E-284439D3F40C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{17D855E0-54E4-4480-9D62-37065C4E3B6D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4B2BB5D6-A3FA-462B-B784-34176DAA25AB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7B240012-6CC1-40D0-9493-7AAA43E7A97E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{621D6A4E-84EA-42FB-B04D-3A0DF68432AB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5F5E17EA-BA36-4C1C-AE74-1C7DEC61EA7D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{64AA97B1-6931-486E-907C-2627E4EDDD17}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1F33CA14-6A76-4BB5-A751-A8912B4AB911}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A22E8C0C-63CD-4DE9-ABD7-41A4C9797669}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{59895188-5E94-4D3A-AFB9-6CA213C512E9}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{4617DE1C-3893-4BA0-851C-2517355F55B8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{73B3DFC6-BD7C-4A9E-8521-21A986E03FF8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{2E51566F-9E41-45F3-86A0-4697A7BA35C9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{04AFBD02-15CE-4278-B7E3-4103FD8EB3B3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F77C9B91-A9CF-4FA0-AB28-02DD0A070686}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3036C7A6-57F5-445E-BA36-9A125D273D1D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F4D0E936-A8C0-4740-A18A-A226AD6D0307}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{24DF9E34-15E0-482F-8437-BBADFFC07986}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{704725A5-7D00-407B-8F3D-095129E5D6AC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4DD9128B-27CB-47B1-BB94-AE8D3B85044A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB27F673-7774-4A0F-B7A1-4E6D32B18C65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7B3CB292-505B-432D-93AE-2EA47C7A2C05}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B623B51C-5942-43C1-86BE-D4FE8D9DD266}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FC903B26-CDDC-401F-B37B-24B1041A1A18}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{7A58F0B4-E62A-4CD7-9C62-9E435002D6AE}C:\users\ozan\appdata\local\temp\rar$exa0.715\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.715\bin\metin2client.bin
FirewallRules: [UDP Query User{D0057218-4DEF-4F2C-94F2-FF46B7D81B3D}C:\users\ozan\appdata\local\temp\rar$exa0.715\bin\metin2client.bin] => (Allow) C:\users\ozan\appdata\local\temp\rar$exa0.715\bin\metin2client.bin
FirewallRules: [TCP Query User{EEE547CD-2FD0-464F-9424-7EA5F85DBEB1}C:\users\ozan\desktop\metin2\bin\metin2client.bin] => (Allow) C:\users\ozan\desktop\metin2\bin\metin2client.bin
FirewallRules: [UDP Query User{9BCD8E80-2F83-4FA9-B8FE-2CB7F5BE16F7}C:\users\ozan\desktop\metin2\bin\metin2client.bin] => (Allow) C:\users\ozan\desktop\metin2\bin\metin2client.bin
FirewallRules: [{5A18E5C7-EEE3-4A77-974A-94AE1D2B4F44}] => (Allow) LPort=67
FirewallRules: [{2BD577DF-4305-4CA0-B321-5FA857B659DF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F22FFE84-68E0-4CDC-8948-DC98763A6098}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A62CD0B2-A22F-48FB-807D-238D3CDBDB80}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{123A0470-F0EC-41BE-BBDD-0C8547EE8422}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EF5BB884-E3ED-4E7A-BE6F-1F2D09A6ED48}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C1EFB5B1-5046-4EA3-86C1-8E458DB7F74D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{693A02FF-FA58-454C-A350-05C917FECA8B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5AF6874F-9503-4DFD-8BBC-289207E5F295}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F4EC95BC-A62C-4C92-A3CF-0C545A6C7710}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{79307C63-4787-449E-8BAB-2B3335EE15E7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AA2C4432-D477-4644-B191-3F12F3B57168}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{21C14F90-F39E-4F11-A2AF-F360E8D7E402}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B2353746-A16D-44EF-B996-3EC70461F1DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F81D940-ECB6-4D84-B3F2-B62A0A6382D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{10ED0639-4746-4753-AD6A-5A84BD0B0261}] => (Allow) LPort=67
FirewallRules: [{968F6FAB-2506-4D70-9860-52EFEA8756FC}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{2BD120B6-432E-4F80-85A8-2D7039DE43EB}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{AA2A553B-94C9-4A12-AE1F-1B8264E1E6B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{65D65EE3-7628-4EB4-A648-BA79C7A4FB23}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7D197C4C-33FB-4B02-9706-8C83A734FDC8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{13FAC396-63B3-4B69-B70C-9E310883D275}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9DF63072-2C67-4FCE-9436-A1A473FE8F3E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{22BE1355-8B44-4B5D-9734-B787FAD75AD0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9D63CE3B-A749-4B3D-A7F6-2E8DDBBC7CC3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7C78367A-6E2A-4E2D-BDFF-FD92A11D3791}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3CBB0ED5-3EBA-4548-94C9-CEDED30DD8EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3A35A20C-6396-4C4F-886C-0B00B0FB2C31}] => (Allow) C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
FirewallRules: [{8D680C29-9C1A-481E-98BE-A87FC63D4841}] => (Allow) C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
FirewallRules: [{D9346C9F-1B11-47B8-A8C2-922B9711AFAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B902346A-8892-43BB-96E5-6C6FF82A9FF4}] => (Allow) C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
FirewallRules: [{3C73D9C9-C8DD-4093-BA93-286C8F0E9DB3}] => (Allow) C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/06/2015 06:31:18 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/06/2015 06:08:50 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (08/06/2015 05:58:52 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (08/06/2015 11:07:47 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (08/06/2015 09:57:18 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/06/2015 09:57:13 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (08/05/2015 08:55:57 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (08/05/2015 03:21:07 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/05/2015 03:06:43 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (08/05/2015 02:56:44 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]


Systemfehler:
=============
Error: (08/06/2015 06:10:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home

Error: (08/05/2015 09:06:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home

Error: (08/05/2015 04:49:59 PM) (Source: DCOM) (EventID: 10010) (User: OZAAN)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/05/2015 04:49:17 PM) (Source: DCOM) (EventID: 10010) (User: OZAAN)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/04/2015 09:40:29 PM) (Source: DCOM) (EventID: 10010) (User: OZAAN)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/04/2015 09:39:59 PM) (Source: DCOM) (EventID: 10010) (User: OZAAN)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/04/2015 04:28:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home

Error: (08/03/2015 07:44:19 AM) (Source: DCOM) (EventID: 10010) (User: OZAAN)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/03/2015 07:44:19 AM) (Source: DCOM) (EventID: 10010) (User: OZAAN)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/03/2015 07:44:14 AM) (Source: DCOM) (EventID: 10010) (User: OZAAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2015-05-28 00:20:19.328
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 35%
Total physical RAM: 8115.27 MB
Available physical RAM: 5243.36 MB
Total Virtual: 9811.27 MB
Available Virtual: 4958.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:914.33 GB) (Free:809.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 775AB4FA)

Partition: GPT Partition Type.

==================== Ende von log ============================

--- --- ---

Code:

ATTFilter

FRST.txt

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:06-08-2015
durchgeführt von Ozan (Administrator) auf OZAAN (06-08-2015 18:51:31)
Gestartet von C:\Users\Ozan\Desktop
Geladene Profile: Ozan (Verfügbare Profile: Ozan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Pure Networks, Inc.) C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Pokki) C:\Users\Ozan\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Pure Networks, Inc.) C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Pokki) C:\Users\Ozan\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Pokki) C:\Users\Ozan\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Ozan\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Ozan\AppData\Local\Pokki\Engine\HostAppService.exe
(Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{352A9762-2418-9146-A58E-E289CDB58D49}\YSearchUtilSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [nmapp] => C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe [321088 2007-03-14] (Pure Networks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-07-27] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-09-27] (Spotify Ltd)
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-07-27] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-11-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-07-23] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-07-23] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-07-23] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-05] (Avast Software s.r.o.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3364150796-1208467441-1766990213-1001 -> DefaultScope {C83341A1-ACD0-40C1-8667-8D8CC9E1F438} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3364150796-1208467441-1766990213-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M7FA20D76-834B-43AC-81EF-44957626005E&SearchSource=58&CUI=&UM=6&UP=SPEE4CF386-F0E8-4BCA-BD11-287D2398EAC3&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3364150796-1208467441-1766990213-1001 -> {3781441A-3D96-4966-9EA1-9B2AA22337D4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-3364150796-1208467441-1766990213-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3364150796-1208467441-1766990213-1001 -> {C83341A1-ACD0-40C1-8667-8D8CC9E1F438} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3364150796-1208467441-1766990213-1001 -> {DC7CB0A4-04A9-11E5-826D-206A8A9E04CA} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3364150796-1208467441-1766990213-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3364150796-1208467441-1766990213-1001 -> {F437D8EF-D372-11E4-8269-206A8A9E04CA} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-26] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  Keine Datei
BHO-x32: No Name -> {0025320D-4D37-4C73-9A5C-0C28F04068A3} -> C:\Users\Ozan\AppData\LocalLow\IE-BHO\bho.dll [2014-10-01] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-26] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-06] (Oracle Corporation)
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  Keine Datei
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\puresp3.dll [2007-03-14] (Pure Networks, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{442DC8CB-28B4-45D6-B5B3-B7C39BDC7B62}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{48E59AC2-D8C3-4706-8529-16A29CEC87B4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D98E06E7-CA8D-434E-8CBD-43C695281104}: [DhcpNameServer] 172.20.10.1

FireFox:
========
FF ProfilePath: C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default
FF SelectedSearchEngine: Web Search
FF Homepage: https://de.yahoo.com/?fr=yset_ff_syc_oracle&type=orcl_hpset
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-29] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [Keine Datei]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF user.js: detected! => C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\user.js [2014-11-27]
FF SearchPlugin: C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\searchplugins\11-suche.xml [2014-11-27]
FF SearchPlugin: C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\searchplugins\englische-ergebnisse.xml [2014-11-27]
FF SearchPlugin: C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\searchplugins\gmx-suche.xml [2014-11-27]
FF SearchPlugin: C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\searchplugins\lastminute.xml [2014-11-27]
FF SearchPlugin: C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\searchplugins\trovi-search.xml [2014-12-16]
FF SearchPlugin: C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\searchplugins\Web Search.xml [2015-07-24]
FF SearchPlugin: C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\searchplugins\webde-suche.xml [2014-11-27]
FF Extension: Web Security Fx - C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\Extensions\antiphising@foxy-foxi.com [2014-11-27]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-30]
FF Extension: New Tab by Yahoo - C:\Users\Ozan\AppData\Roaming\Mozilla\Firefox\Profiles\2hge5hfb.default\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-06-22]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-11-30]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-26]
FF HKU\S-1-5-21-3364150796-1208467441-1766990213-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-30]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ACHTUNG

Chrome: 
=======
CHR Profile: C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-26]
CHR Extension: (YouTube) - C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google Search) - C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-26]
CHR Extension: (Google Sheets) - C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (SiteAdvisor) - C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-03-26]
CHR Extension: (Avast Online Security) - C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-26]
CHR Extension: (Gmail) - C:\Users\Ozan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-26]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-26]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0229061438352342mcinstcleanup; C:\Windows\TEMP\022906~1.EXE [883024 2015-05-04] (McAfee, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-05] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-05] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-07-21] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
S3 nmraapache; C:\Program Files (x86)\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [12800 2007-03-14] (Pure Networks, Inc.) [Datei ist nicht signiert]
R2 nmservice; C:\Program Files (x86)\Pure Networks\Network Magic\nmsrvc.exe [321088 2007-03-14] (Pure Networks, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{352A9762-2418-9146-A58E-E289CDB58D49}\YSearchUtilSvc.exe [152344 2015-06-29] (Yahoo Inc.)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-05] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-07-27] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 SPPD; C:\Windows\system32\drivers\SPPD.sys [21976 2015-03-26] ()
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-05] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-06 18:51 - 2015-08-06 18:51 - 00031137 _____ C:\Users\Ozan\Desktop\FRST.txt
2015-08-06 18:39 - 2015-08-06 18:51 - 00000000 ____D C:\FRST
2015-08-06 18:32 - 2015-08-06 18:32 - 02170368 _____ (Farbar) C:\Users\Ozan\Desktop\FRST64.exe
2015-08-06 18:13 - 2015-08-06 18:13 - 00000000 ____D C:\Users\Ozan\AppData\Local\YSearchUtil
2015-08-06 18:13 - 2015-08-06 18:13 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-08-06 18:06 - 2015-08-06 18:06 - 00003200 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2015-07-30 00:27 - 2015-07-30 00:27 - 00002001 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-07-30 00:23 - 2015-07-30 00:23 - 00001969 _____ C:\Users\Public\Desktop\abDocs.lnk
2015-07-28 18:21 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-27 15:30 - 2015-07-27 15:30 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2015-07-27 15:29 - 2015-07-27 15:30 - 00002028 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-07-24 00:29 - 2015-08-01 20:02 - 00003220 _____ C:\Windows\System32\Tasks\Pokki
2015-07-24 00:29 - 2015-07-24 00:29 - 00003070 _____ C:\Windows\System32\Tasks\Virtual Balance
2015-07-24 00:29 - 2015-07-24 00:29 - 00000000 ____D C:\Users\Ozan\AppData\Local\Virtual Balance
2015-07-22 20:46 - 2015-07-27 15:30 - 00003352 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2015-07-22 20:44 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 20:44 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-22 20:44 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-22 20:44 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 20:42 - 2015-07-22 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-22 20:42 - 2015-07-22 20:42 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-15 23:18 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 23:18 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 23:18 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 23:18 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 23:18 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 23:18 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 23:18 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 23:18 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 23:18 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-15 23:18 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 23:18 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 23:18 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 23:18 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 23:18 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 23:18 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 23:18 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 23:18 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 23:18 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 23:18 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 23:18 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 23:18 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 23:18 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-15 23:18 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 23:18 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 23:18 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 23:18 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 23:18 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 23:18 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-15 23:18 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-15 23:18 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-15 23:18 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-15 23:18 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-15 23:18 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-15 23:18 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-15 23:17 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 23:17 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 22:41 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 22:41 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 22:41 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 22:41 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 22:41 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 22:41 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 22:41 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 22:41 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 22:41 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 22:41 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 22:41 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 22:41 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 22:41 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 22:41 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 22:41 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 22:41 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 22:41 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 22:41 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 22:41 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 22:41 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 22:41 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 22:41 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 22:41 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 22:41 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 22:41 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 22:40 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 22:40 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 22:40 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 22:40 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 22:40 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 22:40 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 22:40 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 22:40 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 22:40 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 22:40 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 22:40 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 22:40 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 22:40 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 22:40 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 22:40 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 22:40 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 22:40 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 22:40 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 22:40 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 22:40 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 22:39 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 22:39 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 22:39 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 22:39 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 22:39 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 22:39 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 22:39 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 22:39 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 22:39 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 22:39 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 22:39 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 22:39 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 22:39 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 22:39 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 22:39 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 22:39 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 22:39 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 22:39 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 22:39 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 22:39 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 22:39 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 22:39 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 22:39 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 22:39 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 22:39 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 22:39 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 22:39 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 22:39 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 22:39 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 22:39 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 22:39 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 22:39 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 22:39 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 22:39 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 22:39 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 22:39 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 22:39 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 22:39 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 22:39 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 22:39 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 22:39 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 21:33 - 2015-08-06 18:01 - 00000000 ___RD C:\Users\Ozan\Desktop\MUSIK BABY
2015-07-15 21:27 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-13 15:28 - 2015-07-13 15:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-07-13 15:21 - 2015-07-13 15:22 - 11902236 _____ C:\Users\Ozan\Downloads\CopyTransManagerv1.019_DLC.zip
2015-07-13 15:20 - 2015-07-13 15:23 - 00000000 ____D C:\ProgramData\WindSolutions
2015-07-13 15:20 - 2015-07-13 15:22 - 00000000 ____D C:\Users\Ozan\AppData\Roaming\WindSolutions
2015-07-13 15:18 - 2015-07-13 15:19 - 05866144 _____ (WindSolutions) C:\Users\Ozan\Downloads\Install_CopyTransControlCenter.exe
2015-07-13 14:58 - 2015-07-18 22:13 - 00002631 _____ C:\Users\Ozan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Farmerama.lnk
2015-07-13 14:58 - 2015-07-13 14:58 - 00002593 _____ C:\Users\Ozan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grepolis.lnk
2015-07-13 14:58 - 2015-07-13 14:58 - 00002535 _____ C:\Users\Ozan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Big Farm.lnk
2015-07-13 14:58 - 2015-07-13 14:58 - 00002513 _____ C:\Users\Ozan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bejeweled Blitz.lnk
2015-07-13 14:58 - 2015-07-13 14:58 - 00002379 _____ C:\Users\Ozan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Empire.lnk
2015-07-13 14:58 - 2015-07-13 14:58 - 00002371 _____ C:\Users\Ozan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dragons of Atlantis.lnk
2015-07-13 14:56 - 2015-07-13 14:56 - 00016896 ___SH C:\Users\Ozan\Desktop\Thumbs.db
2015-07-13 14:48 - 2015-07-13 14:49 - 00000000 ____D C:\Users\Ozan\AppData\Roaming\Apple Computer
2015-07-13 14:48 - 2015-07-13 14:48 - 00001769 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-13 14:48 - 2015-07-13 14:48 - 00000000 ____D C:\Users\Ozan\AppData\Local\Apple Computer
2015-07-13 14:48 - 2015-07-13 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-13 14:48 - 2015-07-13 14:48 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-13 14:48 - 2015-07-13 14:48 - 00000000 ____D C:\Program Files\iTunes
2015-07-13 14:48 - 2015-07-13 14:48 - 00000000 ____D C:\Program Files\iPod
2015-07-13 14:48 - 2015-07-13 14:48 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-13 14:41 - 2015-07-13 14:41 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-07-13 14:41 - 2015-07-13 14:41 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-07-13 14:41 - 2015-07-13 14:41 - 00000000 ____D C:\Users\Ozan\AppData\Local\Apple
2015-07-13 14:41 - 2015-07-13 14:41 - 00000000 ____D C:\Program Files\Bonjour
2015-07-13 14:41 - 2015-07-13 14:41 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-07-13 14:41 - 2015-07-13 14:41 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-07-13 14:40 - 2015-07-13 14:48 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-13 14:40 - 2015-07-13 14:41 - 00000000 ____D C:\ProgramData\Apple
2015-07-13 14:38 - 2015-07-13 14:39 - 155834672 _____ (Apple Inc.) C:\Users\Ozan\Downloads\itunes6464setup.exe
2015-07-13 13:57 - 2015-07-13 13:57 - 14246072 _____ (BlueStack Systems Inc.) C:\Users\Ozan\Downloads\BlueStacks-ThinInstaller.exe
2015-07-13 13:52 - 2015-07-13 14:26 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2015-07-13 13:52 - 2015-07-13 13:52 - 00001717 _____ C:\Users\Ozan\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2015-07-13 13:46 - 2015-07-13 13:57 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-13 13:46 - 2015-07-13 13:46 - 01198368 _____ C:\Users\Ozan\Downloads\BlueStacks App Player - CHIP-Installer.exe
2015-07-10 19:28 - 2015-08-01 22:33 - 00000000 ___HD C:\$Windows.~BT
2015-07-07 18:23 - 2015-07-16 00:03 - 00000000 ___RD C:\Users\Ozan\Desktop\GAMES

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-06 18:43 - 2014-11-27 04:26 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3364150796-1208467441-1766990213-1001
2015-08-06 18:41 - 2015-03-26 04:20 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-06 18:37 - 2014-11-26 23:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-06 18:21 - 2014-09-27 11:01 - 01963183 _____ C:\Windows\WindowsUpdate.log
2015-08-06 18:12 - 2014-11-27 04:20 - 00000000 ____D C:\Users\Ozan\AppData\Local\Pokki
2015-08-06 18:11 - 2014-11-27 22:01 - 00000000 ____D C:\ProgramData\Oracle
2015-08-06 18:10 - 2014-12-21 01:43 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-06 18:10 - 2014-12-21 01:42 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-06 18:04 - 2014-11-27 04:34 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{71641A11-139A-4C78-B562-247B41A69BA5}
2015-08-06 18:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-06 18:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-06 18:00 - 2014-11-27 21:57 - 00000000 __SHD C:\Users\Ozan\AppData\Local\EmieBrowserModeList
2015-08-06 18:00 - 2014-11-27 04:34 - 00000000 __SHD C:\Users\Ozan\AppData\Local\EmieUserList
2015-08-06 18:00 - 2014-11-27 04:34 - 00000000 __SHD C:\Users\Ozan\AppData\Local\EmieSiteList
2015-08-06 17:59 - 2015-04-02 23:17 - 00000680 _____ C:\Windows\Tasks\web_disco_updating_service.job
2015-08-06 17:59 - 2015-03-26 04:20 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-06 17:59 - 2014-11-30 15:37 - 00003104 _____ C:\Windows\Tasks\fb361c4d-71e0-4961-a784-2cbee129581d-1.job
2015-08-06 17:59 - 2014-11-30 15:37 - 00002438 _____ C:\Windows\Tasks\fb361c4d-71e0-4961-a784-2cbee129581d-5_user.job
2015-08-06 17:59 - 2014-11-30 15:37 - 00002438 _____ C:\Windows\Tasks\fb361c4d-71e0-4961-a784-2cbee129581d-5.job
2015-08-06 17:59 - 2014-09-27 10:30 - 00195643 _____ C:\Windows\SysWOW64\Gms.log
2015-08-06 10:42 - 2015-03-26 04:21 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-06 10:14 - 2014-09-27 10:32 - 00000000 ____D C:\ProgramData\Acer
2015-08-04 16:24 - 2014-11-26 22:43 - 00000000 ____D C:\Users\Ozan\AppData\Local\CrashDumps
2015-08-02 16:27 - 2014-11-26 22:59 - 00665600 ___SH C:\Users\Ozan\Downloads\Thumbs.db
2015-08-02 01:52 - 2014-11-27 04:23 - 00002315 _____ C:\Users\Ozan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-08-01 22:45 - 2014-07-14 20:34 - 00000000 ____D C:\Windows\Panther
2015-07-31 16:18 - 2014-07-14 19:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-07-30 20:42 - 2014-09-27 19:30 - 00765582 _____ C:\Windows\system32\perfh007.dat
2015-07-30 20:42 - 2014-09-27 19:30 - 00159366 _____ C:\Windows\system32\perfc007.dat
2015-07-30 20:42 - 2014-03-18 12:03 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-30 00:27 - 2014-09-27 10:32 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-07-30 00:23 - 2014-11-27 04:21 - 00000000 ____D C:\Users\Ozan\AppData\Local\clear.fi
2015-07-30 00:22 - 2015-03-26 04:21 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-30 00:22 - 2014-09-27 10:32 - 00000000 ____D C:\Program Files (x86)\Acer
2015-07-28 18:42 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-27 22:15 - 2013-08-22 16:46 - 00074600 _____ C:\Windows\setupact.log
2015-07-27 22:14 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-27 22:13 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-27 19:25 - 2014-11-29 19:19 - 00003088 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3364150796-1208467441-1766990213-1001
2015-07-27 19:25 - 2014-11-29 19:19 - 00000000 ___RD C:\Users\Ozan\OneDrive
2015-07-27 15:30 - 2014-07-14 20:33 - 00000000 ___HD C:\OEM
2015-07-25 18:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-25 14:59 - 2015-04-17 23:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 14:53 - 2013-08-22 16:44 - 00497096 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-25 14:52 - 2014-03-18 11:54 - 00321966 _____ C:\Windows\PFRO.log
2015-07-22 21:01 - 2014-11-29 19:16 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-22 20:42 - 2014-11-26 23:05 - 00001954 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-07-22 20:42 - 2014-11-26 23:05 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-18 04:23 - 2015-04-17 23:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 07:27 - 2014-12-20 20:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 07:27 - 2014-12-03 23:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-16 07:27 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-16 07:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-16 07:26 - 2014-11-27 04:20 - 00000000 ____D C:\Users\Ozan
2015-07-16 00:22 - 2014-11-27 02:23 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 21:55 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-07-15 21:37 - 2014-11-26 23:05 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 21:36 - 2015-03-26 04:20 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 21:36 - 2015-03-26 04:20 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-13 23:10 - 2015-06-12 15:13 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2015-06-12 15:13 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-13 14:28 - 2014-11-27 04:27 - 00000000 ____D C:\Users\Ozan\AppData\Roaming\Spotify
2015-07-13 14:28 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-07 18:15 - 2014-11-29 19:35 - 00000000 ____D C:\Users\Ozan\Desktop\Muster Bewerbungen

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Ozan\AppData\Roaming\2eWJ8ebRw
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Ozan\AppData\Roaming\IQdpvKbty2GR6xG1g4aM
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Ozan\AppData\Roaming\l8Eneotyk6nqimcG07L8in
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Ozan\AppData\Roaming\vRm6vzCso9xT8
2014-09-27 10:27 - 2014-09-27 10:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Ozan\AppData\Local\Temp\10331.exe
C:\Users\Ozan\AppData\Local\Temp\10717.exe
C:\Users\Ozan\AppData\Local\Temp\16140.exe
C:\Users\Ozan\AppData\Local\Temp\16253.exe
C:\Users\Ozan\AppData\Local\Temp\2815.exe
C:\Users\Ozan\AppData\Local\Temp\29710.exe
C:\Users\Ozan\AppData\Local\Temp\29756.exe
C:\Users\Ozan\AppData\Local\Temp\31749.exe
C:\Users\Ozan\AppData\Local\Temp\7697.exe
C:\Users\Ozan\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Ozan\AppData\Local\Temp\FreeYouTubeDownload.exe
C:\Users\Ozan\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Ozan\AppData\Local\Temp\oct22F5.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\oct2A91.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\oct45E6.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\oct51DC.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\oct5732.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\oct5F29.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\oct7CEA.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\oct82E3.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\octA627.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\octA7F9.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\octB80E.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\octB934.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\octBB8D.tmp.exe
C:\Users\Ozan\AppData\Local\Temp\SPSetup.exe
C:\Users\Ozan\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-04 19:50

==================== Ende von log ============================

--- --- ---

Zitat:

Zitat von schrauber

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Hast du etwas bekommen ?

schrauber · 07.08.2015, 14:52

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Foxy Secure

Radio Canyon
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Windows 8.1 64bit Trojaner wohlmöglich

Log-Analyse und Auswertung: Windows 8.1 64bit Trojaner wohlmöglich