Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 8.1: FPS aufeinmal gesunken und Trojaner. (https://www.trojaner-board.de/162492-windows-8-1-fps-aufeinmal-gesunken-trojaner.html)

Splasher 05.01.2015 23:00
Windows 8.1: FPS aufeinmal gesunken und Trojaner.
 
Hallo zusammen,
Ich wollte heute mal wieder ein bisschen an meinem Laptop zocken, was aber nicht funktioniert hat, da die FPS so gering waren, dass ich nichts machen konnte. Vorher liefen die Spiele auf normalen Einstellungen noch flüssig und jetzt habe ich selbst mit niedrigen Einstellungen nur sehr geringe FPS. Ich bin mir nicht sicher woher das kommt, es könnte sein dass dies durch einen Trojaner entstanden ist, da mir vorher von meinem AV Programm ein Trojaner angezeigt wurde, den ich dann auch entfernt hatte, am nächsten Tag hatte ich jedoch wieder den selben Trojaner. Außerdem hatte ich bei Chrome einen PUP Virus, den ich auch nicht so wirklich entfernt bekommen habe.
Wenn ich z.B. einen Virenscan mache wird mir zwar manchmal solch ein Virus angezeigt, und ich entferne diesen dann auch, jedoch wird er mir danach meist immernoch angezeigt.
Ich weiß deshalb nun nicht was ich machen soll, und hoffe auf Hilfe.
Vielen Dank schonmal für eure Mühe.
LG
Splasher

schrauber 06.01.2015 00:13
hi,

du meinst wohl eher hohe fps oder?


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Splasher 06.01.2015 03:28
ne ich habe eben niedrige FPS, sodass ich z.B. Spiele gar nicht mehr spielen kann.
Ich mache jetzt mal den Scan, werde die Ergebnisse gleich hier posten.

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Simeon (administrator) on PC-192-168-2-11 on 06-01-2015 00:27:42
Running from C:\Users\Simeon\Downloads
Loaded Profiles: Simeon &  (Available profiles: Simeon)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-03] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] ( (Atheros Communications))
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [Spotify Web Helper] => C:\Users\Simeon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095328 2014-09-16] (Nota Inc.)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Simeon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095328 2014-09-16] (Nota Inc.)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify Web Helper] => C:\Users\Simeon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095328 2014-09-16] (Nota Inc.)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-10-16] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174856 2014-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156840 2014-10-16] (NVIDIA Corporation)
Startup: C:\Users\Simeon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002 -> DefaultScope {0278007E-B36C-4AAD-B44E-FC4E335C9207} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140527&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002 -> {0278007E-B36C-4AAD-B44E-FC4E335C9207} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140527&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002 -> {25ED8489-9D47-4ADD-AD9B-F4074B21DD47} URL =
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0278007E-B36C-4AAD-B44E-FC4E335C9207} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140527&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {25ED8489-9D47-4ADD-AD9B-F4074B21DD47} URL =
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0278007E-B36C-4AAD-B44E-FC4E335C9207} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140527&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {0278007E-B36C-4AAD-B44E-FC4E335C9207} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140527&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {25ED8489-9D47-4ADD-AD9B-F4074B21DD47} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Simeon\AppData\Roaming\Mozilla\Firefox\Profiles\3ev5xb2x.default
FF NetworkProxy: "socks", "46.165.193.67"
FF NetworkProxy: "socks_port", 7408
FF SelectedSearchEngine: Microsoft (Bing)
FF DefaultSearchEngine: Microsoft (Bing)
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF Keyword.URL: hxxp://www.bing.com/search
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF NewTab: about:newtab
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Simeon\AppData\Roaming\Mozilla\Firefox\Profiles\3ev5xb2x.default\searchplugins\bing-avast.xml
FF Extension: Avira Browser Safety - C:\Users\Simeon\AppData\Roaming\Mozilla\Firefox\Profiles\3ev5xb2x.default\Extensions\abs@avira.com [2014-12-10]
FF Extension: Adblock Plus - C:\Users\Simeon\AppData\Roaming\Mozilla\Firefox\Profiles\3ev5xb2x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-08-02]
FF HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "", "https://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8", "hxxp://search.gboxapp.com/?aff=p"
CHR Profile: C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (Adblock Plus) - C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-05]
CHR Extension: (Google Wallet) - C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Simeon\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [Not Found]
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Simeon\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-03] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-05] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-03] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R4 avkmgr; \SystemRoot\system32\DRIVERS\avkmgr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 00:27 - 2015-01-06 00:29 - 00031211 _____ () C:\Users\Simeon\Downloads\FRST.txt
2015-01-06 00:27 - 2015-01-06 00:28 - 00000000 ____D () C:\FRST
2015-01-06 00:26 - 2015-01-06 00:26 - 02123776 _____ (Farbar) C:\Users\Simeon\Downloads\FRST64.exe
2015-01-05 22:40 - 2015-01-05 22:40 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2015-01-05 22:38 - 2015-01-05 22:38 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-05 22:38 - 2015-01-05 22:38 - 00000000 _____ () C:\WINDOWS\setupact.log
2015-01-05 20:22 - 2015-01-05 20:23 - 00014698 _____ () C:\WINDOWS\DirectX.log
2015-01-05 20:04 - 2015-01-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-05 19:16 - 2015-01-05 19:31 - 00000000 ____D () C:\Users\Simeon\Desktop\Simeon Musik
2015-01-05 18:28 - 2015-01-05 18:28 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-05 18:28 - 2015-01-05 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-05 18:27 - 2015-01-05 23:32 - 00001142 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-05 18:27 - 2015-01-05 18:32 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 18:27 - 2015-01-05 18:27 - 00004114 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-05 18:27 - 2015-01-05 18:27 - 00003878 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-05 18:26 - 2015-01-05 18:26 - 00000000 ____D () C:\Users\Simeon\AppData\Local\Deployment
2015-01-05 04:52 - 2015-01-05 04:52 - 00000591 _____ () C:\Users\Simeon\Downloads\hosts.zip
2015-01-05 00:55 - 2015-01-05 01:31 - 00000000 ____D () C:\AdwCleaner
2015-01-05 00:53 - 2015-01-05 00:53 - 02173952 _____ () C:\Users\Simeon\Downloads\adwcleaner_4.106.exe
2015-01-04 20:55 - 2015-01-04 20:55 - 00005056 _____ () C:\Users\Simeon\Downloads\bibanator config Dezember 2014 (1).rar
2014-12-30 16:49 - 2014-12-30 18:22 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Bioshock
2014-12-30 16:49 - 2014-12-30 17:09 - 00000000 ____D () C:\Users\Simeon\Documents\Bioshock
2014-12-25 01:58 - 2014-12-25 02:00 - 77895545 _____ () C:\Users\Simeon\Downloads\Jesus-hasst-dich.zip
2014-12-20 15:35 - 2015-01-05 00:23 - 00000000 ____D () C:\Users\Simeon\AppData\Local\LogMeIn Hamachi
2014-12-20 15:34 - 2014-12-20 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-20 15:34 - 2014-12-20 15:34 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-20 15:32 - 2014-12-20 15:32 - 08536064 _____ () C:\Users\Simeon\Downloads\hamachi291.msi
2014-12-19 16:14 - 2014-12-19 16:14 - 00000000 __SHD () C:\Users\Simeon\AppData\Local\EmieBrowserModeList
2014-12-19 16:08 - 2014-12-19 16:08 - 00005056 _____ () C:\Users\Simeon\Downloads\bibanator config Dezember 2014.rar
2014-12-19 14:31 - 2014-12-19 14:31 - 00000221 _____ () C:\Users\Simeon\Desktop\Mass Effect.url
2014-12-16 15:52 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-16 15:52 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-12-12 16:18 - 2014-12-12 16:18 - 08536064 _____ () C:\Users\Simeon\Downloads\hamachi279 (1).msi
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () C:\ProgramData\pkpdklpmmnaojfeffaoemacdnlgnfbpd
2014-12-12 14:50 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-12 14:50 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 00:37 - 2014-12-12 00:37 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-11 15:47 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 15:47 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 15:47 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 15:47 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 00:01 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-11 00:01 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-11 00:01 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 00:01 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 00:01 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 00:01 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 00:01 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 00:01 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 00:01 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 00:01 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 00:00 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 00:00 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 00:00 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 00:00 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 00:00 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 00:00 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 00:00 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 00:00 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 00:00 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 00:00 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 00:00 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 00:00 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 00:00 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 00:00 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 00:00 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 00:00 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 00:00 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 00:00 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 00:00 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 00:00 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 00:00 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 00:00 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 00:00 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 00:00 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 00:00 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 00:00 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 00:00 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 00:00 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 00:00 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 00:00 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 00:00 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 00:00 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 00:00 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 00:00 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 00:00 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 00:00 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 00:00 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 00:00 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 00:00 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 00:29 - 2014-05-25 18:55 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Skype
2015-01-06 00:19 - 2014-11-20 00:22 - 01639451 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-06 00:18 - 2014-03-18 11:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-06 00:18 - 2014-03-18 10:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-06 00:18 - 2014-03-18 10:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-06 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-05 23:25 - 2014-09-03 22:23 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 22:43 - 2014-05-25 19:51 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\.minecraft
2015-01-05 22:42 - 2014-05-25 18:12 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2194020832-3275982821-4177272209-1002
2015-01-05 22:41 - 2014-09-26 20:24 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-05 22:37 - 2014-06-10 00:41 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-05 20:23 - 2014-05-25 19:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-05 18:28 - 2014-05-25 18:16 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-05 14:37 - 2014-07-18 15:35 - 00000000 ___DO () C:\Users\Simeon\OneDrive
2015-01-05 14:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-05 01:46 - 2014-09-26 20:35 - 00000000 ____D () C:\Users\Simeon\AppData\Local\AviraSpeedup
2015-01-05 01:40 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-05 01:39 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-05 01:39 - 2013-08-22 15:44 - 00362792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-05 01:38 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-04 18:32 - 2014-05-30 20:12 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Spotify
2015-01-04 18:28 - 2014-05-25 18:21 - 00000000 ____D () C:\Users\Simeon\AppData\Local\clear.fi
2015-01-04 02:47 - 2014-07-24 17:07 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{84A861DF-DBA4-44D4-A2E4-B064A3A08795}
2015-01-03 13:55 - 2014-05-25 18:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-03 13:55 - 2014-05-25 18:55 - 00000000 ____D () C:\ProgramData\Skype
2015-01-02 03:00 - 2014-07-16 20:13 - 00000000 ____D () C:\Users\Simeon\Desktop\YouTuber
2015-01-02 02:00 - 2014-06-13 21:07 - 00000000 ___RD () C:\Users\Simeon\Desktop\blah
2014-12-30 19:57 - 2014-05-30 20:12 - 00000000 ____D () C:\Users\Simeon\AppData\Local\Spotify
2014-12-30 16:54 - 2014-10-30 21:01 - 00000220 _____ () C:\Users\Simeon\Desktop\BioShock.url
2014-12-27 18:06 - 2014-06-08 22:40 - 01028096 ___SH () C:\Users\Simeon\Downloads\Thumbs.db
2014-12-25 21:49 - 2014-09-03 22:44 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-25 21:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\ADFS
2014-12-25 21:13 - 2013-08-02 16:04 - 00000000 ____D () C:\WINDOWS\oem
2014-12-20 14:42 - 2014-09-22 22:47 - 00000004 _____ () C:\Users\Simeon\AppData\Roaming\appdataFr2.bin
2014-12-19 16:13 - 2014-05-25 19:41 - 01664512 ___SH () C:\Users\Simeon\Desktop\Thumbs.db
2014-12-18 15:59 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-14 19:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-14 01:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-12 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 00:37 - 2014-07-13 12:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 00:37 - 2014-05-27 20:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-12 00:37 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 00:37 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-12 00:34 - 2014-05-27 20:30 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-11 16:18 - 2014-08-08 21:08 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-11 16:18 - 2014-08-08 21:08 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-08 01:21 - 2014-09-03 23:04 - 00000000 ___RD () C:\Users\Simeon\Dropbox
2014-12-07 14:35 - 2014-07-10 21:42 - 00000000 ____D () C:\Users\Simeon\Documents\Bluetooth Folder
2014-12-07 14:02 - 2014-09-03 22:57 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Dropbox
2014-12-07 13:27 - 2014-09-03 23:04 - 00001081 _____ () C:\Users\Simeon\Desktop\Dropbox.lnk
2014-12-07 13:27 - 2014-09-03 23:01 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Some content of TEMP:
====================
C:\Users\Simeon\AppData\Local\Temp\avgnt.exe
C:\Users\Simeon\AppData\Local\Temp\Quarantine.exe
C:\Users\Simeon\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-05 18:34

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Simeon at 2015-01-06 00:30:46
Running from C:\Users\Simeon\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Far Cry (HKLM-x32\...\Steam App 13520) (Version:  - Crytek Studios)
Far Cry 2 (HKLM-x32\...\Steam App 19900) (Version:  - Ubisoft Montreal)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version:  - Ubisoft Montreal)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gyazo 2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version:  - BioWare)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spotify (HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-12-2014 15:33:25 Installed LogMeIn Hamachi
30-12-2014 16:47:16 Microsoft Visual C++ 2005 Redistributable wird installiert
04-01-2015 23:48:08 Avira System Speedup 1.5
04-01-2015 23:50:08 Avira System Speedup 1.5
04-01-2015 23:52:37 Avira System Speedup 1.5

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-05 17:34 - 2015-01-05 17:34 - 00000883 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C166193-7D66-4EF2-BC73-6CF82EFE88E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {1842F4F5-7026-4BFA-96F0-A2F03CDC5CE3} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {6330D254-5A04-4D20-ACAD-71548130EA90} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-03] (AVAST Software)
Task: {748A6CC2-2EB1-4F27-8115-0C683280E25A} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {7A44F9C0-23A8-48B4-9A20-36F53CCD158B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05] (Google Inc.)
Task: {819C0E6B-C399-4A1D-91F4-837AC730F658} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {8A6DDFB2-D033-4430-B481-AC9272B262CC} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {8DB7591E-4B69-411F-84BD-C356B0E45D3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05] (Google Inc.)
Task: {98B77D43-01DC-4437-BB73-BC49DF15353B} - System32\Tasks\{BC94A892-74D7-420D-BF66-58B8F5654AF6} => Chrome.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/go/help.faq.installer?LastError=1618
Task: {A211F15B-C9BA-488F-9453-C187EA64E257} - System32\Tasks\{FE37CCD8-5799-4A7D-9B0B-C9BB5E5B9E97} => pcalua.exe -a C:\WINDOWS\System32\control.exe -d C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17334_none_26e8e73771beea24 -c "C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17334_none_26e8e73771beea24\FlashPlayerCPLApp.cpl",
Task: {A4B456F7-F527-423D-89FD-08DEDEE54244} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {A4D107DB-21A1-4B94-8F3D-8D2761640D61} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {AC7BF3A2-F440-4E36-9DC6-D7A283E958BC} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {D727F8AA-67AA-401F-B38A-7B6A6D4AAAE8} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)
Task: {DDCCA3FD-8A24-491C-8563-CADB9F54F5D2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-12] (Microsoft Corporation)
Task: {E9C831C0-68CB-431B-BE6E-7D70FB0B0E4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-23 16:23 - 2014-10-16 17:54 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-23 16:30 - 2014-10-16 15:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-20 18:41 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-08-02 16:48 - 2014-09-05 12:03 - 00455784 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-02-28 18:05 - 2013-02-28 18:05 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 18:02 - 2013-02-28 18:02 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-28 18:06 - 2013-02-28 18:06 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-09-03 22:41 - 2014-09-03 22:41 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-04 20:22 - 2015-01-04 20:22 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010401\algo.dll
2015-01-05 23:46 - 2015-01-05 23:46 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010501\algo.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-20 17:58 - 2013-03-20 08:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-23 16:23 - 2014-10-16 17:54 - 00013120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-03 22:41 - 2014-09-03 22:42 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-05-25 19:10 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-25 19:10 - 2014-11-18 21:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-05-25 19:10 - 2014-11-18 21:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-05-25 19:10 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-17 01:31 - 2014-11-11 19:48 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2013-11-20 18:41 - 2013-02-20 22:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Simeon\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"

========================= Accounts: ==========================

Administrator (S-1-5-21-2194020832-3275982821-4177272209-500 - Administrator - Disabled)
Gast (S-1-5-21-2194020832-3275982821-4177272209-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2194020832-3275982821-4177272209-1007 - Limited - Enabled)
Simeon (S-1-5-21-2194020832-3275982821-4177272209-1002 - Administrator - Enabled) => C:\Users\Simeon

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2015 10:32:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.670.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1aa4

Startzeit: 01d0292dfcefbbe1

Endzeit: 580

Anwendungspfad: C:\Program Files (x86)\Java\jre7\bin\javaw.exe

Berichts-ID: 53e7f258-9522-11e4-beb0-78843c35bcd9

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4890

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4890

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3687

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3687

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2015 03:18:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2437

Error: (01/05/2015 03:18:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2437

Error: (01/05/2015 03:18:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/05/2015 09:35:59 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/05/2015 05:38:35 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (01/05/2015 05:14:42 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/05/2015 03:18:15 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/05/2015 05:21:42 AM) (Source: DCOM) (EventID: 10010) (User: PC-192-168-2-11)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (01/05/2015 05:21:12 AM) (Source: DCOM) (EventID: 10010) (User: PC-192-168-2-11)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/05/2015 05:07:09 AM) (Source: DCOM) (EventID: 10010) (User: PC-192-168-2-11)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (01/05/2015 01:44:58 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (01/05/2015 01:41:03 AM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (01/05/2015 01:32:16 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056


Microsoft Office Sessions:
=========================
Error: (01/05/2015 10:32:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.670.11aa401d0292dfcefbbe1580C:\Program Files (x86)\Java\jre7\bin\javaw.exe53e7f258-9522-11e4-beb0-78843c35bcd9

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4890

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4890

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3687

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3687

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2015 03:18:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2437

Error: (01/05/2015 03:18:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2437

Error: (01/05/2015 03:18:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-12-03 20:20:41.157
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:11.690
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:11.581
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:08.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:05.903
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:55:45.660
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:55:38.452
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:55:34.051
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:54:21.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:54:21.635
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 49%
Total physical RAM: 8072.27 MB
Available physical RAM: 4078.13 MB
Total Pagefile: 10632.27 MB
Available Pagefile: 6039.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.51 GB) (Free:108.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4B7142E4)

Partition: GPT Partition Type.

==================== End Of Log ============================
ok kurzer Nachtrag:
Ich habe jetzt glaube ich das Problem gefunden, ich hatte bei meinen Energieeinstellungen etwas verändert, dass die Spiele nicht mehr mit hoher Leistung laufen können.
Jetzt hab ich es wieder verändert und es funktioniert wieder.
Ich hab allerdings immernoch das Problem mit dem Trojaner, und immer wenn ich Chrome öffne, ist dort eine Erweiterung aktiviert, die ssaver (oder so ähnlich) heißt, bei der ich immer Werbung angezeigt bekomme, habe jedoch auch schon ADWCleaner und Malwarebytes drüber laufen lassen und es kommt trotzdem wieder.

schrauber 06.01.2015 12:14
Logfiles von MBAM und AdwCleaner bitte. Ist der Proxy in Firefox mit Absicht drin?

Splasher 06.01.2015 14:59
Nein, da ich Firefox nicht benutze.
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 06.01.2015
Suchlauf-Zeit: 13:36:27
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.06.03
Rootkit Datenbank: v2014.12.30.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Simeon

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 364786
Verstrichene Zeit: 31 Min, 49 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
Code:
# AdwCleaner v4.106 - Bericht erstellt am 06/01/2015 um 14:54:32
# Aktualisiert 21/12/2014 von Xplode
# Database : 2015-01-03.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Simeon - PC-192-168-2-11
# Gestartet von : C:\Users\Simeon\Downloads\adwcleaner_4.106.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v32.0.3 (x86 de)


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [5846 octets] - [05/01/2015 00:55:27]
AdwCleaner[R1].txt - [5906 octets] - [05/01/2015 01:04:44]
AdwCleaner[R2].txt - [784 octets] - [06/01/2015 14:54:32]
AdwCleaner[S0].txt - [5395 octets] - [05/01/2015 01:31:17]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [903 octets] ##########
Als ich Firefox geöffnet habe wurden mir gleich 3 Viren von Avast mitgeteilt

schrauber 06.01.2015 15:50
Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen


FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs.

Splasher 06.01.2015 19:44

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Simeon (administrator) on PC-192-168-2-11 on 06-01-2015 19:31:55
Running from C:\Users\Simeon\Downloads
Loaded Profiles: Simeon &  (Available profiles: Simeon)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-03] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] ( (Atheros Communications))
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [Spotify Web Helper] => C:\Users\Simeon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095328 2014-09-16] (Nota Inc.)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Simeon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095328 2014-09-16] (Nota Inc.)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-10-16] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174856 2014-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156840 2014-10-16] (NVIDIA Corporation)
Startup: C:\Users\Simeon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002 -> DefaultScope {0278007E-B36C-4AAD-B44E-FC4E335C9207} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140527&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002 -> {0278007E-B36C-4AAD-B44E-FC4E335C9207} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140527&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002 -> {25ED8489-9D47-4ADD-AD9B-F4074B21DD47} URL =
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0278007E-B36C-4AAD-B44E-FC4E335C9207} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140527&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {25ED8489-9D47-4ADD-AD9B-F4074B21DD47} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Simeon\AppData\Roaming\Mozilla\Firefox\Profiles\zp9xi6l5.default-1420569044781
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-08-02]
FF HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "", "https://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8", "hxxp://search.gboxapp.com/?aff=p"
CHR Profile: C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (Adblock Plus) - C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-05]
CHR Extension: (Google Wallet) - C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Simeon\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [Not Found]
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Simeon\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-03] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-05] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-03] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-06] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R4 avkmgr; \SystemRoot\system32\DRIVERS\avkmgr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 19:28 - 2015-01-06 19:30 - 00000000 ____D () C:\Users\Simeon\Desktop\Alte Firefox-Daten
2015-01-06 19:22 - 2015-01-06 19:22 - 00001179 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-06 19:22 - 2015-01-06 19:22 - 00001167 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-06 19:22 - 2015-01-06 19:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-06 19:19 - 2015-01-06 19:19 - 00244264 _____ () C:\Users\Simeon\Downloads\Firefox Setup Stub 34.0.5.exe
2015-01-06 18:53 - 2015-01-06 18:54 - 00001288 _____ () C:\Users\Simeon\Desktop\Revo Uninstaller.lnk
2015-01-06 18:53 - 2015-01-06 18:53 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-06 18:51 - 2015-01-06 18:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Simeon\Downloads\revosetup95.exe
2015-01-06 14:52 - 2015-01-06 14:52 - 00001191 _____ () C:\Users\Simeon\Desktop\mbam.txt
2015-01-06 14:49 - 2015-01-06 14:49 - 00001190 _____ () C:\MWB.txt
2015-01-06 13:04 - 2015-01-06 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-06 00:30 - 2015-01-06 00:34 - 00028809 _____ () C:\Users\Simeon\Downloads\Addition.txt
2015-01-06 00:27 - 2015-01-06 19:32 - 00027167 _____ () C:\Users\Simeon\Downloads\FRST.txt
2015-01-06 00:27 - 2015-01-06 19:32 - 00000000 ____D () C:\FRST
2015-01-06 00:26 - 2015-01-06 00:26 - 02123776 _____ (Farbar) C:\Users\Simeon\Downloads\FRST64.exe
2015-01-05 22:40 - 2015-01-05 22:40 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2015-01-05 22:38 - 2015-01-05 22:38 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-05 22:38 - 2015-01-05 22:38 - 00000000 _____ () C:\WINDOWS\setupact.log
2015-01-05 20:22 - 2015-01-06 03:01 - 00032249 _____ () C:\WINDOWS\DirectX.log
2015-01-05 19:16 - 2015-01-05 19:31 - 00000000 ____D () C:\Users\Simeon\Desktop\Simeon Musik
2015-01-05 18:28 - 2015-01-05 18:28 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-05 18:28 - 2015-01-05 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-05 18:27 - 2015-01-06 19:32 - 00001142 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-05 18:27 - 2015-01-06 18:32 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 18:27 - 2015-01-05 18:27 - 00004114 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-05 18:27 - 2015-01-05 18:27 - 00003878 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-05 18:26 - 2015-01-05 18:26 - 00000000 ____D () C:\Users\Simeon\AppData\Local\Deployment
2015-01-05 04:52 - 2015-01-05 04:52 - 00000591 _____ () C:\Users\Simeon\Downloads\hosts.zip
2015-01-05 00:55 - 2015-01-06 14:57 - 00000000 ____D () C:\AdwCleaner
2015-01-05 00:53 - 2015-01-05 00:53 - 02173952 _____ () C:\Users\Simeon\Downloads\adwcleaner_4.106.exe
2015-01-04 20:55 - 2015-01-04 20:55 - 00005056 _____ () C:\Users\Simeon\Downloads\bibanator config Dezember 2014 (1).rar
2014-12-30 16:49 - 2014-12-30 18:22 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Bioshock
2014-12-30 16:49 - 2014-12-30 17:09 - 00000000 ____D () C:\Users\Simeon\Documents\Bioshock
2014-12-25 01:58 - 2014-12-25 02:00 - 77895545 _____ () C:\Users\Simeon\Downloads\Jesus-hasst-dich.zip
2014-12-20 15:35 - 2015-01-05 00:23 - 00000000 ____D () C:\Users\Simeon\AppData\Local\LogMeIn Hamachi
2014-12-20 15:34 - 2014-12-20 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-20 15:34 - 2014-12-20 15:34 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-20 15:32 - 2014-12-20 15:32 - 08536064 _____ () C:\Users\Simeon\Downloads\hamachi291.msi
2014-12-19 16:14 - 2014-12-19 16:14 - 00000000 __SHD () C:\Users\Simeon\AppData\Local\EmieBrowserModeList
2014-12-19 16:08 - 2014-12-19 16:08 - 00005056 _____ () C:\Users\Simeon\Downloads\bibanator config Dezember 2014.rar
2014-12-19 14:31 - 2014-12-19 14:31 - 00000221 _____ () C:\Users\Simeon\Desktop\Mass Effect.url
2014-12-16 15:52 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-16 15:52 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-12-12 16:18 - 2014-12-12 16:18 - 08536064 _____ () C:\Users\Simeon\Downloads\hamachi279 (1).msi
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () C:\ProgramData\pkpdklpmmnaojfeffaoemacdnlgnfbpd
2014-12-12 14:50 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-12 14:50 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 00:37 - 2014-12-12 00:37 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-11 15:47 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 15:47 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 15:47 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 15:47 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 00:01 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-11 00:01 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-11 00:01 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 00:01 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 00:01 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 00:01 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 00:01 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 00:01 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 00:01 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 00:01 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 00:00 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 00:00 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 00:00 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 00:00 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 00:00 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 00:00 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 00:00 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 00:00 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 00:00 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 00:00 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 00:00 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 00:00 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 00:00 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 00:00 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 00:00 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 00:00 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 00:00 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 00:00 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 00:00 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 00:00 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 00:00 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 00:00 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 00:00 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 00:00 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 00:00 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 00:00 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 00:00 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 00:00 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 00:00 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 00:00 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 00:00 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 00:00 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 00:00 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 00:00 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 00:00 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 00:00 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 00:00 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 00:00 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 00:00 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 19:27 - 2014-05-25 18:12 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2194020832-3275982821-4177272209-1002
2015-01-06 19:25 - 2014-07-24 17:07 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{84A861DF-DBA4-44D4-A2E4-B064A3A08795}
2015-01-06 19:23 - 2014-05-25 18:55 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Skype
2015-01-06 19:22 - 2014-08-08 21:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-06 19:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-06 16:29 - 2014-03-18 11:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-06 16:29 - 2014-03-18 10:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-06 16:29 - 2014-03-18 10:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-06 15:59 - 2014-05-25 19:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-06 13:37 - 2014-05-25 19:51 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\.minecraft
2015-01-06 13:36 - 2014-09-03 22:23 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-06 13:23 - 2014-11-20 00:22 - 01742740 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-06 13:04 - 2014-07-18 15:35 - 00000000 ___DO () C:\Users\Simeon\OneDrive
2015-01-05 22:41 - 2014-09-26 20:24 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-05 22:37 - 2014-06-10 00:41 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-05 18:28 - 2014-05-25 18:16 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-05 14:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-05 01:46 - 2014-09-26 20:35 - 00000000 ____D () C:\Users\Simeon\AppData\Local\AviraSpeedup
2015-01-05 01:40 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-05 01:39 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-05 01:39 - 2013-08-22 15:44 - 00362792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-05 01:38 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-04 18:32 - 2014-05-30 20:12 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Spotify
2015-01-04 18:28 - 2014-05-25 18:21 - 00000000 ____D () C:\Users\Simeon\AppData\Local\clear.fi
2015-01-03 13:55 - 2014-05-25 18:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-03 13:55 - 2014-05-25 18:55 - 00000000 ____D () C:\ProgramData\Skype
2015-01-02 03:00 - 2014-07-16 20:13 - 00000000 ____D () C:\Users\Simeon\Desktop\YouTuber
2015-01-02 02:00 - 2014-06-13 21:07 - 00000000 ___RD () C:\Users\Simeon\Desktop\blah
2014-12-30 19:57 - 2014-05-30 20:12 - 00000000 ____D () C:\Users\Simeon\AppData\Local\Spotify
2014-12-30 16:54 - 2014-10-30 21:01 - 00000220 _____ () C:\Users\Simeon\Desktop\BioShock.url
2014-12-27 18:06 - 2014-06-08 22:40 - 01028096 ___SH () C:\Users\Simeon\Downloads\Thumbs.db
2014-12-25 21:49 - 2014-09-03 22:44 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-25 21:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\ADFS
2014-12-25 21:13 - 2013-08-02 16:04 - 00000000 ____D () C:\WINDOWS\oem
2014-12-20 14:42 - 2014-09-22 22:47 - 00000004 _____ () C:\Users\Simeon\AppData\Roaming\appdataFr2.bin
2014-12-19 16:13 - 2014-05-25 19:41 - 01664512 ___SH () C:\Users\Simeon\Desktop\Thumbs.db
2014-12-18 15:59 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-14 19:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-14 01:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-12 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 00:37 - 2014-07-13 12:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 00:37 - 2014-05-27 20:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-12 00:37 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 00:37 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-12 00:34 - 2014-05-27 20:30 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-08 01:21 - 2014-09-03 23:04 - 00000000 ___RD () C:\Users\Simeon\Dropbox
2014-12-07 14:35 - 2014-07-10 21:42 - 00000000 ____D () C:\Users\Simeon\Documents\Bluetooth Folder
2014-12-07 14:02 - 2014-09-03 22:57 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Dropbox
2014-12-07 13:27 - 2014-09-03 23:04 - 00001081 _____ () C:\Users\Simeon\Desktop\Dropbox.lnk
2014-12-07 13:27 - 2014-09-03 23:01 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Some content of TEMP:
====================
C:\Users\Simeon\AppData\Local\Temp\avgnt.exe
C:\Users\Simeon\AppData\Local\Temp\Quarantine.exe
C:\Users\Simeon\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-05 18:34

==================== End Of Log ============================
--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Simeon at 2015-01-06 19:34:12
Running from C:\Users\Simeon\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Far Cry (HKLM-x32\...\Steam App 13520) (Version:  - Crytek Studios)
Far Cry 2 (HKLM-x32\...\Steam App 19900) (Version:  - Ubisoft Montreal)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version:  - Ubisoft Montreal)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gyazo 2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version:  - BioWare)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spotify (HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-12-2014 15:33:25 Installed LogMeIn Hamachi
30-12-2014 16:47:16 Microsoft Visual C++ 2005 Redistributable wird installiert
04-01-2015 23:48:08 Avira System Speedup 1.5
04-01-2015 23:50:08 Avira System Speedup 1.5
04-01-2015 23:52:37 Avira System Speedup 1.5
06-01-2015 02:51:11 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-05 17:34 - 2015-01-05 17:34 - 00000883 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C166193-7D66-4EF2-BC73-6CF82EFE88E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {1842F4F5-7026-4BFA-96F0-A2F03CDC5CE3} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {6330D254-5A04-4D20-ACAD-71548130EA90} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-03] (AVAST Software)
Task: {748A6CC2-2EB1-4F27-8115-0C683280E25A} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {7A44F9C0-23A8-48B4-9A20-36F53CCD158B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05] (Google Inc.)
Task: {819C0E6B-C399-4A1D-91F4-837AC730F658} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {8A6DDFB2-D033-4430-B481-AC9272B262CC} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {8DB7591E-4B69-411F-84BD-C356B0E45D3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05] (Google Inc.)
Task: {98B77D43-01DC-4437-BB73-BC49DF15353B} - System32\Tasks\{BC94A892-74D7-420D-BF66-58B8F5654AF6} => Chrome.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/go/help.faq.installer?LastError=1618
Task: {A211F15B-C9BA-488F-9453-C187EA64E257} - System32\Tasks\{FE37CCD8-5799-4A7D-9B0B-C9BB5E5B9E97} => pcalua.exe -a C:\WINDOWS\System32\control.exe -d C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17334_none_26e8e73771beea24 -c "C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17334_none_26e8e73771beea24\FlashPlayerCPLApp.cpl",
Task: {A4B456F7-F527-423D-89FD-08DEDEE54244} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {A4D107DB-21A1-4B94-8F3D-8D2761640D61} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {AC7BF3A2-F440-4E36-9DC6-D7A283E958BC} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {D727F8AA-67AA-401F-B38A-7B6A6D4AAAE8} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)
Task: {E471462C-7830-4322-BD62-B8A87DE17EED} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-12] (Microsoft Corporation)
Task: {E9C831C0-68CB-431B-BE6E-7D70FB0B0E4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-23 16:23 - 2014-10-16 17:54 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-23 16:30 - 2014-10-16 15:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-20 18:41 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-08-02 16:48 - 2014-09-05 12:03 - 00455784 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-02-28 18:05 - 2013-02-28 18:05 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 18:02 - 2013-02-28 18:02 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-28 18:06 - 2013-02-28 18:06 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-10-30 19:19 - 2014-11-24 19:55 - 00103424 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2014-09-03 22:41 - 2014-09-03 22:41 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-04 20:22 - 2015-01-04 20:22 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010401\algo.dll
2015-01-06 18:55 - 2015-01-06 18:55 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010601\algo.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-20 17:58 - 2013-03-20 08:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-23 16:23 - 2014-10-16 17:54 - 00013120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-03 22:41 - 2014-09-03 22:42 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-11-20 18:41 - 2013-02-20 22:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-05-25 19:10 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-25 19:10 - 2014-11-18 21:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-05-25 19:10 - 2014-11-18 21:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-01-06 15:58 - 2015-01-06 15:58 - 00155232 ___HT () C:\Users\Simeon\AppData\Local\Temp\~8C33.tmp
2014-05-25 19:10 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-17 01:31 - 2014-11-11 19:48 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-10-30 19:19 - 2014-11-21 14:25 - 00198144 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2014-10-30 19:16 - 2014-11-21 14:24 - 00311296 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2014-10-30 19:19 - 2014-11-21 14:24 - 00203776 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2014-10-30 19:16 - 2014-11-21 14:24 - 00387584 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2014-10-30 19:16 - 2014-12-16 15:46 - 05853696 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
2014-10-30 19:19 - 2014-11-21 14:24 - 00155648 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2014-10-30 19:16 - 2014-11-21 14:24 - 01175040 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2014-10-30 19:16 - 2014-12-12 14:55 - 01243648 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2014-10-30 19:16 - 2014-11-21 14:24 - 00352256 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
2014-10-30 19:16 - 2014-11-21 14:24 - 00608256 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2014-10-30 19:19 - 2014-11-21 14:24 - 00164864 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2014-10-30 19:16 - 2014-11-21 14:24 - 00708096 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
2014-10-30 19:19 - 2014-11-21 14:24 - 00134656 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2014-10-30 19:16 - 2014-11-21 14:24 - 01338880 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2014-10-30 19:16 - 2014-11-21 14:24 - 00396800 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2014-10-30 19:16 - 2014-11-24 19:55 - 03186176 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2014-10-30 19:16 - 2014-11-21 14:24 - 01762816 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2014-10-30 19:19 - 2014-11-21 14:24 - 00143872 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
2014-10-30 19:19 - 2014-11-21 14:24 - 00231424 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2014-10-30 19:16 - 2014-12-11 16:09 - 00992256 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2014-10-30 19:16 - 2014-11-21 14:25 - 01059328 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\chromehtml.dll
2014-10-30 19:16 - 2014-11-24 19:55 - 20625832 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\libcef.dll
2014-10-30 19:16 - 2014-10-30 19:19 - 01099616 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\avcodec-53.dll
2014-10-30 19:19 - 2014-10-30 19:19 - 00123232 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\avutil-51.dll
2014-10-30 19:19 - 2014-10-30 19:19 - 00190816 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\avformat-53.dll
2014-10-30 19:16 - 2014-11-21 14:24 - 00583168 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2014-10-30 19:16 - 2014-12-19 14:19 - 12300800 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2014-10-30 19:16 - 2014-12-19 14:19 - 09820672 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2014-10-30 19:19 - 2014-11-21 14:24 - 00094720 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2014-10-30 19:16 - 2014-12-19 14:19 - 00969216 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
2014-10-30 19:19 - 2014-11-21 14:24 - 00084992 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2014-10-30 19:19 - 2014-10-30 19:19 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2014-10-30 19:19 - 2014-10-30 19:19 - 00012800 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2014-10-30 19:19 - 2014-10-30 19:19 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
2014-10-30 19:19 - 2014-11-21 14:24 - 00176128 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_speex.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Simeon\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"

========================= Accounts: ==========================

Administrator (S-1-5-21-2194020832-3275982821-4177272209-500 - Administrator - Disabled)
Gast (S-1-5-21-2194020832-3275982821-4177272209-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2194020832-3275982821-4177272209-1007 - Limited - Enabled)
Simeon (S-1-5-21-2194020832-3275982821-4177272209-1002 - Administrator - Enabled) => C:\Users\Simeon

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2015 05:13:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14422

Error: (01/06/2015 05:13:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14422

Error: (01/06/2015 05:13:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2015 10:32:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.670.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1aa4

Startzeit: 01d0292dfcefbbe1

Endzeit: 580

Anwendungspfad: C:\Program Files (x86)\Java\jre7\bin\javaw.exe

Berichts-ID: 53e7f258-9522-11e4-beb0-78843c35bcd9

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4890

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4890

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3687

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3687

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/05/2015 09:35:59 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/05/2015 05:38:35 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (01/05/2015 05:14:42 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/05/2015 03:18:15 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/05/2015 05:21:42 AM) (Source: DCOM) (EventID: 10010) (User: PC-192-168-2-11)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (01/05/2015 05:21:12 AM) (Source: DCOM) (EventID: 10010) (User: PC-192-168-2-11)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/05/2015 05:07:09 AM) (Source: DCOM) (EventID: 10010) (User: PC-192-168-2-11)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (01/05/2015 01:44:58 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (01/05/2015 01:41:03 AM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (01/05/2015 01:32:16 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056


Microsoft Office Sessions:
=========================
Error: (01/06/2015 05:13:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14422

Error: (01/06/2015 05:13:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14422

Error: (01/06/2015 05:13:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2015 10:32:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.670.11aa401d0292dfcefbbe1580C:\Program Files (x86)\Java\jre7\bin\javaw.exe53e7f258-9522-11e4-beb0-78843c35bcd9

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4890

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4890

Error: (01/05/2015 03:18:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3687

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3687

Error: (01/05/2015 03:18:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-12-03 20:20:41.157
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:11.690
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:11.581
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:08.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:05.903
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:55:45.660
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:55:38.452
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:55:34.051
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:54:21.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:54:21.635
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 64%
Total physical RAM: 8072.27 MB
Available physical RAM: 2857.29 MB
Total Pagefile: 10632.27 MB
Available Pagefile: 4871.08 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.51 GB) (Free:107.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4B7142E4)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 06.01.2015 22:04
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Splasher 09.01.2015 17:28
sry dass es so lange gedauert hat bis ich geantwortet hat
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Simeon at 2015-01-07 23:31:15 Run:2
Running from C:\Users\Simeon\Desktop
Loaded Profile: Simeon (Available profiles: Simeon)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Emptytemp:
       
*****************

HKLM\SOFTWARE\Policies\Google => Key not found.
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\SOFTWARE\Policies\Google => Key not found.
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google => Key not found.
EmptyTemp: => Removed 399.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog 23:31:53 ====
Code:
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=27b1ba8b60fb9b4c979a7e295e38edce
# engine=21872
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-09 03:55:02
# local_time=2015-01-09 04:55:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 3098720 11038470 0 0
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5122 16777214 66 62 13889281 67109684 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4986479 45700195 0 0
# scanned=260968
# found=8
# cleaned=0
# scan_time=3263
sh=321877829ADDE3EEC0231C24B5748A175A318772 ft=1 fh=c97650ac5cc72bf7 vn="Variante von Win32/SProtector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir"
sh=4F7FB0F152E5CC111B8A851A67BFCB9DC9931837 ft=1 fh=adfcc851c08a5f3a vn="Variante von Win64/Adware.MultiPlug.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SalesCChheckeur\axinpa16OFkJ8a.x64.dll.vir"
sh=DF5C472C9B280620B0DDB23E8E29C46DE6355D85 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Simeon\AppData\Roaming\Mozilla\Firefox\Profiles\3ev5xb2x.default\Extensions\QW@5.edu\content\bg.js.vir"
sh=35B98AD2E44F37EBECC3E8C8D899E4AF535E2DE4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\ProgramData\pkpdklpmmnaojfeffaoemacdnlgnfbpd\n9PjHu8.js"
sh=35B98AD2E44F37EBECC3E8C8D899E4AF535E2DE4 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\All Users\pkpdklpmmnaojfeffaoemacdnlgnfbpd\n9PjHu8.js"
sh=43F983ED963AD6B3F52CC104E233C7070398BAC2 ft=1 fh=b1ea9abf67ee5aa3 vn="Variante von Win32/InstallCore.QW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simeon\Downloads\ace-stream-2-2-1-2-de.exe"
sh=0D1ED5A839684AEC3E4D56F07D412752CD58ED42 ft=1 fh=a0a054a53a3b1e96 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simeon\Downloads\Minecraft Server - CHIP-Installer.exe"
sh=8B46AAEA6A3E04BC0C0F5C467B3FD249AA4AB67D ft=1 fh=e5604cb5961d552e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simeon\Downloads\SharePod - CHIP-Installer.exe"
Code:
Results of screen317's Security Check version 0.99.93 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
McAfee Anti-Virus und Anti-Spyware 
Windows Defender                   
avast! Antivirus                   
 Antivirus out of date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java version 32-bit out of Date!
 Mozilla Firefox (34.0.5)
 Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast avastui.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Simeon (administrator) on PC-192-168-2-11 on 09-01-2015 17:18:34
Running from C:\Users\Simeon\Desktop
Loaded Profile: Simeon (Available profiles: Simeon)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-03] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] ( (Atheros Communications))
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [Spotify Web Helper] => C:\Users\Simeon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-14] (Spotify Ltd)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-10-16] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174856 2014-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156840 2014-10-16] (NVIDIA Corporation)
Startup: C:\Users\Simeon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002 -> DefaultScope {0278007E-B36C-4AAD-B44E-FC4E335C9207} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140527&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002 -> {0278007E-B36C-4AAD-B44E-FC4E335C9207} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140527&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002 -> {25ED8489-9D47-4ADD-AD9B-F4074B21DD47} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Simeon\AppData\Roaming\Mozilla\Firefox\Profiles\zp9xi6l5.default-1420569044781
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-2194020832-3275982821-4177272209-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-08-02]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "", "https://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8", "hxxp://search.gboxapp.com/?aff=p"
CHR Profile: C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (Adblock Plus) - C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-05]
CHR Extension: (Google Wallet) - C:\Users\Simeon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Simeon\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-03] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-05] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-03] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-03] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-06] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 17:18 - 2015-01-09 17:19 - 00024194 _____ () C:\Users\Simeon\Desktop\FRST.txt
2015-01-09 17:16 - 2015-01-09 17:16 - 00852505 _____ () C:\Users\Simeon\Downloads\SecurityCheck.exe
2015-01-08 20:02 - 2015-01-08 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-07 23:48 - 2015-01-07 23:48 - 02347384 _____ (ESET) C:\Users\Simeon\Downloads\esetsmartinstaller_deu.exe
2015-01-07 23:31 - 2015-01-07 23:31 - 00000000 ____D () C:\Users\Simeon\Desktop\FRST-OlderVersion
2015-01-07 21:43 - 2015-01-07 21:43 - 00085412 _____ () C:\Users\Simeon\Downloads\Download (1)
2015-01-07 21:42 - 2015-01-07 21:43 - 00085412 _____ () C:\Users\Simeon\Downloads\Download
2015-01-06 22:48 - 2015-01-06 22:48 - 00006804 _____ () C:\WINDOWS\PFRO.log
2015-01-06 19:22 - 2015-01-06 19:22 - 00001179 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-06 19:22 - 2015-01-06 19:22 - 00001167 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-06 19:22 - 2015-01-06 19:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-06 19:19 - 2015-01-06 19:19 - 00244264 _____ () C:\Users\Simeon\Downloads\Firefox Setup Stub 34.0.5.exe
2015-01-06 18:53 - 2015-01-06 18:54 - 00001288 _____ () C:\Users\Simeon\Desktop\Revo Uninstaller.lnk
2015-01-06 18:53 - 2015-01-06 18:53 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-06 18:51 - 2015-01-06 18:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Simeon\Downloads\revosetup95.exe
2015-01-06 14:52 - 2015-01-06 14:52 - 00001191 _____ () C:\Users\Simeon\Desktop\mbam.txt
2015-01-06 14:49 - 2015-01-06 14:49 - 00001190 _____ () C:\MWB.txt
2015-01-06 00:30 - 2015-01-06 19:36 - 00034691 _____ () C:\Users\Simeon\Downloads\Addition.txt
2015-01-06 00:27 - 2015-01-09 17:18 - 00000000 ____D () C:\FRST
2015-01-06 00:27 - 2015-01-06 19:36 - 00045609 _____ () C:\Users\Simeon\Downloads\FRST.txt
2015-01-06 00:26 - 2015-01-07 23:31 - 02124288 _____ (Farbar) C:\Users\Simeon\Desktop\FRST64.exe
2015-01-05 22:38 - 2015-01-05 22:38 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-05 22:38 - 2015-01-05 22:38 - 00000000 _____ () C:\WINDOWS\setupact.log
2015-01-05 20:22 - 2015-01-06 03:01 - 00032249 _____ () C:\WINDOWS\DirectX.log
2015-01-05 19:16 - 2015-01-05 19:31 - 00000000 ____D () C:\Users\Simeon\Desktop\Simeon Musik
2015-01-05 18:28 - 2015-01-05 18:28 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-05 18:28 - 2015-01-05 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-05 18:27 - 2015-01-09 16:32 - 00001142 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-05 18:27 - 2015-01-08 18:32 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 18:27 - 2015-01-05 18:27 - 00004114 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-05 18:27 - 2015-01-05 18:27 - 00003878 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-05 18:26 - 2015-01-05 18:26 - 00000000 ____D () C:\Users\Simeon\AppData\Local\Deployment
2015-01-05 04:52 - 2015-01-05 04:52 - 00000591 _____ () C:\Users\Simeon\Downloads\hosts.zip
2015-01-05 00:55 - 2015-01-06 14:57 - 00000000 ____D () C:\AdwCleaner
2015-01-05 00:53 - 2015-01-05 00:53 - 02173952 _____ () C:\Users\Simeon\Downloads\adwcleaner_4.106.exe
2015-01-04 20:55 - 2015-01-04 20:55 - 00005056 _____ () C:\Users\Simeon\Downloads\bibanator config Dezember 2014 (1).rar
2014-12-30 16:49 - 2014-12-30 18:22 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Bioshock
2014-12-30 16:49 - 2014-12-30 17:09 - 00000000 ____D () C:\Users\Simeon\Documents\Bioshock
2014-12-25 01:58 - 2014-12-25 02:00 - 77895545 _____ () C:\Users\Simeon\Downloads\Jesus-hasst-dich.zip
2014-12-21 03:25 - 2014-12-21 03:29 - 340993724 _____ () C:\Users\Simeon\Downloads\ham_cassidy_elektra_natalie_bb102714_480p_1000.mp4
2014-12-21 03:20 - 2014-12-21 03:24 - 299635756 _____ () C:\Users\Simeon\Downloads\bwb_aj_maddy_bb052214_480p_1000.mp4
2014-12-21 03:17 - 2014-12-21 03:19 - 158393744 _____ () C:\Users\Simeon\Downloads\ham_ashli_brooke_480p_1000.mp4
2014-12-21 03:11 - 2014-12-21 03:16 - 370134536 _____ () C:\Users\Simeon\Downloads\bwb_maddy_oreilly_tt092514_480p_1000.mp4
2014-12-21 02:54 - 2014-12-21 03:09 - 540587716 _____ () C:\Users\Simeon\Downloads\plib_alexis_madison_sarah_480p_1000.mp4
2014-12-21 02:48 - 2014-12-21 02:51 - 302684721 _____ () C:\Users\Simeon\Downloads\plib_peta_jensen_bb112014_480p_1000.mp4
2014-12-20 15:35 - 2015-01-06 22:49 - 00000000 ____D () C:\Users\Simeon\AppData\Local\LogMeIn Hamachi
2014-12-20 15:34 - 2014-12-20 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-20 15:34 - 2014-12-20 15:34 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-20 15:32 - 2014-12-20 15:32 - 08536064 _____ () C:\Users\Simeon\Downloads\hamachi291.msi
2014-12-19 16:14 - 2014-12-19 16:14 - 00000000 __SHD () C:\Users\Simeon\AppData\Local\EmieBrowserModeList
2014-12-19 16:08 - 2014-12-19 16:08 - 00005056 _____ () C:\Users\Simeon\Downloads\bibanator config Dezember 2014.rar
2014-12-19 14:31 - 2014-12-19 14:31 - 00000221 _____ () C:\Users\Simeon\Desktop\Mass Effect.url
2014-12-16 15:52 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-16 15:52 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-12-12 16:18 - 2014-12-12 16:18 - 08536064 _____ () C:\Users\Simeon\Downloads\hamachi279 (1).msi
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () C:\ProgramData\pkpdklpmmnaojfeffaoemacdnlgnfbpd
2014-12-12 14:50 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-12 14:50 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 00:37 - 2014-12-12 00:37 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-11 15:47 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 15:47 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 15:47 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 15:47 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 00:01 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-11 00:01 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-11 00:01 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-11 00:01 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 00:01 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 00:01 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 00:01 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 00:01 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 00:01 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 00:01 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 00:01 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 00:00 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 00:00 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 00:00 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 00:00 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 00:00 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 00:00 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 00:00 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 00:00 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 00:00 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 00:00 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 00:00 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 00:00 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 00:00 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 00:00 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 00:00 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 00:00 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 00:00 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 00:00 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 00:00 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 00:00 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 00:00 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 00:00 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 00:00 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 00:00 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 00:00 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 00:00 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 00:00 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 00:00 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 00:00 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 00:00 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 00:00 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 00:00 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 00:00 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 00:00 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 00:00 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 00:00 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 00:00 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 00:00 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 00:00 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 17:17 - 2014-11-20 00:22 - 01139282 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-09 17:12 - 2014-05-25 18:55 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Skype
2015-01-09 17:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-09 17:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-09 16:55 - 2014-05-25 18:12 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2194020832-3275982821-4177272209-1002
2015-01-09 15:50 - 2014-07-24 17:07 - 00003962 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{84A861DF-DBA4-44D4-A2E4-B064A3A08795}
2015-01-08 16:35 - 2014-06-02 12:35 - 00003764 _____ () C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2015-01-08 16:35 - 2014-06-02 12:35 - 00001002 _____ () C:\Users\Public\Desktop\Gyazo.lnk
2015-01-08 16:35 - 2014-06-02 12:35 - 00001002 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
2015-01-08 16:35 - 2014-06-02 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2015-01-08 16:35 - 2014-06-02 12:35 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2015-01-08 16:00 - 2014-05-25 19:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-08 15:41 - 2014-07-18 15:35 - 00000000 ___DO () C:\Users\Simeon\OneDrive
2015-01-07 23:33 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-07 23:32 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-07 19:01 - 2014-05-25 19:51 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\.minecraft
2015-01-06 22:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-06 22:48 - 2014-09-26 20:24 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-06 22:48 - 2014-08-08 21:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-06 16:29 - 2014-03-18 11:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-06 16:29 - 2014-03-18 10:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-06 16:29 - 2014-03-18 10:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-06 13:36 - 2014-09-03 22:23 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 22:37 - 2014-06-10 00:41 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-05 18:28 - 2014-05-25 18:16 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-05 01:46 - 2014-09-26 20:35 - 00000000 ____D () C:\Users\Simeon\AppData\Local\AviraSpeedup
2015-01-05 01:39 - 2013-08-22 15:44 - 00362792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-04 18:32 - 2014-05-30 20:12 - 00000000 ____D () C:\Users\Simeon\AppData\Roaming\Spotify
2015-01-04 18:28 - 2014-05-25 18:21 - 00000000 ____D () C:\Users\Simeon\AppData\Local\clear.fi
2015-01-03 13:55 - 2014-05-25 18:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-03 13:55 - 2014-05-25 18:55 - 00000000 ____D () C:\ProgramData\Skype
2015-01-02 03:00 - 2014-07-16 20:13 - 00000000 ____D () C:\Users\Simeon\Desktop\YouTuber
2015-01-02 02:00 - 2014-06-13 21:07 - 00000000 ___RD () C:\Users\Simeon\Desktop\blah
2014-12-30 19:57 - 2014-05-30 20:12 - 00000000 ____D () C:\Users\Simeon\AppData\Local\Spotify
2014-12-30 16:54 - 2014-10-30 21:01 - 00000220 _____ () C:\Users\Simeon\Desktop\BioShock.url
2014-12-27 18:06 - 2014-06-08 22:40 - 01028096 ___SH () C:\Users\Simeon\Downloads\Thumbs.db
2014-12-25 21:49 - 2014-09-03 22:44 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-25 21:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\ADFS
2014-12-25 21:13 - 2013-08-02 16:04 - 00000000 ____D () C:\WINDOWS\oem
2014-12-20 14:42 - 2014-09-22 22:47 - 00000004 _____ () C:\Users\Simeon\AppData\Roaming\appdataFr2.bin
2014-12-19 16:13 - 2014-05-25 19:41 - 01664512 ___SH () C:\Users\Simeon\Desktop\Thumbs.db
2014-12-18 15:59 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-14 19:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-14 01:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-12 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 00:37 - 2014-07-13 12:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 00:37 - 2014-05-27 20:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-12 00:37 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 00:37 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-12 00:34 - 2014-05-27 20:30 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-09 16:56

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Simeon at 2015-01-09 17:19:40
Running from C:\Users\Simeon\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Far Cry (HKLM-x32\...\Steam App 13520) (Version:  - Crytek Studios)
Far Cry 2 (HKLM-x32\...\Steam App 19900) (Version:  - Ubisoft Montreal)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version:  - Ubisoft Montreal)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version:  - BioWare)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2194020832-3275982821-4177272209-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Simeon\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-12-2014 15:33:25 Installed LogMeIn Hamachi
30-12-2014 16:47:16 Microsoft Visual C++ 2005 Redistributable wird installiert
04-01-2015 23:48:08 Avira System Speedup 1.5
04-01-2015 23:50:08 Avira System Speedup 1.5
04-01-2015 23:52:37 Avira System Speedup 1.5
06-01-2015 02:51:11 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-05 17:34 - 2015-01-05 17:34 - 00000883 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C166193-7D66-4EF2-BC73-6CF82EFE88E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {1842F4F5-7026-4BFA-96F0-A2F03CDC5CE3} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {54990481-B63D-4D81-88F6-5847FF4123C3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-12] (Microsoft Corporation)
Task: {6330D254-5A04-4D20-ACAD-71548130EA90} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-03] (AVAST Software)
Task: {748A6CC2-2EB1-4F27-8115-0C683280E25A} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {7A44F9C0-23A8-48B4-9A20-36F53CCD158B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05] (Google Inc.)
Task: {819C0E6B-C399-4A1D-91F4-837AC730F658} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {8A6DDFB2-D033-4430-B481-AC9272B262CC} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {8DB7591E-4B69-411F-84BD-C356B0E45D3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05] (Google Inc.)
Task: {98B77D43-01DC-4437-BB73-BC49DF15353B} - System32\Tasks\{BC94A892-74D7-420D-BF66-58B8F5654AF6} => Chrome.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/go/help.faq.installer?LastError=1618
Task: {A211F15B-C9BA-488F-9453-C187EA64E257} - System32\Tasks\{FE37CCD8-5799-4A7D-9B0B-C9BB5E5B9E97} => pcalua.exe -a C:\WINDOWS\System32\control.exe -d C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17334_none_26e8e73771beea24 -c "C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17334_none_26e8e73771beea24\FlashPlayerCPLApp.cpl",
Task: {A4B456F7-F527-423D-89FD-08DEDEE54244} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {A4D107DB-21A1-4B94-8F3D-8D2761640D61} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {AC7BF3A2-F440-4E36-9DC6-D7A283E958BC} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {D727F8AA-67AA-401F-B38A-7B6A6D4AAAE8} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)
Task: {E9C831C0-68CB-431B-BE6E-7D70FB0B0E4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-23 16:23 - 2014-10-16 17:54 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-23 16:30 - 2014-10-16 15:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-20 18:41 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-08-02 16:48 - 2014-09-05 12:03 - 00455784 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-02-28 18:05 - 2013-02-28 18:05 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 18:02 - 2013-02-28 18:02 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-28 18:06 - 2013-02-28 18:06 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-09-03 22:41 - 2014-09-03 22:41 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-07 20:42 - 2015-01-07 20:42 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010701\algo.dll
2015-01-08 23:42 - 2015-01-08 23:42 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010801\algo.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-20 17:58 - 2013-03-20 08:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-03 22:41 - 2014-09-03 22:42 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-11-20 18:41 - 2013-02-20 22:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-10-23 16:23 - 2014-10-16 17:54 - 00013120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2015-01-05 18:28 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-05-25 19:10 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-25 19:10 - 2014-11-18 21:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 19:07 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-05-25 19:10 - 2014-11-18 21:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-05-25 19:10 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Simeon\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2194020832-3275982821-4177272209-1002\...\StartupApproved\Run: => "Spotify Web Helper"

========================= Accounts: ==========================

Administrator (S-1-5-21-2194020832-3275982821-4177272209-500 - Administrator - Disabled)
Gast (S-1-5-21-2194020832-3275982821-4177272209-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2194020832-3275982821-4177272209-1007 - Limited - Enabled)
Simeon (S-1-5-21-2194020832-3275982821-4177272209-1002 - Administrator - Enabled) => C:\Users\Simeon

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/09/2015 05:08:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/09/2015 05:01:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/09/2015 04:58:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/09/2015 03:51:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 22b0

Startzeit: 01d02c1afd246a5b

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: f34beb05-980e-11e4-beb2-78843c35bcd9

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/09/2015 03:47:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-192-168-2-11)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/09/2015 03:47:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 33d8

Startzeit: 01d02c1b21ec3cf1

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 699ca9b0-980e-11e4-beb2-78843c35bcd9

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (01/09/2015 03:47:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: PC-192-168-2-11)
Description: Die App „Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (01/09/2015 03:46:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2ce8

Startzeit: 01d02b9de820fd43

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 35c38b51-980e-11e4-beb2-78843c35bcd9

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/09/2015 00:49:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-192-168-2-11)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/09/2015 00:46:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3735


System errors:
=============
Error: (01/09/2015 03:45:53 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/09/2015 00:51:05 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/09/2015 00:49:08 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/08/2015 05:38:14 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/08/2015 03:40:29 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (01/08/2015 00:29:44 AM) (Source: DCOM) (EventID: 10010) (User: PC-192-168-2-11)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/08/2015 00:29:44 AM) (Source: DCOM) (EventID: 10010) (User: PC-192-168-2-11)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/08/2015 00:29:42 AM) (Source: DCOM) (EventID: 10010) (User: PC-192-168-2-11)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/07/2015 11:34:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/07/2015 11:34:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.


Microsoft Office Sessions:
=========================
Error: (01/09/2015 05:08:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (01/09/2015 05:01:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (01/09/2015 04:58:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (01/09/2015 03:51:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2068922b001d02c1afd246a5b4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exef34beb05-980e-11e4-beb2-78843c35bcd9microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/09/2015 03:47:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-192-168-2-11)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927142

Error: (01/09/2015 03:47:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703133d801d02c1b21ec3cf14294967295C:\WINDOWS\syswow64\wwahost.exe699ca9b0-980e-11e4-beb2-78843c35bcd9Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (01/09/2015 03:47:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: PC-192-168-2-11)
Description: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c+App

Error: (01/09/2015 03:46:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.206892ce801d02b9de820fd434294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe35c38b51-980e-11e4-beb2-78843c35bcd9microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/09/2015 00:49:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-192-168-2-11)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People-2147023170

Error: (01/09/2015 00:46:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3735


CodeIntegrity Errors:
===================================
  Date: 2014-12-03 20:20:41.157
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:11.690
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:11.581
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:08.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:56:05.903
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:55:45.660
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:55:38.452
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:55:34.051
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:54:21.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-03 19:54:21.635
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 55%
Total physical RAM: 8072.27 MB
Available physical RAM: 3581.86 MB
Total Pagefile: 13889.35 MB
Available Pagefile: 8157.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.51 GB) (Free:103.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4B7142E4)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 09.01.2015 17:34
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\ProgramData\pkpdklpmmnaojfeffaoemacdnlgnfbpd

C:\Users\All Users\pkpdklpmmnaojfeffaoemacdnlgnfbpd\n9PjHu8.js

C:\Users\Simeon\Downloads\ace-stream-2-2-1-2-de.exe

C:\Users\Simeon\Downloads\Minecraft Server - CHIP-Installer.exe

C:\Users\Simeon\Downloads\SharePod - CHIP-Installer.exe
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Passwörter ändern.



Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Splasher 09.01.2015 18:50
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Simeon at 2015-01-09 18:41:04 Run:3
Running from C:\Users\Simeon\Desktop
Loaded Profile: Simeon (Available profiles: Simeon)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\pkpdklpmmnaojfeffaoemacdnlgnfbpd

C:\Users\All Users\pkpdklpmmnaojfeffaoemacdnlgnfbpd\n9PjHu8.js

C:\Users\Simeon\Downloads\ace-stream-2-2-1-2-de.exe

C:\Users\Simeon\Downloads\Minecraft Server - CHIP-Installer.exe

C:\Users\Simeon\Downloads\SharePod - CHIP-Installer.exe
Emptytemp:
       
*****************

C:\ProgramData\pkpdklpmmnaojfeffaoemacdnlgnfbpd => Moved successfully.
"C:\Users\All Users\pkpdklpmmnaojfeffaoemacdnlgnfbpd\n9PjHu8.js" => File/Directory not found.
C:\Users\Simeon\Downloads\ace-stream-2-2-1-2-de.exe => Moved successfully.
C:\Users\Simeon\Downloads\Minecraft Server - CHIP-Installer.exe => Moved successfully.
C:\Users\Simeon\Downloads\SharePod - CHIP-Installer.exe => Moved successfully.
EmptyTemp: => Removed 471.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog 18:41:44 ====
Die anderen Sachen erledige ich jetzt noch.

schrauber 09.01.2015 19:55
ok :)

Splasher 09.01.2015 21:02
Zitat:
Zitat von schrauber (Beitrag 1406820)
ok :)
ok vielen dank nochmal^^
eine frage hätte ich aber noch:
welches anti virus programm könntest du mir empfehlen?
ist avast gut?
oder lieber avira

schrauber 09.01.2015 21:03
Auf keinen Fall Avira. Wenn es unbedingt Freeware sein muss und Du auf Werbung stehst, dann Avast.

Ich empfehle immer Emsisoft


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:13 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131