Trojaner-Board
Seite 3 von 5 12 3 45
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Irgendwas Installiert immer programme und öffnet denn Internet Explorer (https://www.trojaner-board.de/166552-irgendwas-installiert-immer-programme-oeffnet-denn-internet-explorer.html)

doublepack 01.05.2015 18:23
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Luke at 2015-05-01 19:21:38
Running from C:\Users\Luke\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2833233637-2508301349-1291184669-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-2833233637-2508301349-1291184669-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2833233637-2508301349-1291184669-1003 - Limited - Enabled)
Luke (S-1-5-21-2833233637-2508301349-1291184669-1001 - Administrator - Enabled) => C:\Users\Luke

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{8FAAC5E4-3361-726A-9F42-F0414FD1D3BC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GUPlayer (remove only) (HKLM-x32\...\GUPlayer) (Version:  - )
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Infonaut 1.10.0.14 (HKLM-x32\...\Infonaut_1.10.0.14) (Version: 1.10.0.14 - Infonaut)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.5.1000 - Maxthon International Limited)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MyPC Backup  (HKLM-x32\...\OLBPre) (Version:  - MyPC Backup) <==== ATTENTION
MyPCBU version 2.25 (HKLM-x32\...\{7D7D6742-5B49-4454-9E9B-748E731E741A}_is1) (Version: 2.25 - )
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
OEM Application Profile (HKLM-x32\...\{E3AE2D4D-5274-CE6B-5434-64DA3131A301}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.206 - McAfee, Inc.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{F7AA162F-C617-4A02-8AC3-42774F81B979}) (Version: 6.1.4.0 - Husdawg, LLC)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WolfTeam-DE (HKLM-x32\...\WolfTeam-DE) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-04-25 02:16 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E6AB538-E1B7-4977-9FF8-8DBE8A90E6B1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {2A704CC2-462E-4532-9931-74B084990D74} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {380D999D-3812-4FA3-9385-1A07BA2F67DF} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {74B63A07-B7A3-40D9-ADA9-CE63E179A1C4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {794707B3-4E0D-41F6-BA1F-F940E3F8EDCB} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {8102A2DB-C0ED-49E3-AADE-D86A4FE86100} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {8F932E87-673D-4CE2-88F5-029E39D77643} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {97B375BE-318B-4783-B3A9-01C18B3AF650} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2015-04-21] (Maxthon International ltd.)
Task: {9832B521-2E64-4246-8503-7FA5BF751DCC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-17] (Google Inc.)
Task: {A238561D-DA95-4A84-BC5C-1CA22C559710} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-26] (Acer Incorporated)
Task: {B5A08449-CFFB-4405-8147-3B1BA272191D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {BE841F3A-EECD-498B-AD6C-559CFF0804C5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {CEE9A210-CE7B-4EFF-A8CF-5B5A2332E578} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {DA53913E-B6AA-4817-BC03-4BED60ACFAC2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-17] (Microsoft Corporation)
Task: {DA9BF4EE-B068-4D93-B13D-2F9D8FF2FC9E} - System32\Tasks\AVAST Software\Avast Integrity Check => C:\WINDOWS\AswCheck.exe [2015-04-29] (AVAST Software s. r. o.)
Task: {DB5406F1-B383-4F63-B395-4E03D22051DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-17] (Google Inc.)
Task: {F4647AF3-5B2C-4CC0-9EED-A434C537A9A5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-21 00:28 - 2015-04-21 00:28 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-06-27 22:29 - 2013-07-30 18:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-06-27 21:54 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-17 07:19 - 2015-03-10 08:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-17 07:19 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-17 07:19 - 2015-04-14 01:44 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-17 07:19 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-17 07:19 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-17 07:19 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-17 07:19 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-17 07:19 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-17 07:19 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-17 07:19 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-17 07:19 - 2015-04-14 01:44 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-06-27 22:29 - 2013-07-30 18:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-04-17 07:19 - 2015-02-25 03:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-04-17 07:19 - 2015-02-25 03:58 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00258944 _____ () C:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00247096 _____ () C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00258944 _____ () C:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00887064 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00109336 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 02128152 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\ffmpegsumo.dll
2013-06-06 23:59 - 2013-06-06 23:59 - 00158744 _____ () C:\Program Files (x86)\Aeria Games\Ignite\AGAkamai.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 04055504 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\pdf.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 16843952 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\Npplugins\NPSWF32_16_0_0_235.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Luke\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Luke\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\StartupFolder: => "Download.lnk"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "iDevice Manager Launcher"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E7554797-41BE-420B-9F5C-1EBE27688857}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{2D338243-2018-4788-BABE-837BD8E40F68}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{59A37F2E-AD53-4FDF-B9F1-9C048715B665}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3CBCB046-FAA3-4709-AA4B-D4E6BFB00084}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3FF686FB-07B4-4F92-BEAD-C4CCA423F721}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E73394DC-5A9B-418B-923A-76099AE77896}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{69655989-5BB2-4CA9-AC4D-22BB40F4CE79}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A8DD827D-44B7-4F01-9B10-6C8C7B2421CF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A6019CFC-B626-4EBA-98CE-122F82B963D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{000F2993-3D1D-4E9F-B5BE-C4F377CD4C39}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{6B553771-7C53-4E02-86EA-CC4FC5659276}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{D1B71D00-1D43-4E67-B6A0-2A69DB6C4849}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{3295121D-F072-4A5D-92B9-31306F4D56A0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{1B33FC17-3AD8-46E8-89F3-241795832DDA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{FB9D8A30-EA0A-4AE0-A143-0D9822556BFA}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{622F1F22-B0E0-4602-88FF-7E4BE5665939}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{1E7D9559-63EC-4D32-BA88-C969DB527D05}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{962B1694-7C6A-48D4-8964-346C11450F03}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{FF8F480F-D39F-4359-BBF4-C1A00B76E43B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{68A1B8D1-6863-4F95-9021-C40449AF7F56}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{60C2F3C5-B1EE-429A-975A-90F0093A4260}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{C72CCF90-1969-46E3-8254-E873C1E820C2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{4B863526-F96D-4A1C-BC11-34D96CED5B7B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{C7007839-AAB2-4721-82DB-41C334145BC6}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F1561C61-0CC3-453E-AA96-80A50073F933}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{0956945E-ECEB-454F-AA7E-3E4E416B94EF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{8483553C-17C6-40E6-8C14-FED5CDA1A2B5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{7219418A-0269-43F4-8637-E3BF19C0C338}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{4A54BFC3-D4FE-4C4C-AFC7-69A630C66FC3}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{D23B23B3-01CE-400B-A884-9762D24CC810}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{59FED6E3-EF16-46D3-8DD8-C36DF47F912B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{E54F8976-3F9C-4949-A45A-1539FF2E344C}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{F48263C3-F917-409F-9702-CF9C9C198F9D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{0D06A8F2-5F3B-4F05-B642-959DB220A0C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{5EE6C1DA-08E6-4857-ADF3-D0A43994F7F8}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{FEE32B52-2861-4E12-8DE6-F5612EE38C50}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{83022108-C32A-40A8-92E9-A3F4808BC15A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{8EBBC63A-315B-4834-88B2-CAEC6FFBC836}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{784E8EFF-739D-44EE-91EB-FCE0AEE7368F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DDD272BD-F836-46B5-97DA-6445F9FBE302}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{55F745E5-9DD0-4AC1-8670-C8A746E1204C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{256972A2-5F68-4277-BC1E-0A9C3FAC9B05}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{34228308-62F7-4877-8EB9-ACEE6E3F24BE}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{ACA4E598-83A4-4F7C-A0DF-2574CDD03756}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4A3DC8F5-7AE0-415E-9D44-2758E8B2CD40}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7C9C10FC-2D80-4E62-8008-D520DB981432}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{8F9439EE-2590-47EE-892D-EA1106AA5869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{EFA6776B-4BFD-4C91-AB95-547A8168AF8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{70E3E026-F6FB-473B-BAD8-D0DDFDD905B6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0770D0BE-C57E-4C92-86F3-C4C54587DC3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1C6FCE1E-66FA-4C9B-8B43-776910F0D503}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8CBBA233-C5F1-419B-9353-9C5711233715}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A7BC554F-8F33-4328-9B65-1F5E75E4427F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{FACEFBF5-B11E-4156-85D6-F7DBAA63C276}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{383B2C2F-786C-499B-A717-18C52C712CB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{E4E54C7E-2E6C-4088-9F0C-658C8521734E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{546DAEFA-E7CC-44DD-B2D9-5BBB431C7D58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{82DF21ED-5735-49CC-A071-9D72E599A137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A5732DD7-EBCB-496A-A89B-51C1A5E1A2F4}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{8824542F-F357-4151-A2EF-7E986145C905}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{87C2D4A0-4619-44B1-AB75-BEC3E782F729}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{6D569F9A-2AB3-4629-A8FD-BA0FF9C7D927}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{306237A1-8C6E-44E1-974C-4E904A8ED4CB}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{19765BC9-502D-43BE-8F46-8FC6B53A86BE}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{F3E80958-FB79-45FE-9676-3FA5CC8553D0}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{012F5B9B-3A58-4797-A685-CB5D046D8039}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [TCP Query User{577A31B1-FC0D-4E81-BEB7-3ECC9F7F0093}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{B0AE0150-6D84-41BF-8675-51328C75E02D}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{EB6CD351-3EC1-4251-85C3-1FC9B26D44E7}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{97A3EED2-4418-4B92-A793-B38A40803068}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{5894B1E8-8FFE-445F-B183-FDC1665C601C}C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2C988805-8DA8-4342-A87A-0C3083029CD3}C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3377194A-0E72-4CA6-8B4B-A638DCD001BC}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{D45510EC-5B2C-4C45-A8BE-4A23B16F4255}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{4DD39C25-CB56-4F35-BB9F-CEB53C9D378F}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{91607FB7-616A-401E-B22E-CC3E2842FDAE}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{FFBA80FC-9BF7-4BAE-9829-D60CF37B2120}] => (Allow) C:\Users\Luke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D6C0FC17-EB84-461A-A7A8-E8E85DAB2237}] => (Allow) C:\Users\Luke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ABE424B3-2C9D-4B8B-A053-0E4E58A723CC}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{EAAF7A58-520C-48A2-9EB2-6C403AF6ADFB}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [TCP Query User{E6704CC5-FDBD-45A8-9858-FA3C61B4A567}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{43569F6A-E34E-42FD-B924-5F64E8531891}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F6318D68-0C39-49D6-88C8-E94174EE956E}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{2F9F0EDE-F98A-48FD-9311-8EBCD66D54A3}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{BA102D17-2FF9-47CC-8098-0708CEBC3DE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5F3E8C8F-2743-4502-A1A0-99294CD3508D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C9CD8245-4C79-483C-B399-3735C8A4A978}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{170C9D24-870A-4752-88D0-39D7F47515BA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{870B228C-8B91-4066-90C7-6AFABE147E24}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F97EB000-B010-4F53-9CD9-5BFA2FF8AEAA}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{77974C3F-126D-4BE9-B13E-E61B8E6CEFE9}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{AECA3B0D-05E3-4D86-81B1-327E1BDC5095}] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{8E3C3A08-08F8-41C7-ACCA-78DAAFEB4F82}] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{1F4F3D50-A2AE-492F-B2D6-B4BD662677CF}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{0A819849-291C-4D86-B2A8-4533197A3331}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{79EF5871-5713-4449-AAA6-C4D3CE263C5B}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{E3E31E13-DEEB-4634-9B54-27C81E766235}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{F67540D9-1ADD-4F24-9D06-DB41FC2ABF80}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{F341A0F9-79CA-4754-B6F2-66BDB236230C}C:\users\luke\desktop\johnyserver\css\srcds.exe] => (Allow) C:\users\luke\desktop\johnyserver\css\srcds.exe
FirewallRules: [UDP Query User{6570CFC7-2BF5-4430-97B1-0A6298175165}C:\users\luke\desktop\johnyserver\css\srcds.exe] => (Allow) C:\users\luke\desktop\johnyserver\css\srcds.exe
FirewallRules: [TCP Query User{A3C6189A-22D7-459D-B5AC-347B014566BC}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [UDP Query User{23988B52-A1DC-4C7A-AAE6-F9A72A414644}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [{6B6DC1FA-C976-4F84-A119-97D9EFF98D9B}] => (Allow) LPort=12000
FirewallRules: [{58612240-A7A8-4BC5-BF08-C018B433E4CF}] => (Allow) LPort=27015
FirewallRules: [TCP Query User{3AB22375-CAF2-4628-B14D-BD254A903407}C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F44DE5B0-95ED-41C2-A771-C4057269AEB3}C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A23FBA4D-C174-49C9-A879-FE982548980F}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{4B78278C-B488-4C26-88E1-8FB2129C64C0}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{5617ABCE-4A30-4B1C-9B38-DF22AEBD1872}] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{182203E0-806E-4661-A4C1-B59EE10E5C26}] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C46AECDE-EFCF-441A-A813-1D460B73E1C9}] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A5FAC95F-A382-4D6D-BA68-4A972637E584}] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B197CC8A-CC1F-4121-B4E1-91A402DB5198}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{20B023C1-D6DC-4A6A-AE97-3515B9511E6C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{26C6452A-F41B-49FC-B057-3A1C51068125}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{DF503139-67E5-43CA-BD72-A33D8084E6FE}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{6046E8C7-C1B5-4244-8988-A43A930BD440}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{0582EEDD-AC07-4A67-B04A-03CC5CDBF7F4}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{51D43F3B-405F-438A-8125-9E123F8486ED}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [TCP Query User{0604BDC8-3442-494A-AB98-6907E965EB58}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{EC7FB41E-5EE3-47AB-8EDE-AE5D89B955BF}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [{7C878BA3-8079-4ED6-9925-48A0C2CB1815}] => (Allow) LPort=54712
FirewallRules: [{D6442184-D1E0-4FC7-B1D2-14374720CC0B}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{32923B18-C9C9-47E4-8959-A193AA718D6D}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin
FirewallRules: [UDP Query User{93E413CE-4029-481B-8A3B-6C02A45DB000}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2015 06:11:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Rhyveeos WT Hack.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 454

Startzeit: 01d08429425de629

Endzeit: 4294967295

Anwendungspfad: C:\Users\Luke\Desktop\Rhyveeo's WT Hack\Rhyveeos WT Hack.exe

Berichts-ID: bcaa7fd6-f01c-11e4-8266-f8a963069189

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2015 03:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TribesAscend.exe, Version: 1.0.1268.1, Zeitstempel: 0x5137c5a5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x0685eebe
ID des fehlerhaften Prozesses: 0x19c8
Startzeit der fehlerhaften Anwendung: 0xTribesAscend.exe0
Pfad der fehlerhaften Anwendung: TribesAscend.exe1
Pfad des fehlerhaften Moduls: TribesAscend.exe2
Berichtskennung: TribesAscend.exe3
Vollständiger Name des fehlerhaften Pakets: TribesAscend.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TribesAscend.exe5

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 00:28:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2406

Error: (05/01/2015 00:28:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2406


System errors:
=============
Error: (05/01/2015 06:00:39 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/01/2015 02:06:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80010108 fehlgeschlagen: MAGIX.MusicMakerJam

Error: (05/01/2015 02:05:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vcs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (05/01/2015 02:03:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Arrange Internet Service Provider" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (05/01/2015 02:03:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Capacity Sort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (05/01/2015 02:03:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (04/30/2015 08:32:16 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {682159D9-C321-47CA-B3F1-30E36B2EC8B9}

Error: (04/30/2015 08:28:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vcs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (04/30/2015 08:26:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Arrange Internet Service Provider" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/30/2015 08:26:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Capacity Sort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (05/01/2015 06:11:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Rhyveeos WT Hack.exe1.0.0.045401d08429425de6294294967295C:\Users\Luke\Desktop\Rhyveeo's WT Hack\Rhyveeos WT Hack.exebcaa7fd6-f01c-11e4-8266-f8a963069189

Error: (05/01/2015 03:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TribesAscend.exe1.0.1268.15137c5a5unknown0.0.0.000000000c00001a50685eebe19c801d0841402a71e82C:\Program Files (x86)\Steam\steamapps\common\tribes\binaries\Win32\TribesAscend.exeunknowndafacff3-f007-11e4-8266-f8a963069189

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (05/01/2015 00:28:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2406

Error: (05/01/2015 00:28:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2406


CodeIntegrity Errors:
===================================
  Date: 2015-05-01 02:05:02.011
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-30 20:28:27.986
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 21:22:55.664
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 14:23:18.733
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 10:12:39.680
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-26 16:53:51.635
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-26 16:04:21.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-26 16:04:21.016
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-25 02:08:49.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-25 02:08:49.281
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 31%
Total physical RAM: 8072.27 MB
Available physical RAM: 5503.38 MB
Total Pagefile: 16264.27 MB
Available Pagefile: 12701.5 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:913.7 GB) (Free:759.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F153F78B)

Partition: GPT Partition Type.

==================== End Of Log ============================

deeprybka 01.05.2015 18:39
OK, dann jetzt bitte einen Suchscan mit ESET:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


doublepack 01.05.2015 21:03
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=af337b45d2e8044a8c532e9b4de740ad
# engine=23654
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-01 07:14:56
# local_time=2015-05-01 09:14:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 17182 7590088 0 0
# scanned=221589
# found=55
# cleaned=55
# scan_time=4583
sh=6162C3EBB455616EA663E557BB201F58E932E263 ft=1 fh=de6eea9bfc2c4ca8 vn="Variante von Win32/Toolbar.CrossRider.CL evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-2833233637-2508301349-1291184669-1001\$RO3XHHM\utility.exe"
sh=56AC31EBC54597C6E194D9B5ADDF6B29458245F9 ft=1 fh=5f3daecbd404e087 vn="Win32/Toolbar.Perion.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\grunt.exe.vir"
sh=66608BCB88F6457E34237167FA6FBC49DD251CED ft=1 fh=d4755eb64e31f0fe vn="Variante von Win32/Toolbar.BitCocktail.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\kasumi32.dll.vir"
sh=A2778D4B49DA215BBD11D9D8CF67F97DF9455757 ft=1 fh=ec14f6e921ad2e8b vn="Variante von Win64/Toolbar.Perion.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\kasumi64.dll.vir"
sh=B3B169E220BD591802B05759ADEE1C353E15B112 ft=1 fh=9d6c1fda665ceb54 vn="Variante von Win32/Toolbar.Perion.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\krios.dll.vir"
sh=014302BCFCE8E95F675D856ADC42614B6769BD78 ft=1 fh=d796cde0598a222b vn="Variante von Win32/Toolbar.Perion.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\krios64.dll.vir"
sh=F5E9CFA83893B70D39165F042DBE6BBDC5BC9DF3 ft=1 fh=cef96969f9ed33f7 vn="Variante von Win64/Toolbar.Perion.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\liara64.dll.vir"
sh=F640C06B85B961C0E251E1302D2913EDD8B44292 ft=1 fh=f978b8eb4c0264ff vn="Variante von Win32/Toolbar.Perion.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\tsoni.dll.vir"
sh=2F4C208655A7EC2BA1D2EE29C6383AAC17948A9E ft=1 fh=e78b89200277aa28 vn="Win32/Toolbar.Perion.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\wrex.exe.vir"
sh=5A10F30C11DCE52228B78385750B0B8BC1ABC042 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Firefox\chrome\content\main.js.vir"
sh=475675CE3DA8A21B0A19168B648659CEAA9D8BE4 ft=1 fh=b2747827ba3c0ab8 vn="Variante von Win32/TrojanDropper.Addrop.F Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe.vir"
sh=E0359B12A990BB29A0DB03E0FEDD5D84FB760EB3 ft=1 fh=600949467ccd7b6e vn="Variante von Win32/Adware.Vitruvian.F Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe.vir"
sh=3D3CF6DD590E5D3D4350AA5556BFC083F23399E8 ft=1 fh=0b9a4d1394aa1459 vn="Variante von Win32/BrowseFox.AE evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\MetalMakerbho.dll.vir"
sh=49292E75F83A34CFF770DC833335EB15E3B8453B ft=1 fh=31da4f96eac29ca0 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\updateMetalMaker.exe.vir"
sh=512DBFA22B77113A45660E969C776BF0EE28196A ft=1 fh=adf4d8a5ab057422 vn="Variante von Win32/BrowseFox.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\b94c3215569a484c84dc.dll.vir"
sh=172E4C933605C12EE0F85662D66F5F133DB62949 ft=1 fh=97879c0fc9497b72 vn="Variante von Win64/BrowseFox.CI evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\b94c3215569a484c84dc64.dll.vir"
sh=4B6B489055C9167D53E3219E47D7C3BB730094E4 ft=1 fh=98f70c4b772cf65c vn="Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\b94c3215569a484c84dcf0bcf79c44cc.dll.vir"
sh=8318D170860719F44AD3A5D36B38229BD290FF9B ft=1 fh=b933ecff1af5bfec vn="Variante von Win64/BrowseFox.CK evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\b94c3215569a484c84dcf0bcf79c44cc64.dll.vir"
sh=FED419E2F869209D36EF6D04B16A351A815EC593 ft=1 fh=5cfa0585439b97fc vn="Variante von Win32/BrowseFox.AA evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\MetalMaker.expext.exe.vir"
sh=C78C136529EA3B14A6C4E268A874F7C2F0425037 ft=1 fh=65c3afd72e40d529 vn="Variante von Win64/BrowseFox.CJ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\MetalMaker.expextdll.dll.vir"
sh=35688A20A537EAA767BFAB411DD25CDDC394CB0A ft=1 fh=c6afef4d7d30b975 vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\MetalMaker.PurBrowse64.exe.vir"
sh=49292E75F83A34CFF770DC833335EB15E3B8453B ft=1 fh=31da4f96eac29ca0 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\utilMetalMaker.exe.vir"
sh=3B59A5D90CE64BE7E656C435B9891BCC9029402D ft=1 fh=d70e01cc7c367b15 vn="Variante von MSIL/BrowseFox.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.BrowserAdapter.dll.vir"
sh=5C2C61076D4BC339C9F0E8B43FBE9A81A688C264 ft=1 fh=014bd216b4eaff1e vn="Variante von MSIL/BrowseFox.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.CompatibilityChecker.dll.vir"
sh=E96CC45495EA27590EC763C68546CC0E3337BC84 ft=1 fh=7f59a34eb4139869 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.ExpExt.dll.vir"
sh=1177C53B9DE5BE9B315046C0028CFBB0ED6FDC5F ft=1 fh=6769511bcdb28cbe vn="Variante von MSIL/BrowseFox.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.FFUpdate.dll.vir"
sh=AD9DD5E13C2AD445CD96EFBF2CBD15881E6E3F5C ft=1 fh=296170edf6b7434c vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.GCUpdate.dll.vir"
sh=1003653ECA5E21EEBB77C1E24C5CBEEF712C9FBD ft=1 fh=33744a8ab8b6ca75 vn="Variante von MSIL/BrowseFox.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Metal Maker\bin\plugins\MetalMaker.PurBrowseG.dll.vir"
sh=5424684425CB556C39036E36DBF62808C7E346BE ft=1 fh=7f02cd4631e874fb vn="Variante von Win32/LiMo.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Priceless\fsf_luckysearches.exe.vir"
sh=A9EF12C7BF25D85DFAD98B5194B16BDAC475BCE1 ft=1 fh=468636d7038cc053 vn="Variante von Win64/Adware.MultiPlug.G Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Priceless\ieIvQ8uRteeneE.x64.dll.vir"
sh=097FBA7CE18A98F929922A317781DC56A9F40D12 ft=1 fh=468636d7034faa75 vn="Variante von Win64/Adware.MultiPlug.G Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Priceless\wCVy4eyEgARmDz.x64.dll.vir"
sh=810C1517C36278077DAB711A8F81B9F9D08E43F0 ft=1 fh=d5a7903e1ff68e8e vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir"
sh=7E105A4FE49D55CB3B71D8A91E6AD207E3BE1976 ft=1 fh=c5e772386234733f vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir"
sh=5D628376391A827A818B0A079B64EE457AE9B82A ft=1 fh=c71c0011e2e7a7a5 vn="Variante von Win32/ELEX.DH evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir"
sh=07097986407A53ADBFC7C2A6BCCBACF41F8971B7 ft=1 fh=f231f1e4c2bc3212 vn="Variante von Win32/ELEX.CY evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\CmdShell.exe.vir"
sh=4E409DDB2156AF741787458B35CECE4AC41FD8B0 ft=1 fh=33cac8fcf432a6a1 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\IeWatchDog.dll.vir"
sh=4E26DB266B754B627810C44A82C7484086F1CB3E ft=1 fh=8c26b72adef72cc0 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir"
sh=443E85926A955DB76F781D664702BB9D09D99E3E ft=1 fh=866e3f1468aa3f56 vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab.dll.vir"
sh=E5CDD06C50650131591DAE0945340AA6ADC55E02 ft=1 fh=aaaec5f7af2e8f4b vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=3010EFD51E26234903A4940B8FD5FFE041C5B3E7 ft=1 fh=d7420a3702832fd1 vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\XVrbwwYL\DDYvwy.exe.vir"
sh=916C74D4E0DBD698830C3B354FAB81E0A82A0359 ft=1 fh=756b3818801f591f vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\XVrbwwYL\dat\dUNSRf.dll.vir"
sh=CCB217F4410CF9CD047E5BA70754BABD78C3AB5C ft=1 fh=2aa92707f099d5ed vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\XVrbwwYL\dat\jHZIZzHDQ.exe.vir"
sh=19B0F2DC985715E7A670237B0A64CE34174B6B01 ft=1 fh=e3714fb3c80678fb vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\XVrbwwYL\dat\rNFyYk.exe.vir"
sh=1CA2FF0ADAC6F5DDD4B0D40A4C4400CE5BC9F364 ft=1 fh=4812958a0b79b25f vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\XVrbwwYL\dat\rXrDvsjSWn.dll.vir"
sh=472BDCD077DC2243545BA27BC616A3A20D75AF96 ft=1 fh=e18e48c24834fa94 vn="Variante von Win32/Adware.MultiPlug.JM Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\{0b69d174-b53b-1b86-0b69-9d174b5345d2}\Download.exe.vir"
sh=6142578CD21CF27FD3C1B3A4F0626DE9FC6DF275 ft=1 fh=a0b7e9a9340cf144 vn="Variante von Win32/PriceGong.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Local\SmartWeb\SmartWebApp.exe.vir"
sh=AA2BA9D6607589A3C93D1C760E3512EC8E61F968 ft=1 fh=f770637cdb111250 vn="Variante von Win32/PriceGong.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Local\SmartWeb\SmartWebHelper.exe.vir"
sh=080016256C564232771ED8D6EFFC94ECAECAD316 ft=1 fh=bfc1d533ef10baf8 vn="Variante von Win32/PriceGong.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Local\SmartWeb\swhk.dll.vir"
sh=8B1E757FED612F83F5646D642448151D0F765BAF ft=1 fh=e9bf88bce020d171 vn="Win32/Adware.ConvertAd.KB Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Roaming\ASPackage\ASPackage.exe.vir"
sh=8B1E757FED612F83F5646D642448151D0F765BAF ft=1 fh=e9bf88bce020d171 vn="Win32/Adware.ConvertAd.KB Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Roaming\B835A680-1430335704-E311-B039-F8A963069189\vnse71BE.tmp.vir"
sh=8B1E757FED612F83F5646D642448151D0F765BAF ft=1 fh=e9bf88bce020d171 vn="Win32/Adware.ConvertAd.KB Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Luke\AppData\Roaming\B835A680-1430417623-E311-B039-F8A963069189\vnsk6FE8.tmp.vir"
sh=5558E78B1FE15A8C632C0CA2B1E3DF9A3D5EAB36 ft=1 fh=ddeea299b57e1104 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir"
sh=4508C462C2F088919418F35A16E617FCCEB7839C ft=1 fh=0e258cef64efb25f vn="Variante von Win32/Adware.ConvertAd.KY Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Luke\AppData\Local\Microsoft\Windows\INetCache\IE\WAL98EJJ\CASrv[1].exe"
sh=FB5D3C024D8252E2BB2E98DD6DD5D487BEDF5D44 ft=1 fh=9e70f47c3a7b9e39 vn="Win32/VOPackage.BV evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Luke\AppData\Local\Microsoft\Windows\INetCache\IE\WAL98EJJ\count_vc[1].htm"
sh=CDFBA8C29E7E30F1B3D0CDB992EED4792A18010B ft=1 fh=e7539694541621ce vn="Variante von Win32/Adware.ConvertAd.KS Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows\Temp\_avast_\unp177670351.tmp"

deeprybka 02.05.2015 12:32
Hi,

Google Chrome bitte mit Revo deinstallieren. Wenn benötigt, neue Version installieren.

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...st/frstfix.png

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w8.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
Startup: C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download.lnk [2015-04-29]
C:\ProgramData\{0b69d174-b53b-1b86-0b69-9d174b5345d2}\
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
GroupPolicy: Group Policy on Chrome detected
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {BB866FE7-57AF-456D-B09C-81C3118619DA} URL =
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: No Name -> {141c9d6a-65cf-4420-b8e4-88b4268a9e14} ->  No File
BHO: No Name -> {5fb97375-172f-4a69-89f0-bc02a68bacee} ->  No File
EmptyTemp:
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Fix-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.


Nach dem Reboot:

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs. (Der erste Teil des Logs - bis One Month Created Files and Folders - reicht aus...)

http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

doublepack 02.05.2015 13:10
wenn ich auf denn Fix button drücke steht da No fiixlist.txt found

deeprybka 02.05.2015 13:15
Hast die Fixlist auch auf dem Desktop abgespeichert? ;)

doublepack 02.05.2015 14:15
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2015
Ran by Luke at 2015-05-02 15:14:38 Run:1
Running from C:\Users\Luke\Desktop
Loaded Profiles: Luke (Available profiles: Luke & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************

*****************


==== End of Fixlog 15:14:38 ====

deeprybka 02.05.2015 14:16
Bitte lies nochmal die Anleitung zur Erstellung der Fixlist.

doublepack 02.05.2015 14:19
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by Luke at 2015-05-02 15:18:09
Running from C:\Users\Luke\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2833233637-2508301349-1291184669-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-2833233637-2508301349-1291184669-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2833233637-2508301349-1291184669-1003 - Limited - Enabled)
Luke (S-1-5-21-2833233637-2508301349-1291184669-1001 - Administrator - Enabled) => C:\Users\Luke

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{8FAAC5E4-3361-726A-9F42-F0414FD1D3BC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.5.1000 - Maxthon International Limited)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
OEM Application Profile (HKLM-x32\...\{E3AE2D4D-5274-CE6B-5434-64DA3131A301}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.206 - McAfee, Inc.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{F7AA162F-C617-4A02-8AC3-42774F81B979}) (Version: 6.1.4.0 - Husdawg, LLC)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()

==================== Restore Points  =========================

01-05-2015 20:00:47 Removed Aeria Ignite

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-04-25 02:16 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E6AB538-E1B7-4977-9FF8-8DBE8A90E6B1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {2A704CC2-462E-4532-9931-74B084990D74} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {380D999D-3812-4FA3-9385-1A07BA2F67DF} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {74B63A07-B7A3-40D9-ADA9-CE63E179A1C4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {794707B3-4E0D-41F6-BA1F-F940E3F8EDCB} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {8102A2DB-C0ED-49E3-AADE-D86A4FE86100} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {8F932E87-673D-4CE2-88F5-029E39D77643} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {97B375BE-318B-4783-B3A9-01C18B3AF650} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2015-04-21] (Maxthon International ltd.)
Task: {A238561D-DA95-4A84-BC5C-1CA22C559710} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-26] (Acer Incorporated)
Task: {B5A08449-CFFB-4405-8147-3B1BA272191D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {BE841F3A-EECD-498B-AD6C-559CFF0804C5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {CEE9A210-CE7B-4EFF-A8CF-5B5A2332E578} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {DA53913E-B6AA-4817-BC03-4BED60ACFAC2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-17] (Microsoft Corporation)
Task: {DA9BF4EE-B068-4D93-B13D-2F9D8FF2FC9E} - System32\Tasks\AVAST Software\Avast Integrity Check => C:\WINDOWS\AswCheck.exe [2015-04-29] (AVAST Software s. r. o.)
Task: {F4647AF3-5B2C-4CC0-9EED-A434C537A9A5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)

==================== Loaded Modules (whitelisted) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-21 00:28 - 2015-04-21 00:28 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-06-27 22:29 - 2013-07-30 18:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-06-27 21:54 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00258944 _____ () C:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00247096 _____ () C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00258944 _____ () C:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00887064 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2015-04-21 14:13 - 2015-03-12 09:03 - 00109336 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Luke\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Luke\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\StartupFolder: => "Download.lnk"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\StartupApproved\Run: => "iDevice Manager Launcher"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E7554797-41BE-420B-9F5C-1EBE27688857}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{2D338243-2018-4788-BABE-837BD8E40F68}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{59A37F2E-AD53-4FDF-B9F1-9C048715B665}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3CBCB046-FAA3-4709-AA4B-D4E6BFB00084}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3FF686FB-07B4-4F92-BEAD-C4CCA423F721}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E73394DC-5A9B-418B-923A-76099AE77896}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{69655989-5BB2-4CA9-AC4D-22BB40F4CE79}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A8DD827D-44B7-4F01-9B10-6C8C7B2421CF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A6019CFC-B626-4EBA-98CE-122F82B963D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{000F2993-3D1D-4E9F-B5BE-C4F377CD4C39}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{6B553771-7C53-4E02-86EA-CC4FC5659276}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{D1B71D00-1D43-4E67-B6A0-2A69DB6C4849}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{3295121D-F072-4A5D-92B9-31306F4D56A0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{1B33FC17-3AD8-46E8-89F3-241795832DDA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{FB9D8A30-EA0A-4AE0-A143-0D9822556BFA}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{622F1F22-B0E0-4602-88FF-7E4BE5665939}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{1E7D9559-63EC-4D32-BA88-C969DB527D05}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{962B1694-7C6A-48D4-8964-346C11450F03}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{FF8F480F-D39F-4359-BBF4-C1A00B76E43B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{68A1B8D1-6863-4F95-9021-C40449AF7F56}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{60C2F3C5-B1EE-429A-975A-90F0093A4260}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{C72CCF90-1969-46E3-8254-E873C1E820C2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{4B863526-F96D-4A1C-BC11-34D96CED5B7B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{C7007839-AAB2-4721-82DB-41C334145BC6}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F1561C61-0CC3-453E-AA96-80A50073F933}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{0956945E-ECEB-454F-AA7E-3E4E416B94EF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{8483553C-17C6-40E6-8C14-FED5CDA1A2B5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{7219418A-0269-43F4-8637-E3BF19C0C338}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{4A54BFC3-D4FE-4C4C-AFC7-69A630C66FC3}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{D23B23B3-01CE-400B-A884-9762D24CC810}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{59FED6E3-EF16-46D3-8DD8-C36DF47F912B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{E54F8976-3F9C-4949-A45A-1539FF2E344C}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{F48263C3-F917-409F-9702-CF9C9C198F9D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{0D06A8F2-5F3B-4F05-B642-959DB220A0C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{5EE6C1DA-08E6-4857-ADF3-D0A43994F7F8}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{FEE32B52-2861-4E12-8DE6-F5612EE38C50}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{83022108-C32A-40A8-92E9-A3F4808BC15A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{8EBBC63A-315B-4834-88B2-CAEC6FFBC836}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{784E8EFF-739D-44EE-91EB-FCE0AEE7368F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DDD272BD-F836-46B5-97DA-6445F9FBE302}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{55F745E5-9DD0-4AC1-8670-C8A746E1204C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{256972A2-5F68-4277-BC1E-0A9C3FAC9B05}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{34228308-62F7-4877-8EB9-ACEE6E3F24BE}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{ACA4E598-83A4-4F7C-A0DF-2574CDD03756}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4A3DC8F5-7AE0-415E-9D44-2758E8B2CD40}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7C9C10FC-2D80-4E62-8008-D520DB981432}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{8F9439EE-2590-47EE-892D-EA1106AA5869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{EFA6776B-4BFD-4C91-AB95-547A8168AF8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{70E3E026-F6FB-473B-BAD8-D0DDFDD905B6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0770D0BE-C57E-4C92-86F3-C4C54587DC3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1C6FCE1E-66FA-4C9B-8B43-776910F0D503}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8CBBA233-C5F1-419B-9353-9C5711233715}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A7BC554F-8F33-4328-9B65-1F5E75E4427F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{FACEFBF5-B11E-4156-85D6-F7DBAA63C276}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{383B2C2F-786C-499B-A717-18C52C712CB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{E4E54C7E-2E6C-4088-9F0C-658C8521734E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{546DAEFA-E7CC-44DD-B2D9-5BBB431C7D58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{82DF21ED-5735-49CC-A071-9D72E599A137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A5732DD7-EBCB-496A-A89B-51C1A5E1A2F4}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{8824542F-F357-4151-A2EF-7E986145C905}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{87C2D4A0-4619-44B1-AB75-BEC3E782F729}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{6D569F9A-2AB3-4629-A8FD-BA0FF9C7D927}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{306237A1-8C6E-44E1-974C-4E904A8ED4CB}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{19765BC9-502D-43BE-8F46-8FC6B53A86BE}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{F3E80958-FB79-45FE-9676-3FA5CC8553D0}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{012F5B9B-3A58-4797-A685-CB5D046D8039}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [TCP Query User{577A31B1-FC0D-4E81-BEB7-3ECC9F7F0093}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [UDP Query User{B0AE0150-6D84-41BF-8675-51328C75E02D}C:\program files\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{EB6CD351-3EC1-4251-85C3-1FC9B26D44E7}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{97A3EED2-4418-4B92-A793-B38A40803068}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [TCP Query User{5894B1E8-8FFE-445F-B183-FDC1665C601C}C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2C988805-8DA8-4342-A87A-0C3083029CD3}C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3377194A-0E72-4CA6-8B4B-A638DCD001BC}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{D45510EC-5B2C-4C45-A8BE-4A23B16F4255}] => (Allow) C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe
FirewallRules: [{4DD39C25-CB56-4F35-BB9F-CEB53C9D378F}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{91607FB7-616A-401E-B22E-CC3E2842FDAE}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{FFBA80FC-9BF7-4BAE-9829-D60CF37B2120}] => (Allow) C:\Users\Luke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D6C0FC17-EB84-461A-A7A8-E8E85DAB2237}] => (Allow) C:\Users\Luke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{ABE424B3-2C9D-4B8B-A053-0E4E58A723CC}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{EAAF7A58-520C-48A2-9EB2-6C403AF6ADFB}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [TCP Query User{E6704CC5-FDBD-45A8-9858-FA3C61B4A567}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{43569F6A-E34E-42FD-B924-5F64E8531891}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F6318D68-0C39-49D6-88C8-E94174EE956E}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{2F9F0EDE-F98A-48FD-9311-8EBCD66D54A3}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{BA102D17-2FF9-47CC-8098-0708CEBC3DE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5F3E8C8F-2743-4502-A1A0-99294CD3508D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C9CD8245-4C79-483C-B399-3735C8A4A978}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{170C9D24-870A-4752-88D0-39D7F47515BA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{870B228C-8B91-4066-90C7-6AFABE147E24}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F97EB000-B010-4F53-9CD9-5BFA2FF8AEAA}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{77974C3F-126D-4BE9-B13E-E61B8E6CEFE9}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{AECA3B0D-05E3-4D86-81B1-327E1BDC5095}] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{8E3C3A08-08F8-41C7-ACCA-78DAAFEB4F82}] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{1F4F3D50-A2AE-492F-B2D6-B4BD662677CF}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{0A819849-291C-4D86-B2A8-4533197A3331}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Hi.exe
FirewallRules: [{79EF5871-5713-4449-AAA6-C4D3CE263C5B}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{E3E31E13-DEEB-4634-9B54-27C81E766235}] => (Allow) C:\Program Files (x86)\Alarm für Cobra 11 - Das Syndikat - DEMO\CrashTime4Low.exe
FirewallRules: [{F67540D9-1ADD-4F24-9D06-DB41FC2ABF80}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{F341A0F9-79CA-4754-B6F2-66BDB236230C}C:\users\luke\desktop\johnyserver\css\srcds.exe] => (Allow) C:\users\luke\desktop\johnyserver\css\srcds.exe
FirewallRules: [UDP Query User{6570CFC7-2BF5-4430-97B1-0A6298175165}C:\users\luke\desktop\johnyserver\css\srcds.exe] => (Allow) C:\users\luke\desktop\johnyserver\css\srcds.exe
FirewallRules: [TCP Query User{A3C6189A-22D7-459D-B5AC-347B014566BC}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [UDP Query User{23988B52-A1DC-4C7A-AAE6-F9A72A414644}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [{6B6DC1FA-C976-4F84-A119-97D9EFF98D9B}] => (Allow) LPort=12000
FirewallRules: [{58612240-A7A8-4BC5-BF08-C018B433E4CF}] => (Allow) LPort=27015
FirewallRules: [TCP Query User{3AB22375-CAF2-4628-B14D-BD254A903407}C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F44DE5B0-95ED-41C2-A771-C4057269AEB3}C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A23FBA4D-C174-49C9-A879-FE982548980F}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{4B78278C-B488-4C26-88E1-8FB2129C64C0}] => (Allow) C:\program files\java\jre1.8.0_45\bin\java.exe
FirewallRules: [{5617ABCE-4A30-4B1C-9B38-DF22AEBD1872}] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{182203E0-806E-4661-A4C1-B59EE10E5C26}] => (Allow) C:\users\luke\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C46AECDE-EFCF-441A-A813-1D460B73E1C9}] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A5FAC95F-A382-4D6D-BA68-4A972637E584}] => (Allow) C:\users\luke\desktop\neuer ordner\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B197CC8A-CC1F-4121-B4E1-91A402DB5198}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{20B023C1-D6DC-4A6A-AE97-3515B9511E6C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{26C6452A-F41B-49FC-B057-3A1C51068125}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{DF503139-67E5-43CA-BD72-A33D8084E6FE}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [TCP Query User{0582EEDD-AC07-4A67-B04A-03CC5CDBF7F4}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{51D43F3B-405F-438A-8125-9E123F8486ED}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [TCP Query User{0604BDC8-3442-494A-AB98-6907E965EB58}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{EC7FB41E-5EE3-47AB-8EDE-AE5D89B955BF}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{32923B18-C9C9-47E4-8959-A193AA718D6D}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin
FirewallRules: [UDP Query User{93E413CE-4029-481B-8A3B-6C02A45DB000}C:\aeriagames\wolfteam-de\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam-de\wolfteam.bin
FirewallRules: [{88E3A456-76DF-45D5-992F-71E222F9001E}] => (Allow) LPort=49445
FirewallRules: [{30473293-12A7-480D-8372-7FE00E3CC6CC}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{72EA2587-4950-4468-B960-44D451FCEA80}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2248DE7F-CD32-4469-8388-278BF0BB2B69}C:\users\luke\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\luke\appdata\local\akamai\netsession_win.exe
FirewallRules: [{7242014B-C658-4C4B-BC01-C08991D9BC8D}] => (Allow) LPort=49832
FirewallRules: [{DBA9A556-34E3-4B63-B679-4697616A3050}] => (Allow) LPort=5000

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2015 10:02:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (05/01/2015 10:02:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (05/01/2015 10:01:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (05/01/2015 07:54:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (05/01/2015 06:11:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Rhyveeos WT Hack.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 454

Startzeit: 01d08429425de629

Endzeit: 4294967295

Anwendungspfad: C:\Users\Luke\Desktop\Rhyveeo's WT Hack\Rhyveeos WT Hack.exe

Berichts-ID: bcaa7fd6-f01c-11e4-8266-f8a963069189

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2015 03:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TribesAscend.exe, Version: 1.0.1268.1, Zeitstempel: 0x5137c5a5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x0685eebe
ID des fehlerhaften Prozesses: 0x19c8
Startzeit der fehlerhaften Anwendung: 0xTribesAscend.exe0
Pfad der fehlerhaften Anwendung: TribesAscend.exe1
Pfad des fehlerhaften Moduls: TribesAscend.exe2
Berichtskennung: TribesAscend.exe3
Vollständiger Name des fehlerhaften Pakets: TribesAscend.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TribesAscend.exe5

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.


System errors:
=============
Error: (05/02/2015 01:10:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vcs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (05/02/2015 01:08:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Arrange Internet Service Provider" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (05/02/2015 01:08:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Capacity Sort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (05/02/2015 01:07:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (05/02/2015 01:07:54 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎02.‎05.‎2015 um 00:42:28 unerwartet heruntergefahren.

Error: (05/01/2015 09:58:49 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.11
registriert werden. Der Computer mit IP-Adresse 192.168.1.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (05/01/2015 09:58:28 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.

Error: (05/01/2015 09:58:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vcs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (05/01/2015 09:56:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Arrange Internet Service Provider" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (05/01/2015 09:56:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Capacity Sort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3


Microsoft Office Sessions:
=========================
Error: (05/01/2015 10:02:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (05/01/2015 10:02:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Luke\Desktop\esetsmartinstaller_deu.exe

Error: (05/01/2015 10:01:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Luke\Desktop\esetsmartinstaller_deu.exe

Error: (05/01/2015 07:54:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Luke\AppData\Local\Temp\esetsmartinstaller_deu.exe

Error: (05/01/2015 06:11:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Rhyveeos WT Hack.exe1.0.0.045401d08429425de6294294967295C:\Users\Luke\Desktop\Rhyveeo's WT Hack\Rhyveeos WT Hack.exebcaa7fd6-f01c-11e4-8266-f8a963069189

Error: (05/01/2015 03:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TribesAscend.exe1.0.1268.15137c5a5unknown0.0.0.000000000c00001a50685eebe19c801d0841402a71e82C:\Program Files (x86)\Steam\steamapps\common\tribes\binaries\Win32\TribesAscend.exeunknowndafacff3-f007-11e4-8266-f8a963069189

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (05/01/2015 03:11:19 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (05/01/2015 02:07:23 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4


CodeIntegrity Errors:
===================================
  Date: 2015-05-02 01:10:08.150
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-05-01 21:58:00.893
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-05-01 02:05:02.011
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-30 20:28:27.986
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 21:22:55.664
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 14:23:18.733
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-29 10:12:39.680
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-26 16:53:51.635
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-26 16:04:21.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-26 16:04:21.016
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 42%
Total physical RAM: 8072.27 MB
Available physical RAM: 4677.14 MB
Total Pagefile: 16264.27 MB
Available Pagefile: 12857.05 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:913.7 GB) (Free:791.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F153F78B)

Partition: GPT Partition Type.

==================== End Of Log ============================

deeprybka 02.05.2015 14:20
Ne, ne...

doublepack 02.05.2015 14:25
das habe ich gemacht und habe nochmal denn Fixbutton gedrückt und nur dies steht in der fixlog.txt

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by Luke (administrator) on LUKAS on 02-05-2015 15:15:30
Running from C:\Users\Luke\Desktop
Loaded Profiles: Luke (Available profiles: Luke & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\Luke\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Luke\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Electronic Arts, Inc.) C:\Program Files (x86)\Electronic Arts\Die Sims 3\Game\Bin\TS3.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Luke\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
Startup: C:\Users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download.lnk [2015-04-29]
ShortcutTarget: Download.lnk -> C:\ProgramData\{0b69d174-b53b-1b86-0b69-9d174b5345d2}\Download.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-2833233637-2508301349-1291184669-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {BB866FE7-57AF-456D-B09C-81C3118619DA} URL =
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
SearchScopes: HKU\S-1-5-21-2833233637-2508301349-1291184669-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: No Name -> {141c9d6a-65cf-4420-b8e4-88b4268a9e14} ->  No File
BHO: No Name -> {5fb97375-172f-4a69-89f0-bc02a68bacee} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-24] (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-24] (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\ce36tu02.default
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-24] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-05-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-31]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-21]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-04-10] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-24] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2015-04-21] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 kygyhosy; No ImagePath
S2 mewobidy; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S2 vcs; C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [4096 2015-04-21] () [File not signed]
R3 VCSVADHWSer; C:\Windows\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
S3 xspirit; \??\C:\WINDOWS\xspirit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

deeprybka 02.05.2015 14:25
Liste der Anhänge anzeigen (Anzahl: 1)
Die Fixlist war aber leer. ;)

Zitat:
Content of fixlist:
*****************

*****************
Bitte die angehängte mal auf dem Desktop abspeichern und die Schritte wiederholen.

doublepack 02.05.2015 14:27
würde vielleicht ein neustart Helfen?? könnte es daran liegen?.

deeprybka 02.05.2015 14:27
Bitte das machen was ich gepostet habe. :)

doublepack 02.05.2015 14:28
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2015
Ran by Luke at 2015-05-02 15:20:28 Run:2
Running from C:\Users\Luke\Desktop
Loaded Profiles: Luke (Available profiles: Luke & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************

*****************


==== End of Fixlog 15:20:28 ====


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:12 Uhr.
Seite 3 von 5 12 3 45
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58