Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: DHL Mail mit Link! Wohin führt dieser?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.05.2015, 08:23   #1
Roxxi
 
DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



Hallo Ihr,
ich habe gestern die berüchtigte DHL Mail erhalten und leider den Link angeklickt, was mir zum erstenmal passiert ist.
Ich Dussel habe nicht auf den Absender (Kundenservice DHL Express <maja.atanasovska@targetcomm.com.mk>) geschaut, da ich ein Paket erwarte.
Die Linkadresse ist diese
hxxp://espace-client.topic-topos.com/templates/.svn/DXaikO78QVqK (die beiden xx stehen natürlich für tt, geht aber nicht anders)

Ich habe sofort meinen PC mit Avira gescannt, es wurde nichts gefunden.
Was muss ich noch machen?
Viele Grüße Roxxi

Geändert von Roxxi (05.05.2015 um 08:30 Uhr)

Alt 05.05.2015, 08:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 05.05.2015, 08:47   #3
Roxxi
 
DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



Zitat:
Zitat von schrauber Beitrag anzeigen
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
Hallo Schrauber,

vielen Dank für die schnelle Antwort, aber im Moment kann ich an dem infizierten PC nichts machen der steht Zuhause und den Router habe ich vorsichtshalber abgeschaltet. Ich bin erst heute abend wieder dort und kann was daran machen. Kannst du mir schon mal eine Programmlisten empfehlung geben, die ich mir hier an einem anderen PC zur Bereitstellung auf einen USB-Stick downloaden kann um dann nach deinen Anweisungen zu handeln?
Viele Grüße Roxxi
__________________

Alt 05.05.2015, 11:42   #4
schrauber
/// the machine
/// TB-Ausbilder
 

DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



Erstmal nix, nur FRST, ich schau dann in die Logs ob überhaupt was zu machen ist
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.05.2015, 14:38   #5
Roxxi
 
DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



Zitat:
Zitat von schrauber Beitrag anzeigen
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
Erstmal vielen Dank für die Hilfe und nun die beiden logs

FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by Eggi (administrator) on EGGISACER on 05-05-2015 14:30:35
Running from C:\Users\Eggi\Desktop\Sicherheitsprogramme
Loaded Profiles: Eggi (Available profiles: Eggi)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-04-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-03-18] (Acer Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Standby] => C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe [105632 2010-03-18] (Corel)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-10-16] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2015-04-16] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Atheros Communications)
HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\Run: [VitaDock] => C:\Program Files (x86)\VitaDock\VitaDock.exe [975360 2014-04-09] (Medisana)
HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\Run: [Remote Control Editor] => C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTVRC.exe [1835008 2012-07-05] (Elgato Systems)
HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\RunOnce: [Application Restart #0] => C:\Users\Eggi\AppData\Local\Pokki\Engine\HostAppService.exe [7843656 2015-01-01] (Pokki)
HKU\S-1-5-21-512139159-3480901023-2481466660-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-512139159-3480901023-2481466660-1001 -> DefaultScope {7506FAAD-16EA-443B-AEA1-9A8050EA746C} URL = 
SearchScopes: HKU\S-1-5-21-512139159-3480901023-2481466660-1001 -> {7506FAAD-16EA-443B-AEA1-9A8050EA746C} URL = 
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-12-02] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\ThcDeskBand.dll [2011-06-24] (TerraTec Electronic GmbH)
Hosts: 131.188.12.8	vpn.fau.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0-rc2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-11-22] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-02-11] (Nero AG)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)
FF SearchPlugin: C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\searchplugins\avira-safesearch.xml [2015-02-26]
FF SearchPlugin: C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\searchplugins\englische-ergebnisse.xml [2013-10-23]
FF SearchPlugin: C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\searchplugins\gmx-suche.xml [2013-10-23]
FF SearchPlugin: C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\searchplugins\lastminute.xml [2013-10-23]
FF SearchPlugin: C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\searchplugins\suchmaschinenvergleich.xml [2012-12-07]
FF SearchPlugin: C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\searchplugins\webde-suche.xml [2013-10-23]
FF SearchPlugin: C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\searchplugins\webssearches.xml [2015-02-12]
FF Extension: Avira Browser Safety - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\abs@avira.com [2015-04-27]
FF Extension: BYTubeD - Bulk YouTube video Downloader - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\bytubed@cs213.cse.iitk.ac.in [2014-12-21]
FF Extension: IE Tab + - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\coralietab@mozdev.org [2014-12-21]
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\donottrackplus@abine.com [2014-12-21]
FF Extension: NetVideoHunter - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\netvideohunter@netvideohunter.com [2015-04-12]
FF Extension: Avira SafeSearch - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\safesearch@avira.com [2015-04-27]
FF Extension: WEB.DE MailCheck - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\toolbar@web.de [2015-04-17]
FF Extension: CSHelper - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2014-12-21]
FF Extension: Bitdefender QuickScan - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-12-21]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-04-01]
FF Extension: FastestFox - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\smarterwiki@wikiatic.com.xpi [2014-12-21]
FF Extension: Google  Image Search - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi [2014-12-21]
FF Extension: Show my Password - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi [2014-12-21]
FF Extension: Search By Image (by Google) - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [2014-12-21]
FF Extension: Adblock Plus - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-21]
FF Extension: BetterPrivacy - C:\Users\Eggi\AppData\Roaming\Mozilla\Firefox\Profiles\87wkipbr.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-12-21]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-12-13]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-12-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2749696 2015-03-18] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2014-12-17] (WildTangent)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-04-09] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-04-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-04-09] (NVIDIA Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-21] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-21] (Acer Incorporate)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 CYDTV_SRV; C:\Windows\system32\drivers\cydtv.sys [577192 2012-11-13] ( )
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-04-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-09] (NVIDIA Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 14:30 - 2015-05-05 14:30 - 00000000 ____D () C:\FRST
2015-05-05 14:08 - 2015-05-05 14:30 - 00000000 ____D () C:\Users\Eggi\Desktop\Sicherheitsprogramme
2015-05-03 13:15 - 2015-05-03 13:15 - 00000614 _____ () C:\Windows\PFRO.log
2015-04-29 22:03 - 2015-05-05 14:26 - 00006247 _____ () C:\Windows\setupact.log
2015-04-29 22:03 - 2015-04-29 22:03 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-29 19:52 - 2015-04-29 19:52 - 06484352 _____ (Piriform Ltd) C:\Users\Eggi\Downloads\ccsetup505.exe
2015-04-27 22:46 - 2015-04-27 22:46 - 11259212 _____ () C:\Users\Eggi\Desktop\schule - YouTube.mp4
2015-04-24 23:25 - 2015-04-17 16:49 - 286344939 _____ () C:\Users\Eggi\Desktop\Zopfmuster häkeln lernen.mp4
2015-04-24 16:19 - 2015-04-24 16:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-21 17:34 - 2015-04-21 17:34 - 00000000 ____D () C:\Users\Eggi\AppData\Roaming\NVIDIA
2015-04-21 17:26 - 2015-04-21 17:26 - 00000000 ____D () C:\Users\Eggi\AppData\Local\NVIDIA Corporation
2015-04-21 17:25 - 2015-04-21 17:25 - 00000000 ____D () C:\Users\Eggi\AppData\Local\NVIDIA
2015-04-21 17:24 - 2015-04-21 17:24 - 00001397 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-04-21 17:24 - 2015-04-21 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-21 17:24 - 2015-04-09 02:58 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-04-21 17:24 - 2015-04-09 02:58 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-04-21 17:24 - 2015-04-09 02:58 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-04-21 17:24 - 2015-04-09 02:58 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-04-21 17:23 - 2015-04-21 17:26 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-21 17:23 - 2015-04-08 23:30 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-21 17:23 - 2015-04-08 23:30 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-21 17:23 - 2015-04-08 23:30 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-21 17:23 - 2015-04-08 23:30 - 01047696 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-04-21 17:23 - 2015-04-08 23:30 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-21 17:23 - 2015-04-08 23:30 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-21 17:23 - 2015-04-08 23:30 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-04-21 17:23 - 2015-04-08 23:30 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-21 17:23 - 2015-04-08 19:52 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-21 17:22 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-21 17:22 - 2015-04-09 02:58 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-04-21 17:22 - 2015-04-09 02:58 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-04-21 17:22 - 2015-04-09 02:58 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-21 16:49 - 2015-04-21 17:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-21 14:52 - 2015-04-21 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2015-04-20 19:59 - 2015-04-20 19:59 - 00000000 ____D () C:\ProgramData\TerraTec
2015-04-20 19:50 - 2015-04-20 19:50 - 00088250 _____ () C:\Users\Eggi\Desktop\DxDiag.txt
2015-04-20 19:47 - 2015-04-21 21:53 - 00001252 _____ () C:\Users\Public\Desktop\TerraTec Home Cinema.lnk
2015-04-20 19:47 - 2015-04-20 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TerraTec
2015-04-20 19:34 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-04-20 19:34 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-04-20 19:34 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-04-20 19:34 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-04-20 19:34 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-04-20 19:34 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-04-20 19:34 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-04-20 19:34 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-04-20 19:34 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-04-20 19:34 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-04-20 19:34 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-04-20 19:34 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-04-20 19:34 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-04-20 19:34 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-04-20 19:34 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-04-20 19:34 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-04-20 19:34 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-04-20 19:34 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-04-20 19:34 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-04-20 19:34 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-04-20 19:34 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-04-20 19:34 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-04-20 19:34 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-04-20 19:34 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-04-20 19:34 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-04-20 19:34 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-04-20 19:34 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-04-20 19:34 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-04-20 19:34 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-04-20 19:34 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-04-20 19:34 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-04-20 19:34 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-04-20 19:34 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-04-20 19:34 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-04-20 19:34 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-04-20 19:34 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-04-20 19:34 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-04-20 19:34 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-04-20 19:34 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-04-20 19:34 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-04-20 19:34 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-04-20 19:34 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-04-20 19:34 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-04-20 19:34 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-04-20 19:34 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-04-20 19:34 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-04-20 19:34 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-04-20 19:34 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-04-20 19:34 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-04-20 19:34 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-04-20 19:34 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-04-20 19:34 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-04-20 19:34 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-04-20 19:34 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-04-20 19:34 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-04-20 19:34 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-04-20 19:34 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-04-20 19:34 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-04-20 19:34 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-04-20 19:34 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-04-20 19:34 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-04-20 19:34 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-04-20 19:34 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-04-20 19:34 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-04-20 19:34 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-04-20 19:34 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-04-20 19:34 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-04-20 19:34 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-04-20 19:34 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-04-20 19:34 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-04-20 19:34 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-04-20 19:34 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-04-20 19:34 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-04-20 19:34 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-04-20 19:34 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-04-20 19:34 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-04-20 19:34 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-04-20 19:34 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-04-20 19:34 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-04-20 19:34 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-04-20 19:34 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-04-20 19:34 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-04-20 19:34 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-04-20 19:34 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-04-20 19:34 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-04-20 19:34 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-04-20 19:34 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-04-20 19:34 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-04-20 19:34 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-04-20 19:34 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-04-20 19:34 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-04-20 19:34 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-04-20 19:34 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-04-20 19:34 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-04-20 19:34 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-04-20 19:34 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-04-20 19:34 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-04-20 19:34 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-04-20 19:34 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-04-20 19:33 - 2015-04-20 19:34 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-04-20 19:33 - 2015-04-20 19:33 - 00000000 ____D () C:\Program Files (x86)\MSECache
2015-04-20 19:31 - 2015-04-20 19:31 - 00292184 _____ (Microsoft Corporation) C:\Users\Eggi\Downloads\dxwebsetup.exe
2015-04-20 19:30 - 2015-04-20 19:32 - 373578968 _____ (Microsoft Corporation) C:\Users\Eggi\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe
2015-04-20 19:30 - 2015-04-20 19:30 - 39074536 _____ (Microsoft Corporation) C:\Users\Eggi\Downloads\FileFormatConverters.exe
2015-04-20 18:22 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-04-20 18:22 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-04-20 18:10 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-04-20 18:10 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-04-20 18:10 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-04-20 18:10 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-04-18 09:33 - 2015-04-18 09:33 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-04-15 22:33 - 2015-04-15 22:33 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 15:17 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 15:17 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 15:17 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 15:17 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 15:17 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 15:17 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 15:17 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 15:17 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 15:17 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 15:17 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 15:17 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 15:17 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 15:17 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 15:17 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 15:17 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 15:17 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 15:17 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 15:16 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 15:16 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 15:16 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 15:16 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 15:16 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 15:16 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 15:16 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 15:16 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 15:16 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 15:16 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 15:16 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 15:16 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 15:16 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 15:16 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 15:16 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 15:16 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 15:16 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 15:16 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 15:16 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 15:16 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 15:16 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 15:16 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 15:16 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 15:16 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 15:16 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 15:16 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 15:16 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 15:16 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 15:16 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 15:16 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 15:16 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 15:16 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 15:16 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 15:16 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 15:16 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 15:16 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 15:16 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 15:16 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 15:16 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 15:16 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 15:16 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 15:16 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 15:16 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 15:16 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 15:16 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 15:16 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 15:16 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 15:16 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 15:16 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-10 11:41 - 2015-05-04 20:33 - 00000000 ____D () C:\Users\Eggi\AppData\Roaming\QuickScan
2015-04-10 08:20 - 2015-04-10 08:20 - 00000000 ____D () C:\Users\Default\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-10 08:20 - 2015-04-10 08:20 - 00000000 ____D () C:\Users\Default User\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-10 08:19 - 2015-04-10 08:19 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2015-04-10 08:19 - 2015-04-10 08:19 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2015-04-07 14:09 - 2015-04-07 14:09 - 00000000 ____D () C:\ProgramData\Hauppauge
2015-04-07 14:05 - 2015-04-07 14:16 - 00001548 _____ () C:\hcwDriverInstall.txt
2015-04-07 14:05 - 2014-10-21 14:36 - 00323640 _____ (Hauppauge Computer Works) C:\Windows\SysWOW64\hcwpnp32.dll
2015-04-07 14:05 - 2014-08-15 15:25 - 00118840 _____ (Hauppauge Computer Works, Inc.) C:\Windows\SysWOW64\hcwi2c32.dll
2015-04-07 14:05 - 2009-02-16 22:09 - 00831554 _____ (Hauppauge Computer Works) C:\Windows\SysWOW64\hcwtvwnd.dll
2015-04-07 14:05 - 2006-10-10 16:47 - 00036921 _____ (Hauppauge Computer Works) C:\Windows\SysWOW64\hcwutl32.dll
2015-04-07 14:04 - 2015-04-07 14:04 - 00000000 ____D () C:\Users\Public\WinTV
2015-04-07 11:32 - 2015-04-07 16:29 - 00000000 ____D () C:\Users\Eggi\Downloads\Haupauge WinTV
2015-04-07 11:23 - 2015-04-07 11:23 - 00003336 _____ () C:\Windows\System32\Tasks\InfoCollect
2015-04-07 11:23 - 2015-04-07 11:23 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-04-05 19:27 - 2015-04-05 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medisana
2015-04-05 18:52 - 2015-04-05 19:27 - 00000000 ____D () C:\Program Files (x86)\VitaDock
2015-04-05 18:52 - 2015-04-05 18:52 - 00000000 ____D () C:\Users\Eggi\Documents\Medisana
2015-04-05 18:51 - 2015-04-05 18:51 - 17517056 _____ (Microsoft Corporation) C:\Users\Eggi\Downloads\VitaDock_PC_Setup.exe
2015-04-05 14:54 - 2015-04-05 19:27 - 00000000 ____D () C:\Users\Eggi\Desktop\Ostern
2015-04-05 10:13 - 2015-04-05 10:14 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 10:13 - 2015-04-05 10:13 - 00000000 ___SD () C:\Windows\SysWOW64\GWX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 14:21 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 14:13 - 2014-12-13 15:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-05 14:11 - 2015-01-04 19:22 - 01428131 _____ () C:\Windows\WindowsUpdate.log
2015-05-05 14:11 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-05 14:10 - 2015-01-08 00:36 - 00000000 ____D () C:\AdwCleaner
2015-05-05 14:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-04 22:35 - 2014-12-13 16:01 - 00000000 ____D () C:\Users\Eggi\AppData\Roaming\vlc
2015-05-04 20:48 - 2014-12-25 00:45 - 00000000 ____D () C:\Users\Eggi\.mediathek3
2015-05-03 13:15 - 2014-12-13 15:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-03 11:53 - 2014-12-21 10:44 - 00000000 ____D () C:\Users\Eggi\Desktop\Dokumente
2015-05-03 11:48 - 2014-12-07 19:28 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-512139159-3480901023-2481466660-1001
2015-05-03 10:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-01 09:51 - 2014-12-28 21:28 - 00482304 ___SH () C:\Users\Eggi\Desktop\Thumbs.db
2015-04-29 19:49 - 2014-12-07 19:27 - 00000000 _____ () C:\Windows\system32\newflow.dat
2015-04-28 23:16 - 2014-12-07 20:48 - 00000000 ____D () C:\Users\Eggi\AppData\Local\CrashDumps
2015-04-22 18:10 - 2015-03-19 10:07 - 00000000 ____D () C:\Users\Eggi\Desktop\Programme
2015-04-22 18:10 - 2015-01-26 22:07 - 00000000 ____D () C:\Program Files (x86)\HardCopy Pro
2015-04-22 18:07 - 2014-07-15 03:47 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-04-22 18:07 - 2014-07-15 03:47 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-04-22 18:07 - 2014-03-18 12:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-21 17:24 - 2014-07-14 18:25 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-21 17:24 - 2014-07-14 18:24 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-21 17:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Help
2015-04-21 17:07 - 2014-12-25 00:45 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-21 17:07 - 2014-12-25 00:45 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-21 17:06 - 2015-01-02 10:36 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-21 14:53 - 2014-07-14 18:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-21 14:52 - 2015-02-04 20:07 - 00000000 ____D () C:\Program Files (x86)\LAV Filters
2015-04-21 14:52 - 2015-02-04 19:58 - 00000000 ____D () C:\Program Files (x86)\TERRATEC
2015-04-20 19:59 - 2015-02-04 20:03 - 00000000 ____D () C:\Users\Eggi\AppData\Roaming\TerraTec
2015-04-20 19:34 - 2014-12-14 12:31 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-04-20 18:24 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-20 18:16 - 2014-12-13 15:38 - 00000401 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-04-18 09:33 - 2014-06-11 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-04-18 09:33 - 2014-06-11 12:06 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-04-18 09:31 - 2014-12-07 19:24 - 00000000 ____D () C:\Users\Eggi\AppData\Local\clear.fi
2015-04-16 10:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-16 08:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 22:33 - 2014-12-13 15:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 15:33 - 2014-12-07 20:47 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 15:30 - 2014-12-13 18:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 15:30 - 2014-12-07 20:47 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 22:13 - 2014-12-13 15:49 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 08:46 - 2015-03-29 16:49 - 00000000 ____D () C:\Users\Eggi\Desktop\Geburtstagsfeier
2015-04-14 01:24 - 2014-12-13 15:21 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-12-13 15:21 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 14:46 - 2015-01-13 19:48 - 00000000 ____D () C:\Users\Eggi\Desktop\DVBViewer-Aufnahmen
2015-04-12 09:57 - 2014-12-14 12:34 - 00003766 ___SH () C:\ProgramData\KGyGaAvL.sys
2015-04-10 08:20 - 2014-12-13 19:30 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-10 08:19 - 2014-12-30 14:19 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2015-04-10 08:19 - 2014-12-30 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-04-10 08:19 - 2014-12-30 14:19 - 00000000 ____D () C:\ProgramData\Garmin
2015-04-10 08:19 - 2014-12-30 14:19 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-04-10 08:16 - 2015-01-06 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-10 08:16 - 2015-01-06 15:32 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-08 08:55 - 2014-07-14 18:45 - 00000000 ____D () C:\ProgramData\OEM
2015-04-07 11:23 - 2014-06-11 12:35 - 00000000 ___HD () C:\OEM
2015-04-05 14:55 - 2015-03-27 14:40 - 00000000 ____D () C:\Users\Eggi\Desktop\Trampolin

==================== Files in the root of some directories =======

2015-01-07 23:38 - 2015-01-07 23:38 - 0004416 _____ () C:\Users\Eggi\AppData\Roaming\CamStudio.cfg
2015-02-03 19:18 - 2015-02-03 19:18 - 0000000 _____ () C:\Users\Eggi\AppData\Roaming\wklnhst.dat
2014-12-14 12:34 - 2014-12-14 12:34 - 0000008 __RSH () C:\ProgramData\7C46078F1A.sys
2014-07-14 18:20 - 2014-07-14 18:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-14 12:34 - 2015-04-12 09:57 - 0003766 ___SH () C:\ProgramData\KGyGaAvL.sys

Some content of TEMP:
====================
C:\Users\Eggi\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-26 10:12

==================== End Of Log ============================
         
--- --- ---



ADDITION.TXT

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by Eggi at 2015-05-05 14:31:49
Running from C:\Users\Eggi\Desktop\Sicherheitsprogramme
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-512139159-3480901023-2481466660-500 - Administrator - Disabled)
Eggi (S-1-5-21-512139159-3480901023-2481466660-1001 - Administrator - Enabled) => C:\Users\Eggi
Gast (S-1-5-21-512139159-3480901023-2481466660-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-512139159-3480901023-2481466660-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.07.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3009 - Acer Incorporated)
abFiles Shell Extension (HKLM-x32\...\{0E1996B9-B733-4096-8FD7-239850ED0B2A}) (Version: 2.00.3001 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.07.2004.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.02.2003.0 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.06.2000 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.10 - Adobe Systems)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 5.7.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.06.2002.2 - Acer Incorporated)
Ashampoo Snap 7 v.7.0.10 (HKLM-x32\...\{C92AB6F1-9C93-0F51-ED50-15ABBCBDD142}_is1) (Version: 7.0.10 - Ashampoo GmbH & Co. KG)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05187 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05187 - Cisco Systems, Inc.) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ContentHD (x32 Version: 1.00.0002 - Corel Corporation) Hidden
Contents (x32 Version: 1.6.0.367 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{2CDF0D0A-C58C-4136-9978-F029B2723B0D}) (Version: 16.4.0.1280 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.4.1280 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.4.1280 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.2.69 - Corel Corporation)
CorelDRAW Graphics Suite X6 - BR (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Content (HKLM-x32\...\_{C221B72F-C0AC-4DD7-B27E-701B1E9DE23A}) (Version: 16.0 -  Corel Corporation)
CorelDRAW Graphics Suite X6 - Content (x32 Version: 16.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - ES (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FR (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM Content (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IT (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - NL (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.7 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.4.1.1281 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.7 - Corel Corporation) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
DeviceIO (x32 Version: 1.6.0.367 - Corel Corporation) Hidden
DVBViewer TERRATEC Edition (HKLM-x32\...\DVBViewer TERRATEC Edition_is1) (Version:  - CM&V)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Elevated Installer (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Free IP Tools (HKLM-x32\...\Free IP Tools) (Version: 4.2 - TamoSoft)
Garmin City Navigator Europe NTU 2015.30 (HKLM-x32\...\{63F1BF21-7435-4055-AA71-7ED2B7948C8C}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NTU 2015.40 (HKLM-x32\...\{F400C6B8-89B8-4619-92E3-0A2314E4625B}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{50755d67-ae60-4e47-b3d6-ce44d01b5a95}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.1 - Genesys Logic)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
HardCopy Pro (HKLM-x32\...\HardCopy Pro) (Version: 4.2.4 - DeskSoft)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
ICA (x32 Version: 1.6.0.367 - Corel Corporation) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Inhaltserstellung (HKLM-x32\...\{Inhaltserstellung_9AACF9A9-6FB2-4E49-B3BF-D2D268B29138}) (Version:  - )
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LAV Filters 0.53.2 (HKLM-x32\...\lavfilters_is1) (Version: 0.53.2 - Hendrik Leppkes)
Licensing Service (03000201) (x32 Version: 03.00.02.15 - Protexis Inc.) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
MLE (x32 Version: 1.0.0.18 - Corel Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
Nero 12 (HKLM-x32\...\{4A29920F-BE3A-46FA-AD92-6366C65A7C74}) (Version: 12.0.00300 - Nero AG)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1006 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{F4C242B4-2973-43F3-93F2-ED1B47AE8848}) (Version: 12.0.02000 - Nero AG)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Prerequisite installer (x32 Version: 12.0.0008 - Nero AG) Hidden
PureHD (x32 Version: 1.6.0.367 - Corel Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7218 - Realtek Semiconductor Corp.)
Setup (x32 Version: 1.6.0.367 - Corel Corporation) Hidden
Share (x32 Version: 1.6.0.367 - Corel Corporation) Hidden
Share64 (Version: 1.6.0.367 - Corel Corporation) Hidden
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 5.0.9 - Shark007)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.5 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.5 - SmartSound Software Inc.) Hidden
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TERRATEC Cinergy S2 USB HD (64 Bit) (HKLM-x32\...\{9773D0FE-7AED-4B01-9DF9-B53A96C8CF4C}) (Version: 1.32.0519.0 - TERRATEC)
TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.27.7 - )
THC Codec Patch (HKLM-x32\...\{03DF2CB2-FF23-47F7-8754-8C3938A5F44C}) (Version: 1.00.0000 - )
THC codec patch (HKLM-x32\...\{667774E0-26BB-4194-9854-656A8DC5337B}) (Version: 1.00.0000 - TERRATEC)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VIO (x32 Version: 1.6.0.367 - Corel Corporation) Hidden
VitaDock® Online PC 1.0.530 (HKLM-x32\...\{2DDE97C5-863F-4FFB-84A2-70B21684D747}) (Version: 1.0.530.0 - Medisana)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0-rc2 - VideoLAN)
VSClassic (x32 Version: 1.6.0.367 - Corel Corporation) Hidden
VSPro (x32 Version: 1.6.0.367 - Corel Corporation) Hidden
WebM Project Directshow Filters (HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\webmdshow) (Version:  - )
Werkzeuge und Vorlagen für Microsoft Office (HKLM-x32\...\{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}) (Version: 2.0 - Microsoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Prolific (Ser2pl) Ports  (03/12/2010 3.3.11.152) (HKLM\...\1368C87DCBC1A47DB78AD625B2C7E102AF9F447F) (Version: 03/12/2010 3.3.11.152 - Prolific)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows-Treiberpaket - TerraTec  (CYDTV_SRV) Media  (06/25/2010 1.32.0519.0) (HKLM\...\ED7EAA4823AD5AF1A4E11F036CCEAB031E88CF83) (Version: 06/25/2010 1.32.0519.0 - TerraTec )
x64 Components v5.0.9 (HKLM\...\Advanced x64Components_is1) (Version: 5.0.9 - Shark007)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-512139159-3480901023-2481466660-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

15-04-2015 15:23:18 Windows Update
20-04-2015 18:06:05 Entfernt TerraTec Home Cinema
21-04-2015 21:53:09 Installiert TerraTec Home Cinema
01-05-2015 10:39:44 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-03-04 16:29 - 00000965 ____A C:\Windows\system32\Drivers\etc\hosts

131.188.12.8	vpn.fau.de ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0798CD79-6C9E-4302-AE56-11B84AE6D6C9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {156EA48B-384A-451C-801A-801D99EF38C9} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)
Task: {21A3326A-13F0-4E31-A55C-324A6566DF8A} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {5313D230-CF27-4576-9E6E-046290C74872} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate)
Task: {6DD03667-4424-4D20-89CA-296485F9DFB3} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {7460A9ED-D20B-47E8-8BB7-C30DEC135C04} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-12-11] (Nero AG)
Task: {77822412-49C0-4532-82E3-EFDF91094B79} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe
Task: {7BF12930-C55E-445B-BCF5-E0C84AA08A3D} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-03-18] (Acer)
Task: {B14D2215-CBEC-4F5E-8933-52D5AACA27EF} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {B5818813-2A02-4996-9BC8-BE411C376EE8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {BBB71DEF-A269-417E-93DE-76554E845FBC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {BC7E9C2D-D390-4813-96D0-9F2C315AD797} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {BDD7E3DA-F247-47E7-801E-AE69337BBED2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {C27F936A-8357-4FFA-A8CE-D20CCB99E7D5} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>)
Task: {D61C633E-AD3E-433B-8B64-D243968D97CF} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)
Task: {D91FBFC0-C7EC-4E40-BEC1-3FBD54334A33} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {F086646D-78C9-4B34-884F-50314E5BAF11} - System32\Tasks\InfoCollect => C:\Program Files (x86)\Acer\Acer Portal\InfoCollect.exe [2015-03-18] ()
Task: {FDA446C6-5746-4FF9-9B42-3276C9D36C1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2014-07-14 18:47 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-04-21 17:23 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-14 18:54 - 2014-01-03 14:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-02-25 22:14 - 2014-02-25 22:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 22:11 - 2014-02-25 22:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 22:17 - 2014-02-25 22:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-10-16 07:48 - 2014-10-16 07:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-04-21 17:24 - 2015-04-09 02:58 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-07-14 18:23 - 2013-12-10 01:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-512139159-3480901023-2481466660-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eggi\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "BacKGround Agent"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Standby"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\StartupApproved\Run: => "VitaDock"
HKU\S-1-5-21-512139159-3480901023-2481466660-1001\...\StartupApproved\Run: => "Remote Control Editor"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{262A5919-E5B1-439A-AE72-E366750707DE}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{8DB348F3-0F77-40F7-831C-DD9B40C8A373}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{46D25593-FF33-4E16-B65E-21ED3DA8C36E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{5F3E9359-986E-489F-A382-2CAC6CD6C490}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{87668745-FD76-48E5-9C53-7F6CCF75DD50}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9C4371F8-09AD-426C-8AE9-1D0FC750A163}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{B52BFC4E-265A-4D8B-8ADD-6A616ACC74C6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2B8B6245-1C67-4A40-8286-0D9B25DBE4E3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{7CA7FB63-060E-482B-8CF0-26F0BC2DC109}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{DD4FBF5E-A412-4C19-A973-3E896EB828E3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F93FFEE6-1551-450A-9DAC-4476D376B346}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{310D2D1A-4386-4878-A60D-4201348C2C69}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DD646C8A-69ED-42DF-8631-C6434ABB2F52}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C2B0D07D-C3AE-4BB4-B9D1-5913E2CE9AF3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{92E55F9E-DFF8-4A74-A842-C7BD89B96F81}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A8C5C9E4-14F6-4643-A0B1-3AA9E48A6A9A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4DF437FA-BD1F-4B76-A9C4-2B8D4B164668}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4CAAB8C1-FB93-4D0D-BE80-96620F8E8A08}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7978DD45-BD59-4780-BDE6-8C14EB8E151A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe
FirewallRules: [{27E1F04E-5102-4745-8246-AA7BBCC6EFAD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{DE0CC3B2-F207-4495-8A3F-714F4815A22B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{1A10A2B7-684C-4977-9C3C-8DEF0C12C974}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{1A9E4700-AF28-4D2B-BED3-36654C0CEDAC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{5C0C00D1-A5D1-42BA-9FFC-C2B2FCB1C3BC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1A797C2F-3A44-454A-B3B9-D2320A37E1C6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F6493FE4-5429-4C59-A679-3FB8501003BC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{63E2957F-6A6C-4267-8D1F-56A2BE7E9178}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3C317160-46AE-4879-B2DB-E4544CEA6AB2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2FF8C8D0-08FC-40BD-AAA4-F593CA3965D7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{23056B5D-3F83-4BB6-AD14-E62BC657CE9B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{692C42E6-B873-424B-BCEF-F33ED0A6C8A6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E651DD1F-86F1-4177-917B-87A612738E7B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E2F5959C-2FCD-48E8-B939-8DDC683B7C8C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ACDEB9F2-B47E-46B9-9E1C-5757E58ADA92}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{760243E8-DA3B-4698-A3AB-54B9A4B8AB81}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{504E091D-EACE-4AE6-AD7C-BF49BCBF698A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{EB022543-248B-4DC1-A3D7-418412532354}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{BF811251-368A-4FE6-BF2C-E41AC1986C70}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A570A2C7-463A-47B7-AF75-E97912BD95BC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{904456A2-0176-4F8C-A958-F5CF965AEED9}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{0C551A81-F63D-49B5-8788-32C2E3C1D4D3}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{ED495485-B948-4CDC-8A4C-7F4AEF3E1C92}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5E7528B7-DC8A-4D39-ACA5-1E179E373BB1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A2117BBF-5D12-48A0-AFF5-DC0127DD3730}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AC18C9A0-C687-4090-B21A-654F93389F52}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9D754549-BAFB-4BFB-8AE7-5BB9C6386EF3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{559F6F13-0B59-457B-A9C8-FA4F580787DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{34003A4A-109D-45A1-8B23-7F876E000588}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AF2250BF-52FE-4D11-B8CF-EE085576B0F6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{D6A645B1-DE6E-43C4-9E2B-7BE34348146D}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [UDP Query User{7991B133-21E5-473C-A029-865E3B9C9FDC}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [TCP Query User{6A2E9C0F-EB99-4FC7-8A09-3630C480BAAF}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [UDP Query User{C64B6B57-9107-43D7-ADDA-EBF5738C44DC}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [TCP Query User{23A04B98-F964-41C6-B7D3-7514B8BB709F}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{F553F007-C503-4F8E-9937-D4024CDE5DBB}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [TCP Query User{B8B8D7C5-928D-45E0-9042-99B1E8875A83}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F921FB91-0090-4FD6-81E2-9EAAD0CD7691}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{1BD548C1-0A91-41A6-9494-D138F0E0764E}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{74247F9F-580B-4DF7-9E94-3A38193A33D6}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{E7ED1E9D-1EB1-4D25-9CD4-0876C3247E45}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{B4B0DF7A-C8B4-47A1-8497-5068A2643FE1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CD10D7D0-49CD-4F9F-AF88-82D147D8C528}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{52F14C1E-07AC-417A-99E7-00ECDF242E11}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2393C324-CE32-4701-A77E-1BEECA73C139}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1EA95909-5423-4AD3-B68B-E8299214F233}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9BA6F519-9B84-48BD-AB30-1EC6D802FF77}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A348CC21-1339-41A3-BBCD-AFBDFA09F8BF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3E81BFF2-9A2D-475F-8933-9FC55E9228CF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F843910A-FEF1-4F78-B8F6-8D07B1D51CD2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4FE31BA9-5A1F-410B-B9B1-1855DBE47D31}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1EFC56E4-8A67-42FA-AFE6-1F6F198C206E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4CFE775B-EFDB-4B9B-91C9-870E2D8BCC38}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{190C08CC-535A-43DD-B490-4C8563422F21}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{C30E1D9B-6152-4D6C-9389-CF54CFA787A7}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{2F03B442-4B9C-46CA-87CE-9EE2DAF7915E}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\CinergyDvr.exe
FirewallRules: [{17BD59E6-3D12-4AE1-BE3B-90DC19B7F98D}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\CinergyDvr.exe
FirewallRules: [{84B2124E-A879-4781-A7CF-73B9B8BC79E4}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe
FirewallRules: [{2D95C663-F261-4C8A-8ED0-6E7C3A0ACFC7}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe
FirewallRules: [{13300253-A053-4DA3-A2E1-54522D3730CF}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\InstTool.exe
FirewallRules: [{B6FB9830-91D7-475F-910B-09212DABC7B5}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\InstTool.exe
FirewallRules: [{61B6EE43-CB1A-4873-857B-D81D269750F4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EDE5FBDD-8D1B-4A6B-BAD0-4AE4F587B25D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B0D09F92-A118-4EF1-96C1-17DFE4FBE437}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8169CD62-2230-4945-AF07-BABF7F2F92F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CB333D9C-2409-40D7-9F16-A2A24BCCC4E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C3E7B089-BE3E-47BA-A373-64D456B0B34A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{481DA645-8A13-45DC-B076-DE08F3ED0A4B}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\InstTool.exe
FirewallRules: [{1A0F1155-22B8-45AF-A50F-BB391BB2DC0D}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\InstTool.exe
FirewallRules: [{579F167A-1D35-4EF6-B696-237E561EE17B}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\CinergyDvr.exe
FirewallRules: [{E5EF3580-D6EB-429D-850A-21D62A7DB69A}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\CinergyDvr.exe
FirewallRules: [{0076A79B-5641-47B2-990F-279316F3D4E7}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe
FirewallRules: [{6C7C913F-13BA-4928-A787-EE17120C09FF}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe
FirewallRules: [{BA6AC274-9428-484D-93CE-19A6FF9A6DF8}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\VersionCheck\VersionCheck.exe
FirewallRules: [{CF62EF87-C41F-4834-847B-7D933C46C61E}] => (Allow) C:\Program Files (x86)\TERRATEC\TerraTec Home Cinema\VersionCheck\VersionCheck.exe

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/05/2015 02:26:16 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/05/2015 02:26:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 149031

Error: (05/05/2015 02:26:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 149031

Error: (05/05/2015 02:26:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/05/2015 02:22:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Name des fehlerhaften Moduls: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004e920f
ID des fehlerhaften Prozesses: 0x5b0
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5

Error: (05/05/2015 02:11:19 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/05/2015 02:08:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (05/05/2015 02:06:07 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/04/2015 02:19:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.1.1944.2762, Zeitstempel: 0x5515f674
Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.1.1944.2762, Zeitstempel: 0x5515f674
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000687672
ID des fehlerhaften Prozesses: 0x10f8
Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0
Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1
Pfad des fehlerhaften Moduls: nvstreamsvc.exe2
Berichtskennung: nvstreamsvc.exe3
Vollständiger Name des fehlerhaften Pakets: nvstreamsvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvstreamsvc.exe5

Error: (05/03/2015 01:14:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]


System errors:
=============
Error: (05/05/2015 02:22:09 PM) (Source: DCOM) (EventID: 10010) (User: EggisAcer)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/05/2015 02:22:09 PM) (Source: DCOM) (EventID: 10010) (User: EggisAcer)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/05/2015 02:22:09 PM) (Source: DCOM) (EventID: 10010) (User: EggisAcer)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/05/2015 02:22:09 PM) (Source: DCOM) (EventID: 10010) (User: EggisAcer)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/05/2015 02:22:09 PM) (Source: DCOM) (EventID: 10010) (User: EggisAcer)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/05/2015 02:22:08 PM) (Source: DCOM) (EventID: 10010) (User: EggisAcer)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/05/2015 02:22:08 PM) (Source: DCOM) (EventID: 10010) (User: EggisAcer)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/05/2015 02:22:08 PM) (Source: DCOM) (EventID: 10010) (User: EggisAcer)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/05/2015 02:22:07 PM) (Source: DCOM) (EventID: 10010) (User: EggisAcer)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/05/2015 02:22:07 PM) (Source: DCOM) (EventID: 10010) (User: EggisAcer)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 19%
Total physical RAM: 8115.27 MB
Available physical RAM: 6534.52 MB
Total Pagefile: 9395.27 MB
Available Pagefile: 7505.22 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:459.82 GB) (Free:349.86 GB) NTFS
Drive d: (Daten) (Fixed) (Total:454.09 GB) (Free:213.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 41A95FC1)

Partition: GPT Partition Type.

==================== End Of Log ============================
         


Alt 06.05.2015, 08:33   #6
schrauber
/// the machine
/// TB-Ausbilder
 

DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



sieht gut aus
__________________
--> DHL Mail mit Link! Wohin führt dieser?

Alt 06.05.2015, 09:01   #7
Roxxi
 
DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



Zitat:
Zitat von schrauber Beitrag anzeigen
sieht gut aus
Guten Morgen Schrauber,

d.h. ich habe mir nichts eingefangen?
Dann habe ich wohl Glück gehabt. In Zukunft werde ich noch aufmerksamer auf den Absender schauen, was ich eigentlich normal mache, aber an dem Abend hatte ich wohl Stroh im Kopf!

Wie sieht es eigentlich jetzt mit meinen Daten in den gelben Fenstern aus? Die kann ja jeder jetzt lesen oder? Kannst du die dann bitte rauslöschen?

Nochmals vielen Dank für Deine Hilfe und noch einen schönen Tag.

Grüße Roxxi

Alt 06.05.2015, 13:45   #8
schrauber
/// the machine
/// TB-Ausbilder
 

DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



Die Logs werden in der Regel nicht gelöscht, stand auch so in den Regeln die du akzeptiert hast. Da steht aber auch nix wildes drin

http://www.trojaner-board.de/108422-...-anfragen.html
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.05.2015, 18:39   #9
Roxxi
 
DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



Zitat:
Zitat von schrauber Beitrag anzeigen
Die Logs werden in der Regel nicht gelöscht, stand auch so in den Regeln die du akzeptiert hast. Da steht aber auch nix wildes drin

http://www.trojaner-board.de/108422-...-anfragen.html


OK, dann ist es ja gut.

Habt ihr auch mit Mozilla Thunderbird was tun? Bzw. kann ich seit dem Zeitpunkt keine Mails mehr mit Anhang empfangen. Ich muß sie auf dem Server löschen und bekomme dann erst den Rest der Mails downgeloadet. Kann das damit was zu tun haben?

Es kommt immer die Fehlermeldung der Speicherplatz wäre zu klein und ich soll den Papierkorb usw. leeren, der ist leer, der Cache ist auch geleert. Habt ihr da einen Tipp?

Grüße Roxxi

Alt 07.05.2015, 08:34   #10
schrauber
/// the machine
/// TB-Ausbilder
 

DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



Öhm, ich würde einfach mal neu installieren
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.05.2015, 09:42   #11
Roxxi
 
DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



Zitat:
Zitat von schrauber Beitrag anzeigen
Öhm, ich würde einfach mal neu installieren
Ok werde ich mal machen.

Aber ich habe jetzt festgestellt dass durch die DHL Mail denen wahrscheinlich mein gesamtes Adressbuch in die Hände gefallen ist.

Jedensfalls erhalten diverse Leute und auch Abo-Listen von mir alle die DHL Mail!

Aber dagegen werde ich jetzt wohl machtlos sein

Grüße Roxxi

Alt 07.05.2015, 17:44   #12
schrauber
/// the machine
/// TB-Ausbilder
 

DHL Mail mit Link! Wohin führt dieser? - Standard

DHL Mail mit Link! Wohin führt dieser?



Jap, du kannst das Passwort zum Account ändern, aber mehr auch nicht.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu DHL Mail mit Link! Wohin führt dieser?
absender, angeklickt, avira, dhl mail, erhalte, erhalten, express, führt, gefunde, geklickt, gescannt, gestern, kunde, kundenservice, link, link angeklickt, mail, nichts, service, sofort



Ähnliche Themen: DHL Mail mit Link! Wohin führt dieser?


  1. DHL Mail - Link geöffnet :-(
    Plagegeister aller Art und deren Bekämpfung - 04.06.2015 (3)
  2. DHL Mail Link angeklickt
    Log-Analyse und Auswertung - 27.05.2015 (18)
  3. Mac OSX 10.5.8: Gefakte DHL-Mail mit Link geöffnet
    Alles rund um Mac OSX & Linux - 21.05.2015 (16)
  4. Mail DHL Link angeklickt
    Log-Analyse und Auswertung - 26.03.2015 (9)
  5. UPS Mail - Link geöffnet
    Log-Analyse und Auswertung - 11.03.2015 (10)
  6. Phishing-Mail-Link angeklickt (Paypal-Phishing-Mail)
    Plagegeister aller Art und deren Bekämpfung - 29.11.2014 (9)
  7. Link führt zu falscher Seite - Browservirus?
    Plagegeister aller Art und deren Bekämpfung - 26.04.2014 (11)
  8. Link in E-mail angeklickt
    Log-Analyse und Auswertung - 15.04.2014 (8)
  9. Was haltet ihr von dieser Mail-Adress-Sammelei
    Überwachung, Datenschutz und Spam - 22.01.2014 (1)
  10. Pay Pal Phishing Mail mit Link erhalten (Link ausgeführt)
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (9)
  11. Probleme bei google-Weiterleitung, link führt zu "ihavenet.com"
    Log-Analyse und Auswertung - 24.05.2013 (8)
  12. Link zu jpg in Mail - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 28.10.2012 (3)
  13. Soll ich mit dieser Mail auf eine verseuchte Seite gelockt werden?
    Überwachung, Datenschutz und Spam - 25.10.2012 (3)
  14. GMX sendet automatisch Mail mit Link
    Plagegeister aller Art und deren Bekämpfung - 18.06.2012 (3)
  15. Was bedeutet dieser Link ?
    Überwachung, Datenschutz und Spam - 11.06.2010 (0)
  16. IExplorer link führt zu fragwürdigen Seiten
    Log-Analyse und Auswertung - 02.04.2007 (2)
  17. Email-Problem: Undeliverable Mail (Re 0:) täglich 100 dieser Mails
    Plagegeister aller Art und deren Bekämpfung - 17.12.2006 (20)

Zum Thema DHL Mail mit Link! Wohin führt dieser? - Hallo Ihr, ich habe gestern die berüchtigte DHL Mail erhalten und leider den Link angeklickt, was mir zum erstenmal passiert ist. Ich Dussel habe nicht auf den Absender (Kundenservice DHL - DHL Mail mit Link! Wohin führt dieser?...
Archiv
Du betrachtest: DHL Mail mit Link! Wohin führt dieser? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.