Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 8.1: Crazy Score eingefangen (https://www.trojaner-board.de/167811-windows-8-1-crazy-score-eingefangen.html)

Smigel 10.06.2015 20:54
Windows 8.1: Crazy Score eingefangen
 
Hallo,
habe mir zuletzt 'FLV and Media Player' heruntergeladen und dabei blöderweise ein 'Zusatzprogramme' nicht abgelehnt. Dadurch bekam ich andauernd Werbe-Pop-Ups von Crazy Score.
Habe daraufhin Malwarebyte Anti Malware laufen lassen, das diverse Add-ons o.ä. entfernt hat.
Die Pop-Ups sind aber nach wie vor nicht verschwunden. Erst nachdem ich diese in Add-ons von Firefox entfernt habe.

Ich bin mir allerdings nicht sicher, ob ich noch weitere Plagegeister aufrechterhalten habe. Daher wäre ich für Hilfe dankbar.

Als Antivirenprogramm nutze ich Avast Pro Antivirus.

Schon im Voraus vielen Dank für die Hilfe.

Im folgenden die Scans:
defogger disable:
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:18 on 10/06/2015 (Smigel)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST.txt:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Smigel (administrator) on SMIGEL-ACER on 10-06-2015 20:24:19
Running from C:\Users\Smigel\Downloads
Loaded Profiles: Smigel (Available Profiles: Smigel & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGJE.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Pokki) C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Pokki) C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Pokki) C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppService.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Pokki) C:\Users\Smigel\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems Incorporated) C:\Users\Smigel\Downloads\flashplayer18au_ga_install.exe
(Adobe Systems Incorporated) C:\Users\Smigel\Downloads\flashplayer18au_ga_install.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_160.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_160.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-03-26] (NVIDIA Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [688984 2013-09-30] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-05-06] (Acer Incorporated)
HKLM-x32\...\Run: [avgnt] => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [92928 2015-05-06] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2574080 2015-05-06] (Acer)
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\Run: [EPSON BX305 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\MountPoints2: {9a2a1d64-0972-11e5-8288-c45444832470} - "D:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\MountPoints2: {9a2a1dcc-0972-11e5-8288-c45444832470} - "D:\.\Setup.exe" AUTORUN=1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-06-16]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2015-06-04]
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-06-10]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Smigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2015-06-01]
ShortcutTarget: ZooskMessenger.lnk -> C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe (No File)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-27] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001 -> {488BFFB8-A70B-44AF-AC57-BD5D1B1D2712} URL =
SearchScopes: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001 -> {516D548E-B7E6-4B08-8CA3-312752048F9F} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20141214&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: No Name -> {06E08260-0695-4EC1-A74B-1310D8899D93} ->  No File
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Smigel\AppData\Roaming\Mozilla\Firefox\Profiles\4qsfzn18.default-1426112488545
FF Homepage: hxxp://www.dregol.com/?f=1&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-10] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-13] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH)
FF user.js: detected! => C:\Users\Smigel\AppData\Roaming\Mozilla\Firefox\Profiles\4qsfzn18.default-1426112488545\user.js [2015-06-10]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-02-05] (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-03-11]
FF Extension: WEB.DE MailCheck - C:\Users\Smigel\AppData\Roaming\Mozilla\Firefox\Profiles\4qsfzn18.default-1426112488545\Extensions\toolbar@web.de [2015-03-12]
FF Extension: Crazy Score - C:\Users\Smigel\AppData\Roaming\Mozilla\Firefox\Profiles\4qsfzn18.default-1426112488545\Extensions\{0d68400f-30b4-459a-94ed-bd57e329ed5d}.xpi [2015-06-10]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-06-02]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-12-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-11]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension

Chrome:
=======
CHR Profile: C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-28]
CHR Extension: (Google Docs) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-28]
CHR Extension: (Google Drive) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-28]
CHR Extension: (YouTube) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-28]
CHR Extension: (Google Search) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-28]
CHR Extension: (Google Sheets) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-28]
CHR Extension: (Bookmark Manager) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-29]
CHR Extension: (Avast Online Security) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-11]
CHR Extension: (Google Wallet) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-28]
CHR Extension: (Gmail) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [342984 2011-09-13] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-27] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-27] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-06] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-12] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-01-18] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1616160 2014-03-26] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-04] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-04] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-27] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-29] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-27] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-27] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-27] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-27] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-27] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2015-06-04] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-18] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [427736 2013-08-09] (Realsil Semiconductor Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-27] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-10 20:21 - 2015-06-10 20:24 - 00055960 _____ C:\Users\Smigel\Downloads\Addition.txt
2015-06-10 20:20 - 2015-06-10 20:24 - 00032177 _____ C:\Users\Smigel\Downloads\FRST.txt
2015-06-10 20:20 - 2015-06-10 20:24 - 00000000 ____D C:\FRST
2015-06-10 20:19 - 2015-06-10 20:19 - 02108928 _____ (Farbar) C:\Users\Smigel\Downloads\FRST64.exe
2015-06-10 20:18 - 2015-06-10 20:18 - 00000474 _____ C:\Users\Smigel\Downloads\defogger_disable.log
2015-06-10 20:18 - 2015-06-10 20:18 - 00000000 _____ C:\Users\Smigel\defogger_reenable
2015-06-10 20:16 - 2015-06-10 20:17 - 00050477 _____ C:\Users\Smigel\Downloads\Defogger.exe
2015-06-10 20:06 - 2015-06-10 20:06 - 00002190 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-06-10 20:06 - 2015-06-10 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-06-10 20:06 - 2015-06-10 20:06 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-06-10 20:06 - 2015-06-10 20:06 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2015-06-10 20:04 - 2015-06-10 20:04 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\Smigel\Downloads\flashplayer18au_ga_install.exe
2015-06-10 19:56 - 2015-06-10 19:56 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-06-10 01:22 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 01:22 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 01:22 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 01:22 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 01:22 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 01:22 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 01:22 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 01:22 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 01:22 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 01:22 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 01:22 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 01:22 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 01:22 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 01:22 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 01:22 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 01:22 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 01:22 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 01:22 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 01:22 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 01:22 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 01:22 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 01:22 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 01:22 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 01:22 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 01:22 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 01:22 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 01:22 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 01:22 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 01:22 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 01:22 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 01:22 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 01:22 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 01:22 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 01:22 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 01:22 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 01:22 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 01:22 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 01:21 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 01:21 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 01:21 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 01:21 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 01:21 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 01:21 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 01:21 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 01:21 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 01:21 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 01:21 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 01:21 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 01:21 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 01:21 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 01:21 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 01:21 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 01:21 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 01:21 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 01:21 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 01:21 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 01:21 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 01:21 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 01:21 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 01:21 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 01:21 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 01:21 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 01:21 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 01:21 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 01:21 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 01:21 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 01:21 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 01:21 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 01:21 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 01:21 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 01:21 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 01:21 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 01:21 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 01:21 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 01:21 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-10 00:31 - 2015-06-10 00:31 - 00001349 _____ C:\Users\Public\Desktop\FLV and Media Player.lnk
2015-06-10 00:31 - 2015-06-10 00:31 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\FLV and Media Player
2015-06-10 00:31 - 2015-06-10 00:31 - 00000000 ____D C:\Users\Smigel\AppData\Local\Chromium
2015-06-10 00:31 - 2015-06-10 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
2015-06-10 00:30 - 2015-06-10 00:30 - 00000000 ____D C:\Program Files (x86)\Applian Technologies
2015-06-10 00:29 - 2015-06-10 00:29 - 23750568 _____ C:\Users\Smigel\Downloads\FLVPlayerInstall.exe
2015-06-07 19:54 - 2015-06-07 19:54 - 00000000 ____D C:\Users\Smigel\AppData\Local\GWX
2015-06-04 23:43 - 2015-06-04 23:43 - 00003070 _____ C:\WINDOWS\System32\Tasks\{BE623303-5467-4C84-833E-9C3218768450}
2015-06-04 23:31 - 2015-06-04 23:32 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\ALDITALKVerbindungsassistent
2015-06-04 23:31 - 2015-06-04 23:31 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WdfCoInstaller01007.dll
2015-06-04 23:31 - 2015-06-04 23:31 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\WdfCoInstaller01007.dll
2015-06-04 23:31 - 2015-06-04 23:31 - 00999936 _____ (DiBcom SA) C:\WINDOWS\SysWOW64\Drivers\mod7700.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00138752 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ewusbnet.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00138752 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbnet.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00121600 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ewusbmdm.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00121600 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_hwusbdev.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00091136 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_jucdcacm.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00085504 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_jubusenum.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00055296 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_jucdcecm.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00029696 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ewdcsc.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00029184 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_juextctrl.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_usbenumfilter.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\ALDI TALK Verbindungsassistent.lnk
2015-06-04 23:31 - 2015-06-04 23:31 - 00002255 _____ C:\Users\Public\Desktop\ALDI TALK Verbindungsassistent.lnk
2015-06-04 23:31 - 2015-06-04 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALDI TALK Verbindungsassistent
2015-06-04 23:31 - 2015-06-04 23:31 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent
2015-06-02 21:57 - 2015-06-08 00:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 07:28 - 2015-06-01 07:28 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2015-05-31 10:03 - 2015-05-31 10:03 - 00527423 _____ ( ) C:\Users\Smigel\Downloads\Lame_v3.99.3_for_Windows.exe
2015-05-29 23:57 - 2015-05-31 10:08 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\Audacity
2015-05-29 23:57 - 2015-05-31 10:04 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-05-29 23:57 - 2015-05-29 23:57 - 00001039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-05-29 23:57 - 2015-05-29 23:57 - 00001027 _____ C:\Users\Public\Desktop\Audacity.lnk
2015-05-29 23:55 - 2015-05-29 23:55 - 01197344 _____ C:\Users\Smigel\Downloads\Audacity - CHIP-Installer.exe
2015-05-29 00:38 - 2015-05-29 00:38 - 00002002 _____ C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-05-29 00:38 - 2015-05-29 00:38 - 00001942 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2015-05-29 00:38 - 2015-05-29 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-29 00:38 - 2015-05-29 00:37 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-05-29 00:37 - 2015-04-27 23:30 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-05-19 00:38 - 2015-05-19 00:38 - 00002001 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-05-19 00:35 - 2015-05-19 00:35 - 00002005 _____ C:\Users\Public\Desktop\abPhoto.lnk
2015-05-17 22:19 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 22:19 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 22:15 - 2015-05-17 22:18 - 00000000 ____D C:\a254b032666b1c200c066a
2015-05-17 21:39 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-17 21:39 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-17 21:38 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-17 21:38 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-17 21:38 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-17 21:38 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-17 21:38 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-17 21:38 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-17 21:38 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-17 21:38 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-17 21:38 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-17 21:38 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-17 21:38 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-17 21:38 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-17 21:38 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-17 21:38 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-17 21:38 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-17 21:38 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-17 21:38 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-17 21:38 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-17 21:38 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-17 21:38 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 23:09 - 2015-05-12 23:09 - 00003334 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2015-05-12 23:09 - 2015-05-12 23:09 - 00002028 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-05-12 23:07 - 2015-05-12 23:07 - 00001969 _____ C:\Users\Public\Desktop\abDocs.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-10 20:18 - 2014-12-14 01:06 - 00000000 ____D C:\Users\Smigel
2015-06-10 20:15 - 2014-06-16 14:51 - 01129038 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-10 20:12 - 2014-12-26 19:08 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-10 20:06 - 2014-12-14 02:25 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-10 20:06 - 2014-12-14 02:25 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-10 20:06 - 2014-05-27 06:08 - 00000000 ____D C:\ProgramData\McAfee
2015-06-10 20:05 - 2014-12-14 02:24 - 00000000 ____D C:\Users\Smigel\AppData\Local\Adobe
2015-06-10 20:04 - 2014-12-14 11:03 - 00000000 ____D C:\Users\Smigel\AppData\Local\CrashDumps
2015-06-10 20:02 - 2014-12-14 01:06 - 00000000 ____D C:\Users\Smigel\AppData\Local\Pokki
2015-06-10 20:02 - 2014-06-17 00:19 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-10 20:02 - 2014-06-17 00:19 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-10 20:02 - 2014-03-18 12:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-10 20:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-10 19:58 - 2015-03-11 22:12 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-10 19:57 - 2015-04-21 00:19 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-10 19:56 - 2013-08-22 16:46 - 00059071 _____ C:\WINDOWS\setupact.log
2015-06-10 19:56 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-10 19:55 - 2013-08-22 16:44 - 00381472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-10 19:54 - 2014-03-18 11:54 - 00224354 _____ C:\WINDOWS\PFRO.log
2015-06-10 07:33 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-10 07:32 - 2015-04-27 23:08 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-10 07:32 - 2015-04-27 23:08 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-10 07:32 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-10 07:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-10 07:31 - 2014-10-01 23:40 - 00000000 ____D C:\Users\Smigel\Documents\Outlook-Dateien
2015-06-10 07:29 - 2015-04-21 00:19 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-10 07:27 - 2014-12-14 01:21 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2344713175-4130731840-4258726450-1001
2015-06-10 07:06 - 2014-12-26 19:07 - 00001122 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-10 07:06 - 2014-12-26 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-10 07:06 - 2014-12-26 19:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-10 02:31 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-06-10 01:33 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-10 01:31 - 2014-12-14 16:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 01:27 - 2014-12-14 16:12 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-10 01:19 - 2015-04-28 00:14 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-10 00:18 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-08 00:45 - 2014-12-14 01:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-07 23:29 - 2014-12-14 01:13 - 00000000 ____D C:\Users\Smigel\AppData\Local\clear.fi
2015-06-04 23:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-04 12:09 - 2014-10-03 13:34 - 00000000 ____D C:\Users\Smigel\Documents\aktuell
2015-06-03 18:18 - 2014-12-14 15:37 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2014-12-14 15:37 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-02 21:38 - 2014-12-14 15:49 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\Skype
2015-06-02 21:35 - 2014-12-14 11:04 - 00000000 ____D C:\ProgramData\Skype
2015-05-30 00:42 - 2014-11-07 08:03 - 00000000 ____D C:\Users\Smigel\Documents\Noten
2015-05-29 00:26 - 2014-12-14 01:17 - 00002323 _____ C:\Users\Smigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-05-20 01:53 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-20 00:31 - 2014-12-17 09:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-20 00:29 - 2015-04-05 22:17 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-20 00:29 - 2015-04-05 22:17 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-19 07:24 - 2015-04-21 00:19 - 00004114 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 07:24 - 2015-04-21 00:19 - 00003878 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 00:38 - 2014-05-27 05:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-05-19 00:38 - 2014-05-27 05:58 - 00000000 ____D C:\Program Files (x86)\Acer
2015-05-17 22:09 - 2014-03-18 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-17 21:42 - 2014-05-27 06:06 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-12 23:09 - 2014-12-14 01:17 - 00000000 ____D C:\Users\Smigel\AppData\Local\AOP SDK
2015-05-12 23:06 - 2014-05-27 06:46 - 00000000 ___HD C:\OEM
2015-05-11 21:44 - 2015-03-12 01:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-05-11 21:42 - 2015-04-30 22:25 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\Steganos
2015-05-11 20:19 - 2015-04-30 22:25 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\Steganos VPN

==================== Files in the root of some directories =======

2015-01-02 01:20 - 2015-01-02 01:20 - 0004569 _____ () C:\Users\Smigel\AppData\Local\tcNSISDump.Log
2014-06-16 15:15 - 2014-06-16 15:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Smigel\AppData\Local\Temp\avgnt.exe
C:\Users\Smigel\AppData\Local\Temp\Browser7-win32-installer-05.exe
C:\Users\Smigel\AppData\Local\Temp\divx3eb7.exe
C:\Users\Smigel\AppData\Local\Temp\DivXSetup.exe
C:\Users\Smigel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Smigel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Smigel\AppData\Local\Temp\FreeYouTubeDownload.exe
C:\Users\Smigel\AppData\Local\Temp\Intel_Technology_Access_Software.exe
C:\Users\Smigel\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Smigel\AppData\Local\Temp\oct41D1.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\oct488A.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\oct4E13.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\oct6754.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\oct9671.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\oct971F.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\octDF86.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\octE630.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\octF46C.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\Quarantine.exe
C:\Users\Smigel\AppData\Local\Temp\sdan.exe
C:\Users\Smigel\AppData\Local\Temp\sdapk.exe
C:\Users\Smigel\AppData\Local\Temp\sdaspwn.exe
C:\Users\Smigel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Smigel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Smigel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Smigel\AppData\Local\Temp\spidersolitaire.6.exe
C:\Users\Smigel\AppData\Local\Temp\sqlite3.dll
C:\Users\Smigel\AppData\Local\Temp\tmd_34011718.exe
C:\Users\Smigel\AppData\Local\Temp\tmd_34017520.exe
C:\Users\Smigel\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Smigel\AppData\Local\Temp\WEB.DE_MailCheck_FF_Setup_freeware.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-08 07:40

==================== End of log ============================
--- --- ---


Addition.txt:
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Smigel at 2015-06-10 20:24:50
Running from C:\Users\Smigel\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2344713175-4130731840-4258726450-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-2344713175-4130731840-4258726450-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2344713175-4130731840-4258726450-1003 - Limited - Enabled)
Smigel (S-1-5-21-2344713175-4130731840-4258726450-1001 - Administrator - Enabled) => C:\Users\Smigel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.07.2004 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.08.2003.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.03.2004.4 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8103 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.06.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3010 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.103.2020.206 - Alps Electric)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.07.2004.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Pro Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Druckerdeinstallation für EPSON BX305 Series (HKLM\...\EPSON BX305 Series) (Version:  - SEIKO EPSON Corporation)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
FLV and Media Player 4.2.1.1 (HKLM-x32\...\FLV and Media Player) (Version: 4.2.1.1 - Applian Technologies)
Free YouTube Download version 3.2.53.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.53.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{ADA8583A-C20B-414B-8CB7-3AA7A89F7952}) (Version: 7.1.4.1529 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{26AA61D4-B04D-4E0D-8E20-94A8FF2EE64D}) (Version: 4.2.40.2439 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office Home and Business 2013 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MuseScore 1.1 MuseScore score typesetter (HKLM-x32\...\MuseScore) (Version: 1.1.0 - Werner Schweer and Others)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
NVIDIA Grafiktreiber 332.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.91 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Password Keeper (HKLM-x32\...\Password Keeper) (Version: Password Keeper - Version 7.2 - Gregory Braun -- Software Design)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Asian Fonts Pack (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Convert Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Forms Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Insert Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 OCR Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Review Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Secure Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\Pokki) (Version: 0.269.7.573 - Pokki)
Pokki Download Helper (HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Pokki Start Menu (HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\Pokki_Start_Menu) (Version: 0.269.7.513 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21238 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Spider Solitaire (HKLM-x32\...\com.novelgames.flashgames.spidersolitaire) (Version: 1.6.3 - Novel Games Limited)
Spider Solitaire (x32 Version: 1.6.3 - Novel Games Limited) Hidden
TaxCalc (HKLM-x32\...\TaxCalcHub) (Version: 2 - Acorah Software Products)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.8-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

25-05-2015 13:20:33 Geplanter Prüfpunkt
29-05-2015 00:36:12 avast! antivirus system restore point
08-06-2015 00:47:49 Removed Zoosk Messenger

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0251FACE-A5D7-48B5-805F-66DCA86AAAC4} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>)
Task: {075EA162-CE78-4167-B4A8-0D68E7BC108B} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-04] (Acer Incorporate)
Task: {17A02393-ADF3-4DD5-B17E-546575FCFF7F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {1BA14FD3-8328-4B77-8D97-A0284D5D6E43} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {2F21D461-75F5-4E10-BE10-B8A5D59A8BBA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated)
Task: {3375BF1A-2A1E-4185-AFB0-57EAC6D62A96} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-27] (Avast Software s.r.o.)
Task: {373BA617-F723-49CA-8905-B0345AC29AB8} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {4166A9E0-C5A9-4966-8A84-8B1263DD760D} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-05-06] (Acer)
Task: {4A4062F0-A896-42EE-B243-04DF20E44F99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-21] (Google Inc.)
Task: {4C9D6B42-A8F9-4A7D-9FEE-36851FC623F0} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {4D46E439-1EE9-4546-9342-5B93E30181AA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {51D1578D-47A3-48BA-8044-FD35706D98B6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {596E3D65-0A77-445F-99A1-C40A5D3F2282} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {69A4954E-48AE-4573-B806-6A0F7C18908F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {A1EC6009-E618-476B-98D7-5DC94F0D9F27} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {A3D99AF8-F825-45CC-BC7D-B026A4AC9A25} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {AD169041-7CBD-4212-A311-7C5E499EC279} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-04] (Acer Incorporate)
Task: {B7C527B5-6BD2-4ABA-8144-32C647191231} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-07-08] (Dolby Laboratories Inc.)
Task: {BDD43769-264D-4C07-BDC9-A7B2FDEB7522} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {BF5E8F67-0F45-47ED-9995-E22717F6861D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {CABDF728-0469-4B1A-890F-8EA242DF0598} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-21] (Google Inc.)
Task: {D4924F5E-612A-4C77-859A-0D0500ABCACB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D6D7A850-FF1C-4A4C-98BC-54543B1DCFB2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DB622A09-8B2F-4B90-ABF6-8DD685A4AFA7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {E4ABF38D-A727-49B4-8E1A-5F3BC29579B5} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {EFD13CA9-2B8B-4AEB-A264-999605CF5780} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-01-18] (Acer Incorporate)
Task: {F8008F35-EC37-4C83-B0D2-FFEE61F0F00B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {FC918AD4-B742-4A5A-8040-D30C0483E29C} - System32\Tasks\{BE623303-5467-4C84-833E-9C3218768450} => pcalua.exe -a D:\.\Setup.exe -d D:\ -c AUTORUN=1
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-06-16 14:51 - 2014-03-24 14:30 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-14 13:26 - 2006-02-23 12:35 - 00020480 _____ () C:\WINDOWS\System32\FritzColorPort64.dll
2014-12-14 13:26 - 2006-02-22 11:39 - 00020480 _____ () C:\WINDOWS\System32\FritzPort64.dll
2015-06-04 23:31 - 2011-09-13 10:16 - 00342984 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-17 09:08 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-17 14:43 - 2015-03-17 14:43 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-02-08 12:20 - 2015-02-08 12:20 - 01793248 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-03-17 15:15 - 2015-03-17 15:15 - 00355040 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2013-08-12 19:06 - 2013-08-12 19:06 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-12 19:06 - 2013-08-12 19:06 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-12 19:06 - 2013-08-12 19:06 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-06-16 15:30 - 2012-04-24 12:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-07-08 18:53 - 2013-07-08 18:53 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2015-06-04 23:31 - 2011-09-13 10:16 - 00510920 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-05-06 16:14 - 2015-05-06 16:14 - 00092928 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-05-06 16:14 - 2015-05-06 16:14 - 00090368 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-04-27 23:29 - 2015-04-27 23:29 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-27 23:29 - 2015-04-27 23:29 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-10 00:31 - 2015-06-10 00:31 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060901\algo.dll
2015-06-10 19:58 - 2015-06-10 19:58 - 02953216 _____ () C:\Program Files\AVAST Software\Avast\defs\15061000\algo.dll
2015-05-06 16:04 - 2015-05-06 16:04 - 00203008 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-05-06 16:04 - 2015-05-06 16:04 - 00119552 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00641792 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-05-12 23:06 - 2015-05-12 23:06 - 00015616 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-05-06 10:08 - 2015-05-06 10:08 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-05-06 10:06 - 2015-05-06 10:06 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-03-11 22:17 - 2015-03-11 22:17 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-06 16:15 - 2015-05-06 16:15 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2015-01-04 06:06 - 2015-01-04 06:06 - 00569856 _____ () C:\Users\Smigel\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-01-04 06:06 - 2015-01-04 06:06 - 01400846 _____ () C:\Users\Smigel\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-01-04 06:06 - 2015-01-04 06:06 - 00151054 _____ () C:\Users\Smigel\AppData\Local\Pokki\Engine\avutil-51.dll
2015-01-04 06:06 - 2015-01-04 06:06 - 00222734 _____ () C:\Users\Smigel\AppData\Local\Pokki\Engine\avformat-54.dll
2014-06-16 14:54 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5C14A003-CB2C-4CDB-A72E-31BB7DDA0A67}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{C94E3CA9-2567-4889-8791-0642021E76BD}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{A5DFBF0B-9AC9-4D3B-A428-B5CFF2B651D3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4C7B5A11-4A33-477A-90C7-1AF5C6A74F9A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{62F2C8F6-EC44-4DED-9F52-670B5053BA49}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D82189B6-99F6-4DB0-B317-DC5911086D2E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7BF48C98-E30F-4281-99A4-AFE14EBE637D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C4E9E666-E434-43E5-A3E1-949374C8104E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{89A3F221-A865-4518-B82F-6D71150CFB97}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E2FCDC33-4421-48F4-881E-463C576B05F4}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{FD65E2D1-0ECC-4D55-86A0-06E93E9DFA76}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{4C1AAA97-3403-4440-895E-E80166630168}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{0F71A4F4-7B1D-4635-A12C-61DF78D1CCED}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{928755E9-19F8-42EB-B3A0-9AB556EBC795}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F19E2961-57C3-4D74-81A9-52742D6E2E58}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{7CC75E84-0947-4D38-9B3D-C20E1257633D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{6A3340A1-BA88-422A-93D0-83685459A8B6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{CF784395-1668-4BCE-94CB-FB9F991950F9}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{9C8C254A-2D6C-42CD-9490-2A46A8B7E3E8}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{21F81D9B-AEB1-4A05-A8B3-DC33D48017A7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{702BE584-7999-4ADB-A2BD-2EDB40E9B912}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{993AD3AF-0B97-4851-98FC-9972647C3971}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F3F3121C-E448-49D1-8DF0-A360ADF1EB47}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{84CFC1F6-25FC-4335-A9CE-2D1DF348280D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{666DE872-E01E-4A10-BA22-FC8B3CE1BD47}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{9CFD266F-47EC-43BB-AA75-6126285DCCEF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{4FA488CA-6AEB-4455-A3B0-6E282D4D9A60}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{6C8C260A-01A1-4094-BF9E-BD7F07E250A4}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{144D0C08-A0EA-46FF-9D3D-9570ACCDD614}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{02CDC49C-00CE-4C40-A142-070BB7FEFEFE}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{D4D1EC39-8432-4A8D-87DA-3AFCD352AAD4}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{1E1632ED-E4C5-4A19-A5DC-CE9DDC80CC8B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{E0357DA6-0910-45C0-905B-45766DA19516}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{E151DBFC-4EF2-46B5-99C4-8EEFB90540F8}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{37B991FF-CD59-486B-A265-8012A8C59CCF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{2C90B705-F401-466E-9527-1BBC41B8747F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{9C2D26B6-0333-49E1-A0CB-D056A63AD534}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{A483DFEE-E9DA-48DA-95D0-A6F4A6C88CC2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{EEB02E67-8A95-4DA4-821A-7EB3B6D5B2F5}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4801D889-39E1-4C76-843A-C42BCFBBFD68}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{0C90D062-101F-4D42-A03D-2933BE44932B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{D7DFCEDF-BF0F-440C-9438-138D335B0F20}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{D44303B0-EB42-4713-A2CF-97E3CCAE540C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{63BEC29A-9479-4FC9-A1B4-01623A5F277D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{99CE7BCA-A07B-404C-85AE-B67039C86436}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{433A23AE-9B6F-4938-8678-41DFEFE7AB03}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D6C57E2A-E5AA-4162-9379-289F977D0075}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A5783C04-AE20-4D7A-8CF2-974FDBF2D709}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DE859A16-F9C9-4270-800D-AA703ED21297}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1AB961E7-62B2-48AD-A99C-4E268D345AFD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F9DE6EB5-18C0-4A8B-9FBA-AB4D28AF4E26}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{2C9C10B0-2E95-43F3-8BBB-0E9F295828B0}C:\users\smigel\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\smigel\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [UDP Query User{595E1487-A580-4D9F-AE35-B99E2EBA9AF6}C:\users\smigel\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\smigel\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [{8B6AFB54-7F4C-4364-AB11-4B732F500210}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{47AE4871-E22C-45B0-96A6-F43569F0D950}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{411D1704-80F1-4A36-9EC3-C8DFFD96553E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{D87639D3-A567-43F2-B0A6-2CC86F964960}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E9A8CB4D-15D4-4BCB-883B-B2ED28452C33}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{727C8A36-48F0-4972-9ACE-542D26EEC261}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{92D70C53-31EB-46E6-95DD-66169AA6AD58}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{F2C55A0F-AD11-452B-ADC3-CE364F3E283A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{298CEE9D-C351-47F0-BA4A-9DD769966CF8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EC40C88B-018E-4C87-B278-0EC3707305A2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{63F8BFF1-D7E7-4B59-8738-F0C7B38C0722}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5C5C9B80-93B4-4C54-B994-AC66AE04F8A1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6A7EF3D6-0B45-492C-8C62-A02D60096DF3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4C63FBFC-294A-4574-8542-20F3A8B287CC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B83F1D5A-30E2-4AB8-A585-8AB4D350ED7A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{8DFCDEEA-E3A3-4589-B82C-AA5F910212C0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{88860151-D2FD-41FA-81E7-16F04F8D72F6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{B73E2857-84C8-4B52-BE41-521377CD5CEB}] => (Allow) C:\Program Files (x86)\Acorah Software Products\TaxCalcHub\TaxCalcHub.exe
FirewallRules: [{A47B8C93-5AAB-4FC1-833F-27907AA2E359}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{684E7ED6-956C-45C9-B6C5-31453D114666}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{946A2BED-0D47-4F63-BF14-0107E6358DD8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AC1CC4E1-3436-4427-9484-81016BD3FCB8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{084A8181-9642-49C0-845F-333EC993CB51}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{B12A1697-7687-4B24-89D8-DB52D6536058}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{68DFB0D6-B6F0-45C6-A13B-247435F8FCD3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{3D27B94B-DEDA-41A4-8493-B4B67041DD9F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{CC092DD3-E871-423F-831E-D084ED7F13A0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{0B5D4E62-A51E-4533-BECB-5FF474775DBF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{5049BE3D-E128-4921-ACC2-DF9D742991EE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{ECD03535-803B-40D7-BE86-FAA5DBE08BC1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{84468FC1-7AB7-49DF-88C2-8C2D051B1EC0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{766233FD-F571-400F-B508-7FA213E8FB76}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{277B2357-FDB2-49BE-94FC-464B5196790B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{674634F2-9F25-4872-B6BC-904FC2D5E12A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A9876FCD-B794-4C16-87DF-C6A7DAEB1599}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BADCB907-BF81-4D67-97DB-84F060449FB3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{89E20D4F-723B-4FD9-A195-AA859535A24F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{484527CF-7921-4A5A-9F0E-4DFF387E32E2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{61CAD21E-3A39-42F7-A4E8-A48A33A641B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1BFEA530-4417-4321-B65B-57AB4E1EE98D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{70842E12-8C64-47EC-8729-E5C2F95BCC79}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7F97FD28-19FD-4F80-B95B-277B0E01E2A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{42164B80-C68F-42C5-82EE-324037964CF6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A01C96C4-05BD-46FF-BB10-A4B5B4236B3A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D1B46549-822A-4BD6-BF5F-ABF1A94BCDE2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A8EE155B-D5A6-4E4B-AAB9-A659AE360733}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6079F48C-34AA-4E26-BC38-4F86E661AB4A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3BC3226A-AA05-4246-9218-71B19158562E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{52974BBF-DC58-40D3-8E51-C0B21C42AF2B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{845EB300-62EC-4FD9-A443-F356D505C9DC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A73F8AA0-48E0-4EC0-9A6C-4A5D0C617167}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EF1E9163-DAB9-4B02-A6CB-097DE15C6C52}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{CCD631A4-13BC-450A-992A-8FDB34730138}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{16754D92-EF2E-46C5-8FAF-4939D989574D}C:\program files (x86)\dev-php3\devphp3.exe] => (Allow) C:\program files (x86)\dev-php3\devphp3.exe
FirewallRules: [UDP Query User{912EDDFE-ED14-4084-8C88-AA9E219CD4EE}C:\program files (x86)\dev-php3\devphp3.exe] => (Allow) C:\program files (x86)\dev-php3\devphp3.exe
FirewallRules: [TCP Query User{2C66F4DE-671A-4951-B8E6-0A36D2FB127C}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{48ED91D9-A8B0-456B-92D1-7E5F77CB3D42}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{AC3C61C1-3795-4298-A793-A154EE975BAE}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{DCBFA1C1-DE24-4511-B5E3-6743257C5ABD}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{9BCF52D3-9339-41A8-9A9B-0466B50F4B21}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{F48FCE17-0439-4C27-A235-441FE16FF459}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{F5BBD8D8-7942-4623-9F69-B0E89586058A}C:\program files (x86)\dev-php3\devphp3.exe] => (Block) C:\program files (x86)\dev-php3\devphp3.exe
FirewallRules: [UDP Query User{CFC0E6A9-262A-4DD9-B3CE-61E7F380E7E5}C:\program files (x86)\dev-php3\devphp3.exe] => (Block) C:\program files (x86)\dev-php3\devphp3.exe
FirewallRules: [TCP Query User{29538709-ACDA-4FED-9E76-359A0F6C747C}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{785B6991-F505-4241-8D7B-A89AA3984D5C}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{F2501C44-A1F3-4E23-A5A5-18174193B34B}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{7579AFA5-E250-46E0-A0F5-565D5ABBAF75}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{1E00A2C3-5B8F-4F81-B161-CD554BFF9523}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{96E9566D-4045-48D9-B929-7875A2175F03}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{27C1B0F4-C094-4A28-95D2-5E527C0963C3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1C8B8156-0220-47DD-81E6-6EF09963CE2C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CC6C6075-F797-488A-BBA2-572B19FEA9FD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BBF488F0-ED34-4EF5-BC10-FA2132D26153}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FDFC46DE-204A-4D7E-973E-3B0FBFBF1830}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AD690440-7D7D-4980-9A82-5F14DC8BEDF1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AE9F39A1-33AB-4766-80FB-08BF0DDE423E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7F14BACB-E31C-40FF-A21A-11F4D921F6FA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{935804DD-528A-4820-8720-EC7E8364FE39}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{360BD2AD-3B79-475F-9291-ECECAFD835DE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{2C2FC837-80D9-4CAE-A8FD-B1ECE2BC7F1B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C8F8577C-B623-47FC-884D-6D757666D1C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2AACAB52-933C-4083-8651-7DD3B3788F70}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2015 08:03:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.5.5623, Zeitstempel: 0x5563c49a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.5.5623, Zeitstempel: 0x5563b229
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x25fc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/10/2015 00:30:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x000006ba
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0xdfc
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_unknown0
Pfad der fehlerhaften Anwendung: setup.exe_unknown1
Pfad des fehlerhaften Moduls: setup.exe_unknown2
Berichtskennung: setup.exe_unknown3
Vollständiger Name des fehlerhaften Pakets: setup.exe_unknown4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: setup.exe_unknown5

Error: (06/10/2015 00:30:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Smigel-Acer)
Description: Die Anwendung oder der Dienst "ZooskMessenger" konnte nicht heruntergefahren werden.

Error: (06/10/2015 00:29:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x000006ba
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x2808
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_unknown0
Pfad der fehlerhaften Anwendung: setup.exe_unknown1
Pfad des fehlerhaften Moduls: setup.exe_unknown2
Berichtskennung: setup.exe_unknown3
Vollständiger Name des fehlerhaften Pakets: setup.exe_unknown4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: setup.exe_unknown5

Error: (06/10/2015 00:29:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.5.5623, Zeitstempel: 0x5563c49a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.5.5623, Zeitstempel: 0x5563b229
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x16dc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/09/2015 06:13:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5406

Error: (06/09/2015 06:13:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5406

Error: (06/09/2015 06:13:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/09/2015 06:13:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3984

Error: (06/09/2015 06:13:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3984


System errors:
=============
Error: (06/10/2015 05:06:14 AM) (Source: DCOM) (EventID: 10010) (User: Smigel-Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/10/2015 05:05:44 AM) (Source: DCOM) (EventID: 10010) (User: Smigel-Acer)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/10/2015 01:23:59 AM) (Source: DCOM) (EventID: 10010) (User: Smigel-Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/08/2015 09:24:38 PM) (Source: DCOM) (EventID: 10010) (User: Smigel-Acer)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/08/2015 09:24:08 PM) (Source: DCOM) (EventID: 10010) (User: Smigel-Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/08/2015 08:15:45 AM) (Source: DCOM) (EventID: 10010) (User: Smigel-Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/08/2015 08:15:15 AM) (Source: DCOM) (EventID: 10010) (User: Smigel-Acer)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/08/2015 08:01:09 AM) (Source: DCOM) (EventID: 10010) (User: Smigel-Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/08/2015 08:00:39 AM) (Source: DCOM) (EventID: 10010) (User: Smigel-Acer)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/08/2015 07:41:47 AM) (Source: DCOM) (EventID: 10010) (User: Smigel-Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office:
=========================
Error: (06/10/2015 08:03:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.5.56235563c49amozalloc.dll38.0.5.56235563b2298000000300001aa125fc01d0a3a7306bd7c3C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll10a33d36-0f9b-11e5-828a-c45444832470

Error: (06/10/2015 00:30:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: setup.exe_unknown0.0.0.02a425e19KERNELBASE.dll6.3.9600.1741554504ade000006ba00014598dfc01d0a303e1e4e90aC:\Users\Smigel\AppData\Local\Temp\TMP448~1\setup.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll29d7ff0b-0ef7-11e5-8289-c45444832470

Error: (06/10/2015 00:30:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Smigel-Acer)
Description: 1C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exeZooskMessenger0211770880

Error: (06/10/2015 00:29:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: setup.exe_unknown0.0.0.02a425e19KERNELBASE.dll6.3.9600.1741554504ade000006ba00014598280801d0a303b5002bf6C:\Users\Smigel\AppData\Local\Temp\TMP448~1\setup.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll0e0832ce-0ef7-11e5-8289-c45444832470

Error: (06/10/2015 00:29:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.5.56235563c49amozalloc.dll38.0.5.56235563b2298000000300001aa116dc01d0a23e54eb1121C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf4296de8-0ef6-11e5-8289-c45444832470

Error: (06/09/2015 06:13:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5406

Error: (06/09/2015 06:13:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5406

Error: (06/09/2015 06:13:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/09/2015 06:13:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3984

Error: (06/09/2015 06:13:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3984


CodeIntegrity Errors:
===================================
  Date: 2015-03-22 12:45:18.109
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-11 23:41:50.105
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-11 23:29:38.529
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-11 22:52:42.920
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-11 22:13:45.086
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-11 21:26:38.918
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 35%
Total physical RAM: 8072.27 MB
Available physical RAM: 5183.41 MB
Total Pagefile: 9352.27 MB
Available Pagefile: 5876.09 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:898.59 GB) (Free:737.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 266AC530)

Partition: GPT Partition Type.

==================== End of log ============================
--- --- ---



Den Code von GMER und Malwarebytes Anti Malware poste ich aus Platzgründen später.

cosinus 10.06.2015 21:59
Hi,

Zitat:
Den Code von GMER und Malwarebytes Anti Malware poste ich aus Platzgründen später.
Bitte jetzt posten in CODE-Tags :)

Smigel 10.06.2015 22:17
GMER:

Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-10 20:40:10
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002d ST1000LM014-1EJ164 rev.SM14 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Smigel\AppData\Local\Temp\kxrdqaod.sys


---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [724:748]                                                                                                                                                                  fffff960008a02d0
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:2952]                                                                                                                                                                00000000001615f6
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:4012]                                                                                                                                                                00000000000ce6a0
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:4028]                                                                                                                                                                00000000000d3720
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:2140]                                                                                                                                                                0000000000129750
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:6932]                                                                                                                                                                0000000000131b40
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:4088]                                                                                                                                                                0000000000131d10
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:9840]                                                                                                                                                                0000000000131b40
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:8508]                                                                                                                                                                0000000000131d10
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:9784]                                                                                                                                                                0000000000131b40
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:9864]                                                                                                                                                                0000000000131d10
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:6996]                                                                                                                                                                0000000000131b40
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [2948:3884]                                                                                                                                                                0000000000131d10
---- Processes - GMER 2.1 ----

Library  C:\Users\Smigel\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppService.exe [7584] (Chromium/The Chromium Authors)(2015-03-19 17:19:00)  00000000571d0000
Library  C:\Users\Smigel\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppService.exe [7584] (ICU Data DLL/The ICU Project)(2015-01-04 04:06:14)      000000005b670000
Library  C:\Users\Smigel\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppService.exe [8184] (Chromium/The Chromium Authors)(2015-03-19 17:19:00)  00000000571d0000
Library  C:\Users\Smigel\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppService.exe [8184] (ICU Data DLL/The ICU Project)(2015-01-04 04:06:14)      000000005b670000
Library  C:\Users\Smigel\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll (*** suspicious ***) @ C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppService.exe [8184](2015-01-04 04:06:14)                  000000005a2d0000
Library  C:\Users\Smigel\AppData\Local\Pokki\Engine\avcodec-54.dll (*** suspicious ***) @ C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppService.exe [8184](2015-01-04 04:06:14)                                0000000050be0000
Library  C:\Users\Smigel\AppData\Local\Pokki\Engine\avutil-51.dll (*** suspicious ***) @ C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppService.exe [8184](2015-01-04 04:06:14)                                000000005a2a0000
Library  C:\Users\Smigel\AppData\Local\Pokki\Engine\avformat-54.dll (*** suspicious ***) @ C:\Users\Smigel\AppData\Local\Pokki\Engine\HostAppService.exe [8184](2015-01-04 04:06:14)                              0000000050ba0000

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                                                                                    unknown MBR code

---- EOF - GMER 2.1 ----

Malwarebytes Anti-Malware Mittwoch morgen (noch vor den System-Scans oben):

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 10.06.2015
Suchlauf-Zeit: 07:07:25
Logdatei: 150610_MBAM_Scan.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.09.06
Rootkit Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Smigel

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 429067
Verstrichene Zeit: 18 Min, 56 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 7
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugincontainer.exe, 2292, , [604ae0d8a5e5ea4c7a2fe88f41c545bb]
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\3\Plugin.exe, 3452, , [199107b1d5b51a1c61487ff847bfe719]
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\3\Plugin.exe, 152, , [199107b1d5b51a1c61487ff847bfe719]
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\2\Plugin.exe, 10668, , [a901e2d62367bd79d2d7ef8831d539c7]
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\5\Plugin.exe, 12108, , [109a9127f298d75f39702d4a16f04eb2]
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Common Files\68f7eaff-0da4-47f4-8262-425ca2a087dd\updater.exe, 7880, , [b7f3b00857330333f2b798df36d0ec14]
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\8\Plugin.exe, 6592, , [eebc8e2af496a88e5f4a0d6a10f6b44c]

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 24
PUP.Optional.CrazyScore.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr CrazyScore, , [604ae0d8a5e5ea4c7a2fe88f41c545bb],
PUP.Optional.CrazyScore.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr CrazyScore, , [b7f3b00857330333f2b798df36d0ec14],
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f439aa7e-a2a0-4635-99a2-164180e848ca}, , [31792e8ae8a2b87e4d554d1505fe37c9],
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{f439aa7e-a2a0-4635-99a2-164180e848ca}, , [31792e8ae8a2b87e4d554d1505fe37c9],
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{31d48cad-f6d9-411a-a0c9-c1f051511a86}, , [31792e8ae8a2b87e4d554d1505fe37c9],
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B81A3063-CE6C-4F9A-AEBD-5DDD0EA805A0}, , [31792e8ae8a2b87e4d554d1505fe37c9],
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B81A3063-CE6C-4F9A-AEBD-5DDD0EA805A0}, , [31792e8ae8a2b87e4d554d1505fe37c9],
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B81A3063-CE6C-4F9A-AEBD-5DDD0EA805A0}, , [31792e8ae8a2b87e4d554d1505fe37c9],
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{31d48cad-f6d9-411a-a0c9-c1f051511a86}, , [31792e8ae8a2b87e4d554d1505fe37c9],
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{31d48cad-f6d9-411a-a0c9-c1f051511a86}, , [31792e8ae8a2b87e4d554d1505fe37c9],
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F439AA7E-A2A0-4635-99A2-164180E848CA}, , [31792e8ae8a2b87e4d554d1505fe37c9],
PUP.Optional.CrazyScore.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Crazy Score, , [2684595f47439c9af7b2fc7b61a5f808],
PUP.Optional.Dregol.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Run_Dregol, , [6941e1d73555ba7c41c9cea96e98b24e],
PUP.Optional.Dregol.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, , [c0ea4d6babdfd85efa23599855ae03fd],
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [a307deda15750b2b33c13745dd2843bd],
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, , [2e7c09af84061e189ce6aa59cf355ba5],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [77338830503aaa8cbe1e87e7aa5b5aa6],
PUP.Optional.Dregol.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, , [a5052a8e2d5dd26468b5c52cc73c31cf],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [cbdfa5132c5e3006311e2adca85c7987],
PUP.Optional.Dregol.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\run_dregol, , [34764a6e454575c1140e8a673cc7817f],
PUP.Optional.Dregol.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, , [3f6ba018fe8cba7c031b4da4df24eb15],
PUP.Optional.Dregol.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [01a92197305aee4841b2b3c950b53fc1],
PUP.Optional.HomePageHelper.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E32EADDD-AF11-11E4-8268-C45444832470}, , [8327a3150f7bce68737819d343c0b848],
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\PRODUCTSETUP, , [2f7b78405f2b73c3734e1276808509f7],

Registrierungswerte: 17
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=, , [a307deda15750b2b33c13745dd2843bd]
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=, , [4763f0c83f4bdd59d2225b21f0152ed2]
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Users\Smigel\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, , [15951d9bf397ef47787c92eaab5a6997]
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Dregol, , [74362b8df199a19511e30379ad58728e]
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Dregol, , [d2d89b1df99196a0e70ddba12bda6f91]
PUP.Optional.Dregol.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Run_Dregol\\, , [e1c909afbcce65d1ca6ecb214ab956aa]
PUP.Optional.QuickSearch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_searchff@gmail.com, C:\Users\Smigel\AppData\Roaming\Mozilla\Firefox\Profiles\4qsfzn18.default-1426112488545\extensions\quick_searchff@gmail.com, , [9911b701b4d6d660543ed814db28ed13]
PUP.Optional.Dregol.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=, , [01a92197305aee4841b2b3c950b53fc1]
PUP.Optional.Dregol.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=, , [1f8beace9ded5ed881720f6dbb4a1be5]
PUP.Optional.Dregol.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Users\Smigel\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, , [b9f17840d7b3092d896acdaf7e878779]
PUP.Optional.Dregol.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Dregol, , [f0ba3c7c2b5fa294b93a6c1009fc6898]
PUP.Optional.Dregol.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Dregol, , [eac0f4c41e6c33036291dba10401c937]
PUP.Optional.HomePageHelper.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E32EADDD-AF11-11E4-8268-C45444832470}|FaviconURL, hxxp://homepage-web.com/favicon.ico, , [8327a3150f7bce68737819d343c0b848]
PUP.Optional.HomePageHelper.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E32EADDD-AF11-11E4-8268-C45444832470}|FaviconURLFallback, hxxp://homepage-web.com/favicon.ico, , [7436397f96f4d3632cbfa5471fe4f20e]
PUP.Optional.HomePageHelper.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E32EADDD-AF11-11E4-8268-C45444832470}|TopResultURL, hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}, , [95154a6e2e5c93a354978b6156ad1fe1]
PUP.Optional.HomePageHelper.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E32EADDD-AF11-11E4-8268-C45444832470}|URL, hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}, , [6e3ceccc0f7bef473fac6884fd06f40c]
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\PRODUCTSETUP|tb, , [2f7b78405f2b73c3734e1276808509f7],

Registrierungsdaten: 2
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1430425496&from=cor&uid=ST1000LM014-1EJ164_W381ZDPWXXXXW381ZDPW&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1430425496&from=cor&uid=ST1000LM014-1EJ164_W381ZDPWXXXXW381ZDPW&q={searchTerms}),,[bceeb0084f3b8fa7f3ee5bd4f90de020]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1430425496&from=cor&uid=ST1000LM014-1EJ164_W381ZDPWXXXXW381ZDPW&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1430425496&from=cor&uid=ST1000LM014-1EJ164_W381ZDPWXXXXW381ZDPW&q={searchTerms}),,[a604ad0b94f66dc905dc81ae6f9721df]

Ordner: 21
PUP.Optional.UpdateProc.A, C:\Users\Smigel\AppData\Roaming\Run_dregol\UpdateProc, , [575313a52f5b5cdacd86dca94eb7f40c],
PUP.Optional.UpdateProc.A, C:\Users\Smigel\AppData\Roaming\Run_dregol, , [575313a52f5b5cdacd86dca94eb7f40c],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [9a107b3db1d91323563759714fb4cd33],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [9a107b3db1d91323563759714fb4cd33],
PUP.Optional.Dregol.A, C:\Program Files (x86)\Run_Dregol, , [d7d3892f0189102620342db820e38b75],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd, , [4763eccc56342016c9aa9652b84b12ee],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugincontainer, , [4763eccc56342016c9aa9652b84b12ee],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins, , [4763eccc56342016c9aa9652b84b12ee],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\2, , [4763eccc56342016c9aa9652b84b12ee],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\2bak, , [4763eccc56342016c9aa9652b84b12ee],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\3, , [4763eccc56342016c9aa9652b84b12ee],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\3bak, , [4763eccc56342016c9aa9652b84b12ee],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\5, , [4763eccc56342016c9aa9652b84b12ee],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\8, , [4763eccc56342016c9aa9652b84b12ee],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Common Files\68f7eaff-0da4-47f4-8262-425ca2a087dd, , [c2e8dade2565f1454232db0d1be8d22e],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Common Files\68f7eaff-0da4-47f4-8262-425ca2a087dd\updater, , [c2e8dade2565f1454232db0d1be8d22e],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Crazy Score, , [9f0b586094f69e9802733badd23143bd],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Crazy Score\Extensions, , [9f0b586094f69e9802733badd23143bd],
PUP.Optional.CrazyScore.A, C:\Users\Smigel\AppData\Local\Temp\Crazy Score, , [57539c1c771338fe87effcecf211d030],
PUP.Optional.CrazyScore.A, C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kknfkgbilaemfjcjjfgemgcgbajbgadd\1.0.5637.26466_0, , [44661a9e4c3e74c21dedc3b711f5a55b],
PUP.Optional.CrazyScore.A, C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kknfkgbilaemfjcjjfgemgcgbajbgadd, , [44661a9e4c3e74c21dedc3b711f5a55b],

Dateien: 49
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugincontainer.exe, , [604ae0d8a5e5ea4c7a2fe88f41c545bb],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\3\Plugin.exe, , [199107b1d5b51a1c61487ff847bfe719],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\2\Plugin.exe, , [a901e2d62367bd79d2d7ef8831d539c7],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\5\Plugin.exe, , [109a9127f298d75f39702d4a16f04eb2],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Common Files\68f7eaff-0da4-47f4-8262-425ca2a087dd\updater.exe, , [b7f3b00857330333f2b798df36d0ec14],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\8\Plugin.exe, , [eebc8e2af496a88e5f4a0d6a10f6b44c],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Crazy Score\Extensions\f439aa7e-a2a0-4635-99a2-164180e848ca.dll, , [31792e8ae8a2b87e4d554d1505fe37c9],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugincontainer.bak, , [d5d5f6c28ffbb97d4b5eeb8ced19659b],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\2bak\Plugin.exe, , [abff05b34347e3536049b8bf8680d12f],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\plugins\3bak\Plugin.exe, , [b7f3b107c6c41a1cfdac53242cda3dc3],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Crazy Score\Uninstaller.exe, , [2684595f47439c9af7b2fc7b61a5f808],
PUP.Optional.Dregol.C, C:\Program Files (x86)\Run_Dregol\uninstall.exe, , [6941e1d73555ba7c41c9cea96e98b24e],
PUP.Optional.InstallCore.C, C:\Users\Smigel\AppData\Local\Temp\cd12c26ee0d3673b97d6f2ea3eb34eb8.exe, , [dfcb8f29cbbfee48ff437eddd929af51],
PUP.Optional.InstallCore.A, C:\Users\Smigel\AppData\Local\Temp\2qO8y9dZ.exe.part, , [01a905b3a8e2e84e9616c1a737cb5ea2],
PUP.Optional.OpenCandy, C:\Users\Smigel\AppData\Local\Temp\ocpB9FA.tmp\ocpB9FB.tmp, , [1b8f843498f28fa75796f171fe08c739],
PUP.Optional.CheckOffer, C:\Users\Smigel\AppData\Local\Temp\nscCAEB.tmp\nsPage_LoadOffer.dll, , [525808b03a50be789fc9451e08fade22],
PUP.Optional.CheckOffer, C:\Users\Smigel\AppData\Local\Temp\nso13EB.tmp\nsCBHTML5.dll, , [baf068507e0c9e9897d1560d0bf7c838],
PUP.Optional.Installcore, C:\Users\Smigel\Downloads\flvplayer.exe, , [76348632a9e13600af67b94741c58b75],
PUP.Optional.InstallCore.SID.A, C:\Users\Smigel\Downloads\installer_avast_free_antivirus_German.exe, , [bbef427683073cfa0db8cfa8de283ec2],
PUP.Optional.InstallCore.A, C:\Users\Smigel\Downloads\FileZilla_3.10.2_win32-setup.exe, , [1f8b1b9dfc8e37ff8626b0b838ca8977],
PUP.Optional.Dregol.C, C:\Users\Smigel\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, , [06a49a1e08822b0b52dcffedb74c956b],
PUP.Optional.Dregol.C, C:\Users\Smigel\AppData\Local\Chromium\Application\Dregol.ico, , [f0ba7147aae0b2843205e70549babb45],
PUP.Optional.Dregol.C, C:\Users\Smigel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dregol (2).lnk, , [6d3de3d53258c0769752d7159271ce32],
PUP.Optional.Dregol.C, C:\Users\Smigel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dregol.lnk, , [03a7dcdcc2c8b3833dacfaf21be859a7],
PUP.Optional.Dregol.C, C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ihokndmjeombjojnfkmapfnjeghjohim_0.localstorage, , [565412a62f5b0e282dcf15d751b2d828],
PUP.Optional.Dregol.A, C:\Windows\System32\Tasks\Run_dregol, , [3f6b1f99fc8ea19549d6955c7b8821df],
PUP.Optional.Dregol.A, C:\Windows\Tasks\Run_dregol.job, , [6446dcdcd8b2dd59968a747ddc27b14f],
PUP.Optional.Dregol.A, C:\Users\Smigel\AppData\Roaming\Mozilla\Firefox\Profiles\4qsfzn18.default-1426112488545\searchplugins\dregol.xml, , [4466c4f45436b87e130e0ee3ea1921df],
PUP.Optional.Dregol.A, C:\Users\Smigel\Desktop\Dregol.lnk, , [decc78407713aa8cd65221d044bf7b85],
PUP.Optional.MyStartSearch.A, C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, , [fdad48703456f73f599010eb6c97f30d],
PUP.Optional.MyStartSearch.A, C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, , [a2085167b7d325112cbd807b0bf84db3],
PUP.Optional.UpdateProc.A, C:\Users\Smigel\AppData\Roaming\Run_dregol\UpdateProc\bkup.dat, , [575313a52f5b5cdacd86dca94eb7f40c],
PUP.Optional.UpdateProc.A, C:\Users\Smigel\AppData\Roaming\Run_dregol\UpdateProc\config.dat, , [575313a52f5b5cdacd86dca94eb7f40c],
PUP.Optional.UpdateProc.A, C:\Users\Smigel\AppData\Roaming\Run_dregol\UpdateProc\info.dat, , [575313a52f5b5cdacd86dca94eb7f40c],
PUP.Optional.UpdateProc.A, C:\Users\Smigel\AppData\Roaming\Run_dregol\UpdateProc\UpdateTask.exe, , [575313a52f5b5cdacd86dca94eb7f40c],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [9a107b3db1d91323563759714fb4cd33],
PUP.Optional.Dregol.A, C:\Program Files (x86)\Run_Dregol\config.dat, , [d7d3892f0189102620342db820e38b75],
PUP.Optional.Dregol.A, C:\Program Files (x86)\Run_Dregol\Sqlite3.dll, , [d7d3892f0189102620342db820e38b75],
PUP.Optional.Dregol.A, C:\Program Files (x86)\Run_Dregol\uninst.dat, , [d7d3892f0189102620342db820e38b75],
PUP.Optional.CrazyScore.A, C:\ProgramData\68f7eaff-0da4-47f4-8262-425ca2a087dd\temp, , [4763eccc56342016c9aa9652b84b12ee],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Common Files\68f7eaff-0da4-47f4-8262-425ca2a087dd\updater.bak, , [c2e8dade2565f1454232db0d1be8d22e],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Crazy Score\7za.exe, , [9f0b586094f69e9802733badd23143bd],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Crazy Score\Extensions\kknfkgbilaemfjcjjfgemgcgbajbgadd.crx, , [9f0b586094f69e9802733badd23143bd],
PUP.Optional.CrazyScore.A, C:\Program Files (x86)\Crazy Score\Extensions\{0d68400f-30b4-459a-94ed-bd57e329ed5d}.xpi, , [9f0b586094f69e9802733badd23143bd],
PUP.Optional.CrazyScore.A, C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kknfkgbilaemfjcjjfgemgcgbajbgadd\1.0.5637.26466_0\manifest.json, , [44661a9e4c3e74c21dedc3b711f5a55b],
PUP.Optional.CrazyScore.A, C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kknfkgbilaemfjcjjfgemgcgbajbgadd\1.0.5637.26466_0\background.js, , [44661a9e4c3e74c21dedc3b711f5a55b],
PUP.Optional.CrazyScore.A, C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kknfkgbilaemfjcjjfgemgcgbajbgadd\1.0.5637.26466_0\content.js, , [44661a9e4c3e74c21dedc3b711f5a55b],
PUP.Optional.CrazyScore.A, C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kknfkgbilaemfjcjjfgemgcgbajbgadd\1.0.5637.26466_0\icon.png, , [44661a9e4c3e74c21dedc3b711f5a55b],
PUP.Optional.Dregol.A, C:\Users\Smigel\AppData\Roaming\Mozilla\Firefox\Profiles\4qsfzn18.default-1426112488545\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.dregol.com/?f=1&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=");), ,[81297345602a43f3690b5426ec1a9e62]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Malwarebytes Antimalware Mittwoch Abend (nach den System-Scans und nach Abschalten der Add-Ons):

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 10.06.2015
Suchlauf-Zeit: 21:12:20
Logdatei: 150610_MBAM_Scan_abends.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.10.05
Rootkit Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Smigel

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 428477
Verstrichene Zeit: 21 Min, 31 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 1
PUP.Optional.Dregol.A, C:\Users\Smigel\AppData\Roaming\Mozilla\Firefox\Profiles\4qsfzn18.default-1426112488545\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.dregol.com/?f=1&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=");), Ersetzt,[9875a51483079d997a312a511bebf30d]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

cosinus 10.06.2015 22:25
Voll mit Werbekacke :blabla:

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Smigel 10.06.2015 23:21
Das geht ja flott!!!

Hier sind die Log-Files:
AdwClean:
Code:
# AdwCleaner v4.206 - Bericht erstellt 10/06/2015 um 23:53:06
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-09.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Smigel - SMIGEL-ACER
# Gestarted von : C:\Users\Smigel\Desktop\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
Ordner Gelöscht : C:\Program Files (x86)\Applian Technologies
Ordner Gelöscht : C:\Users\Smigel\AppData\Local\pdfforge
Ordner Gelöscht : C:\Users\Smigel\AppData\Local\pokki
Ordner Gelöscht : C:\Users\Smigel\AppData\Roaming\RHEng
Ordner Gelöscht : C:\Users\Smigel\AppData\Roaming\FLV and Media Player
Ordner Gelöscht : C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Ordner Gelöscht : C:\Users\Smigel\AppData\Local\Chromium\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Datei Gelöscht : C:\Users\Public\Desktop\FLV and Media Player.lnk
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Datei Gelöscht : C:\Users\Smigel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
Datei Gelöscht : C:\Users\Smigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Datei Gelöscht : C:\Users\Smigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
Datei Gelöscht : C:\Users\Smigel\AppData\Roaming\Mozilla\Firefox\Profiles\4qsfzn18.default-1426112488545\user.js
Datei Gelöscht : C:\Users\Smigel\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Datei Gelöscht : C:\Users\Smigel\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Directory\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Drive\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\lnkfile\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\MIME\Database\Content Type\application/x-pokkidownloadhelper
Schlüssel Gelöscht : HKCU\Software\Classes\AppID\npPokkiDownloadHelper.dll
Schlüssel Gelöscht : HKCU\Software\Classes\Pokki.PokkiDownloadHelper
Schlüssel Gelöscht : HKCU\Software\Classes\Pokki.PokkiDownloadHelper.1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PokkiDownloadHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV and Media Player
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\homepage-web.com

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.5 (x86 de)

[4qsfzn18.default-1426112488545\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "mystartsearch");
[4qsfzn18.default-1426112488545\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[4qsfzn18.default-1426112488545\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "mystartsearch");
[4qsfzn18.default-1426112488545\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1430425496&from=cor&uid=ST1000LM014-1EJ164_W381ZDPWXXXXW381ZDPW&q={searchTerms}");
[4qsfzn18.default-1426112488545\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.dregol.com/?f=1&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN[...]

-\\ Google Chrome v43.0.2357.124

[C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=
[C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.dregol.com/?f=1&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=

-\\ Chromium v

[C:\Users\Smigel\AppData\Local\Chromium\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=&uref=chmm
[C:\Users\Smigel\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.dregol.com/?f=1&a=drg_ir_15_24&cd=2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEzztAtByEyBtD0CyE0AtCtN0D0Tzu0StCtByDyDtN1L2XzutAtFtCtCtFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StByCyBzyyE0AtDyCtGyCyDyD0EtG0DyE0DyBtGtCtAzzzytGtC0E0FyEtAtCyEyB0A0C0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDzz0A0EyEzztBtG0E0E0DzztGyEyDtC0DtGzyzyzyzytGzz0C0EzzyDzz0CyDtC0F0Ezz2QtN0A0LzutBtN1B2Z1V1T1S1NzuzztCtB&cr=1460318945&ir=&uref=chmm
[C:\Users\Smigel\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Gelöscht [Startup_URLs] : C3254CD75D05AFBEE593E0078C52D6D3651F083E0077C49829A3A5BD82E28E1D"},"software_reporter":{"prompt_reason":"5A1EEE6610B0E60FAD44D731D9768B67743F2307846BA8C85E4A6884DBA2CC78","prompt_seed":"D12521B12F27ED8D55846D6FE25154BD22242084A3546A89F2435F0D6575A92E","prompt_version":"565C7DC33789AA140A0FFC230B569B2F592F494FD1FE1EF8BAEA97F43DB5B49E"},"sync":{"remaining_rollback_tries":"330199A48C5F90321D74BF4A3B8CAD4B7FF7FA5817F414DCBE4E6C2F52FBDA56"}},"super_mac":"BDA5508CF09F745EEBD575CA5BA81EA398AF32C4CED69A3011EB7B2AA5F9DBEB"},"search_provider_overrides":[{"encoding":"UTF-8","favicon_url":"hxxp://www.dregol.com/favicon.ico

*************************

AdwCleaner[R3].txt - [7970 Bytes] - [10/06/2015 23:52:09]
AdwCleaner[S3].txt - [7737 Bytes] - [10/06/2015 23:53:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [7796  Bytes] ##########
JRT.txt:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.1 (06.08.2015:1)
OS: Windows 8.1 x64
Ran by Smigel on 10.06.2015 at 23:59:17,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}



~~~ Files



~~~ Folders



~~~ FireFox




~~~ Chrome


[C:\Users\Smigel\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Smigel\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Smigel\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Smigel\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.06.2015 at  0:01:54,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Smigel (administrator) on SMIGEL-ACER on 11-06-2015 00:10:14
Running from C:\Users\Smigel\Desktop
Loaded Profiles: Smigel (Available Profiles: Smigel & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Farbar) C:\Users\Smigel\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-03-26] (NVIDIA Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [688984 2013-09-30] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-05-06] (Acer Incorporated)
HKLM-x32\...\Run: [avgnt] => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [92928 2015-05-06] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2574080 2015-05-06] (Acer)
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\MountPoints2: {9a2a1d64-0972-11e5-8288-c45444832470} - "D:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\MountPoints2: {9a2a1dcc-0972-11e5-8288-c45444832470} - "D:\.\Setup.exe" AUTORUN=1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-06-16]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2015-06-04]
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-06-10]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Smigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2015-06-01]
ShortcutTarget: ZooskMessenger.lnk -> C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe (No File)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-27] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001 -> {488BFFB8-A70B-44AF-AC57-BD5D1B1D2712} URL =
SearchScopes: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001 -> {516D548E-B7E6-4B08-8CA3-312752048F9F} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20141214&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Smigel\AppData\Roaming\Mozilla\Firefox\Profiles\4qsfzn18.default-1426112488545
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-10] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-13] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-02-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-02-05] (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-03-11]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-06-02]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-12-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-11]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension

Chrome:
=======
CHR Profile: C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-28]
CHR Extension: (Google Docs) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-28]
CHR Extension: (Google Drive) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-28]
CHR Extension: (YouTube) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-28]
CHR Extension: (Google Search) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-28]
CHR Extension: (Google Sheets) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-28]
CHR Extension: (Bookmark Manager) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-29]
CHR Extension: (Avast Online Security) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-28]
CHR Extension: (Google Wallet) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-28]
CHR Extension: (Gmail) - C:\Users\Smigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [342984 2011-09-13] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-27] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-27] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-06] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation)
S2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-12] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-01-18] (Acer Incorporate)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
S2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1616160 2014-03-26] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
S2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-04] (Acer Incorporate)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-04] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-27] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-29] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-27] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-27] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-27] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-27] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-27] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-27] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2015-06-04] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-18] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [427736 2013-08-09] (Realsil Semiconductor Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-27] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-11 00:10 - 2015-06-11 00:10 - 00024914 _____ C:\Users\Smigel\Desktop\FRST.txt
2015-06-11 00:08 - 2015-06-11 00:08 - 02108928 _____ (Farbar) C:\Users\Smigel\Desktop\FRST64(1).exe
2015-06-11 00:01 - 2015-06-11 00:01 - 00002115 _____ C:\Users\Smigel\Desktop\JRT.txt
2015-06-10 23:59 - 2015-06-10 23:59 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-SMIGEL-ACER-Windows-8.1-(64-bit).dat
2015-06-10 23:59 - 2015-06-10 23:59 - 00000000 ____D C:\RegBackup
2015-06-10 23:49 - 2015-06-10 23:53 - 00000000 ____D C:\AdwCleaner
2015-06-10 23:47 - 2015-06-10 23:47 - 02943663 _____ (Thisisu) C:\Users\Smigel\Desktop\JRT.exe
2015-06-10 23:44 - 2015-06-10 23:44 - 02231296 _____ C:\Users\Smigel\Desktop\AdwCleaner_4.206.exe
2015-06-10 20:40 - 2015-06-10 20:40 - 00005431 _____ C:\Users\Smigel\Downloads\Gmer.txt
2015-06-10 20:27 - 2015-06-10 20:27 - 00380416 _____ C:\Users\Smigel\Downloads\Gmer-19357.exe
2015-06-10 20:21 - 2015-06-10 20:25 - 00055960 _____ C:\Users\Smigel\Downloads\Addition.txt
2015-06-10 20:20 - 2015-06-11 00:10 - 00000000 ____D C:\FRST
2015-06-10 20:20 - 2015-06-10 20:26 - 00059425 _____ C:\Users\Smigel\Downloads\FRST.txt
2015-06-10 20:19 - 2015-06-10 20:19 - 02108928 _____ (Farbar) C:\Users\Smigel\Downloads\FRST64.exe
2015-06-10 20:18 - 2015-06-10 20:18 - 00000474 _____ C:\Users\Smigel\Downloads\defogger_disable.log
2015-06-10 20:18 - 2015-06-10 20:18 - 00000000 _____ C:\Users\Smigel\defogger_reenable
2015-06-10 20:16 - 2015-06-10 20:17 - 00050477 _____ C:\Users\Smigel\Downloads\Defogger.exe
2015-06-10 20:06 - 2015-06-10 20:06 - 00002190 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-06-10 20:06 - 2015-06-10 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-06-10 20:06 - 2015-06-10 20:06 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-06-10 20:06 - 2015-06-10 20:06 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2015-06-10 19:56 - 2015-06-10 19:56 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-06-10 01:22 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 01:22 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 01:22 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 01:22 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 01:22 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 01:22 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 01:22 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 01:22 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 01:22 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 01:22 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 01:22 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 01:22 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 01:22 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 01:22 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 01:22 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 01:22 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 01:22 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 01:22 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 01:22 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 01:22 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 01:22 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 01:22 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 01:22 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 01:22 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 01:22 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 01:22 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 01:22 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 01:22 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 01:22 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 01:22 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 01:22 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 01:22 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 01:22 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 01:22 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 01:22 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 01:22 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 01:22 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 01:22 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 01:21 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 01:21 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 01:21 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 01:21 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 01:21 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 01:21 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 01:21 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 01:21 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 01:21 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 01:21 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 01:21 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 01:21 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 01:21 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 01:21 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 01:21 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 01:21 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 01:21 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 01:21 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 01:21 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 01:21 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 01:21 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 01:21 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 01:21 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 01:21 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 01:21 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 01:21 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 01:21 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 01:21 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 01:21 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 01:21 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 01:21 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 01:21 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 01:21 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 01:21 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 01:21 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 01:21 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 01:21 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 01:21 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-10 00:31 - 2015-06-10 00:31 - 00000000 ____D C:\Users\Smigel\AppData\Local\Chromium
2015-06-10 00:29 - 2015-06-10 00:29 - 23750568 _____ C:\Users\Smigel\Downloads\FLVPlayerInstall.exe
2015-06-07 19:54 - 2015-06-07 19:54 - 00000000 ____D C:\Users\Smigel\AppData\Local\GWX
2015-06-04 23:43 - 2015-06-04 23:43 - 00003070 _____ C:\WINDOWS\System32\Tasks\{BE623303-5467-4C84-833E-9C3218768450}
2015-06-04 23:31 - 2015-06-04 23:32 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\ALDITALKVerbindungsassistent
2015-06-04 23:31 - 2015-06-04 23:31 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WdfCoInstaller01007.dll
2015-06-04 23:31 - 2015-06-04 23:31 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\WdfCoInstaller01007.dll
2015-06-04 23:31 - 2015-06-04 23:31 - 00999936 _____ (DiBcom SA) C:\WINDOWS\SysWOW64\Drivers\mod7700.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00138752 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ewusbnet.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00138752 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbnet.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00121600 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ewusbmdm.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00121600 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_hwusbdev.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00091136 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_jucdcacm.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00085504 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_jubusenum.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00055296 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_jucdcecm.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00029696 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ewdcsc.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00029184 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_juextctrl.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\SysWOW64\Drivers\ew_usbenumfilter.sys
2015-06-04 23:31 - 2015-06-04 23:31 - 00002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\ALDI TALK Verbindungsassistent.lnk
2015-06-04 23:31 - 2015-06-04 23:31 - 00002255 _____ C:\Users\Public\Desktop\ALDI TALK Verbindungsassistent.lnk
2015-06-04 23:31 - 2015-06-04 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALDI TALK Verbindungsassistent
2015-06-04 23:31 - 2015-06-04 23:31 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent
2015-06-02 21:57 - 2015-06-08 00:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 07:28 - 2015-06-01 07:28 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2015-05-31 10:03 - 2015-05-31 10:03 - 00527423 _____ ( ) C:\Users\Smigel\Downloads\Lame_v3.99.3_for_Windows.exe
2015-05-29 23:57 - 2015-05-31 10:08 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\Audacity
2015-05-29 23:57 - 2015-05-31 10:04 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-05-29 23:57 - 2015-05-29 23:57 - 00001039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-05-29 23:57 - 2015-05-29 23:57 - 00001027 _____ C:\Users\Public\Desktop\Audacity.lnk
2015-05-29 23:55 - 2015-05-29 23:55 - 01197344 _____ C:\Users\Smigel\Downloads\Audacity - CHIP-Installer.exe
2015-05-29 00:38 - 2015-05-29 00:38 - 00002002 _____ C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-05-29 00:38 - 2015-05-29 00:38 - 00001942 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2015-05-29 00:38 - 2015-05-29 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-29 00:38 - 2015-05-29 00:37 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-05-29 00:37 - 2015-04-27 23:30 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-05-19 00:38 - 2015-05-19 00:38 - 00002001 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-05-19 00:35 - 2015-05-19 00:35 - 00002005 _____ C:\Users\Public\Desktop\abPhoto.lnk
2015-05-17 22:19 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 22:19 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 22:15 - 2015-05-17 22:18 - 00000000 ____D C:\a254b032666b1c200c066a
2015-05-17 21:39 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-17 21:39 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-17 21:38 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-17 21:38 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-17 21:38 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-17 21:38 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-17 21:38 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-17 21:38 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-17 21:38 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-17 21:38 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-17 21:38 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-17 21:38 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-17 21:38 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-17 21:38 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-17 21:38 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-17 21:38 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-17 21:38 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-17 21:38 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-17 21:38 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-17 21:38 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-17 21:38 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-17 21:38 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 23:09 - 2015-05-12 23:09 - 00003334 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2015-05-12 23:09 - 2015-05-12 23:09 - 00002028 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-05-12 23:07 - 2015-05-12 23:07 - 00001969 _____ C:\Users\Public\Desktop\abDocs.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-11 00:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-11 00:00 - 2014-12-14 01:21 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2344713175-4130731840-4258726450-1001
2015-06-10 23:55 - 2015-04-21 00:19 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-10 23:55 - 2014-12-26 19:08 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-10 23:55 - 2013-08-22 16:46 - 00059328 _____ C:\WINDOWS\setupact.log
2015-06-10 23:55 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-10 23:54 - 2014-03-18 11:54 - 00224708 _____ C:\WINDOWS\PFRO.log
2015-06-10 23:54 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-10 23:49 - 2014-10-01 23:40 - 00000000 ____D C:\Users\Smigel\Documents\Outlook-Dateien
2015-06-10 23:45 - 2014-12-14 02:25 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-10 23:29 - 2015-04-21 00:19 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-10 23:10 - 2014-06-16 14:51 - 01226869 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-10 20:32 - 2014-12-14 02:24 - 00000000 ____D C:\Users\Smigel\AppData\Local\Adobe
2015-06-10 20:18 - 2014-12-14 01:06 - 00000000 ____D C:\Users\Smigel
2015-06-10 20:06 - 2014-12-14 02:25 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-10 20:06 - 2014-05-27 06:08 - 00000000 ____D C:\ProgramData\McAfee
2015-06-10 20:04 - 2014-12-14 11:03 - 00000000 ____D C:\Users\Smigel\AppData\Local\CrashDumps
2015-06-10 20:02 - 2014-06-17 00:19 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-10 20:02 - 2014-06-17 00:19 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-10 20:02 - 2014-03-18 12:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-10 19:58 - 2015-03-11 22:12 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-10 19:55 - 2013-08-22 16:44 - 00381472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-10 07:32 - 2015-04-27 23:08 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-10 07:32 - 2015-04-27 23:08 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-10 07:32 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-10 07:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-10 07:06 - 2014-12-26 19:07 - 00001122 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-10 07:06 - 2014-12-26 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-10 07:06 - 2014-12-26 19:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-10 02:31 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-06-10 01:33 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-10 01:31 - 2014-12-14 16:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 01:27 - 2014-12-14 16:12 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-10 01:19 - 2015-04-28 00:14 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-10 00:18 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-08 00:45 - 2014-12-14 01:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-07 23:29 - 2014-12-14 01:13 - 00000000 ____D C:\Users\Smigel\AppData\Local\clear.fi
2015-06-04 23:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-04 12:09 - 2014-10-03 13:34 - 00000000 ____D C:\Users\Smigel\Documents\aktuell
2015-06-03 18:18 - 2014-12-14 15:37 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2014-12-14 15:37 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-02 21:38 - 2014-12-14 15:49 - 00000000 ____D C:\Users\Smigel\AppData\Roaming\Skype
2015-06-02 21:35 - 2014-12-14 11:04 - 00000000 ____D C:\ProgramData\Skype
2015-05-30 00:42 - 2014-11-07 08:03 - 00000000 ____D C:\Users\Smigel\Documents\Noten
2015-05-29 00:26 - 2014-12-14 01:17 - 00002323 _____ C:\Users\Smigel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-05-20 01:53 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-20 00:31 - 2014-12-17 09:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-20 00:29 - 2015-04-05 22:17 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-20 00:29 - 2015-04-05 22:17 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-19 07:24 - 2015-04-21 00:19 - 00004114 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 07:24 - 2015-04-21 00:19 - 00003878 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 00:38 - 2014-05-27 05:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-05-19 00:38 - 2014-05-27 05:58 - 00000000 ____D C:\Program Files (x86)\Acer
2015-05-17 22:09 - 2014-03-18 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-17 21:42 - 2014-05-27 06:06 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-12 23:09 - 2014-12-14 01:17 - 00000000 ____D C:\Users\Smigel\AppData\Local\AOP SDK
2015-05-12 23:06 - 2014-05-27 06:46 - 00000000 ___HD C:\OEM

==================== Files in the root of some directories =======

2015-01-02 01:20 - 2015-01-02 01:20 - 0004569 _____ () C:\Users\Smigel\AppData\Local\tcNSISDump.Log
2014-06-16 15:15 - 2014-06-16 15:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Smigel\AppData\Local\Temp\avgnt.exe
C:\Users\Smigel\AppData\Local\Temp\Browser7-win32-installer-05.exe
C:\Users\Smigel\AppData\Local\Temp\divx3eb7.exe
C:\Users\Smigel\AppData\Local\Temp\DivXSetup.exe
C:\Users\Smigel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Smigel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Smigel\AppData\Local\Temp\FreeYouTubeDownload.exe
C:\Users\Smigel\AppData\Local\Temp\Intel_Technology_Access_Software.exe
C:\Users\Smigel\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Smigel\AppData\Local\Temp\oct41D1.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\oct488A.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\oct4E13.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\oct6754.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\oct9671.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\oct971F.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\octDF86.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\octE630.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\octF46C.tmp.exe
C:\Users\Smigel\AppData\Local\Temp\Quarantine.exe
C:\Users\Smigel\AppData\Local\Temp\sdan.exe
C:\Users\Smigel\AppData\Local\Temp\sdapk.exe
C:\Users\Smigel\AppData\Local\Temp\sdaspwn.exe
C:\Users\Smigel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Smigel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Smigel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Smigel\AppData\Local\Temp\spidersolitaire.6.exe
C:\Users\Smigel\AppData\Local\Temp\sqlite3.dll
C:\Users\Smigel\AppData\Local\Temp\tmd_34011718.exe
C:\Users\Smigel\AppData\Local\Temp\tmd_34017520.exe
C:\Users\Smigel\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Smigel\AppData\Local\Temp\WEB.DE_MailCheck_FF_Setup_freeware.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-08 07:40

==================== End of log ============================
--- --- ---



Addition.txt:
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Smigel at 2015-06-11 00:10:47
Running from C:\Users\Smigel\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2344713175-4130731840-4258726450-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-2344713175-4130731840-4258726450-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2344713175-4130731840-4258726450-1003 - Limited - Enabled)
Smigel (S-1-5-21-2344713175-4130731840-4258726450-1001 - Administrator - Enabled) => C:\Users\Smigel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.07.2004 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.08.2003.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.03.2004.4 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8103 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.06.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3010 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.103.2020.206 - Alps Electric)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.07.2004.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Pro Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Druckerdeinstallation für EPSON BX305 Series (HKLM\...\EPSON BX305 Series) (Version:  - SEIKO EPSON Corporation)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Free YouTube Download version 3.2.53.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.53.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{ADA8583A-C20B-414B-8CB7-3AA7A89F7952}) (Version: 7.1.4.1529 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{26AA61D4-B04D-4E0D-8E20-94A8FF2EE64D}) (Version: 4.2.40.2439 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office Home and Business 2013 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MuseScore 1.1 MuseScore score typesetter (HKLM-x32\...\MuseScore) (Version: 1.1.0 - Werner Schweer and Others)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
NVIDIA Grafiktreiber 332.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.91 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Password Keeper (HKLM-x32\...\Password Keeper) (Version: Password Keeper - Version 7.2 - Gregory Braun -- Software Design)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Asian Fonts Pack (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Convert Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Forms Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Insert Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 OCR Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Review Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Secure Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21238 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Spider Solitaire (HKLM-x32\...\com.novelgames.flashgames.spidersolitaire) (Version: 1.6.3 - Novel Games Limited)
Spider Solitaire (x32 Version: 1.6.3 - Novel Games Limited) Hidden
TaxCalc (HKLM-x32\...\TaxCalcHub) (Version: 2 - Acorah Software Products)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.8-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

25-05-2015 13:20:33 Geplanter Prüfpunkt
29-05-2015 00:36:12 avast! antivirus system restore point
08-06-2015 00:47:49 Removed Zoosk Messenger

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0251FACE-A5D7-48B5-805F-66DCA86AAAC4} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>)
Task: {075EA162-CE78-4167-B4A8-0D68E7BC108B} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-04] (Acer Incorporate)
Task: {17A02393-ADF3-4DD5-B17E-546575FCFF7F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {1BA14FD3-8328-4B77-8D97-A0284D5D6E43} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {2E784DAB-69BD-4661-88E2-6B0919151DF0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {2F21D461-75F5-4E10-BE10-B8A5D59A8BBA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated)
Task: {3375BF1A-2A1E-4185-AFB0-57EAC6D62A96} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-27] (Avast Software s.r.o.)
Task: {373BA617-F723-49CA-8905-B0345AC29AB8} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {4166A9E0-C5A9-4966-8A84-8B1263DD760D} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-05-06] (Acer)
Task: {4A4062F0-A896-42EE-B243-04DF20E44F99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-21] (Google Inc.)
Task: {4C9D6B42-A8F9-4A7D-9FEE-36851FC623F0} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {4D46E439-1EE9-4546-9342-5B93E30181AA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {51D1578D-47A3-48BA-8044-FD35706D98B6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {596E3D65-0A77-445F-99A1-C40A5D3F2282} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {69A4954E-48AE-4573-B806-6A0F7C18908F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {A1EC6009-E618-476B-98D7-5DC94F0D9F27} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {AD169041-7CBD-4212-A311-7C5E499EC279} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-04] (Acer Incorporate)
Task: {B7C527B5-6BD2-4ABA-8144-32C647191231} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-07-08] (Dolby Laboratories Inc.)
Task: {BDD43769-264D-4C07-BDC9-A7B2FDEB7522} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {BF5E8F67-0F45-47ED-9995-E22717F6861D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {CABDF728-0469-4B1A-890F-8EA242DF0598} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-21] (Google Inc.)
Task: {D4924F5E-612A-4C77-859A-0D0500ABCACB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D6D7A850-FF1C-4A4C-98BC-54543B1DCFB2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DB622A09-8B2F-4B90-ABF6-8DD685A4AFA7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {E4ABF38D-A727-49B4-8E1A-5F3BC29579B5} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {EFD13CA9-2B8B-4AEB-A264-999605CF5780} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-01-18] (Acer Incorporate)
Task: {F8008F35-EC37-4C83-B0D2-FFEE61F0F00B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {FC918AD4-B742-4A5A-8040-D30C0483E29C} - System32\Tasks\{BE623303-5467-4C84-833E-9C3218768450} => pcalua.exe -a D:\.\Setup.exe -d D:\ -c AUTORUN=1
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-04 23:31 - 2011-09-13 10:16 - 00342984 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-17 14:43 - 2015-03-17 14:43 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-02-08 12:20 - 2015-02-08 12:20 - 01793248 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-03-17 15:15 - 2015-03-17 15:15 - 00355040 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2015-06-04 23:31 - 2011-09-13 10:16 - 00510920 ____N () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
2015-05-06 16:14 - 2015-05-06 16:14 - 00090368 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-12-17 09:08 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-14 13:26 - 2006-02-23 12:35 - 00020480 _____ () C:\WINDOWS\System32\FritzColorPort64.dll
2014-12-14 13:26 - 2006-02-22 11:39 - 00020480 _____ () C:\WINDOWS\System32\FritzPort64.dll
2013-08-12 19:06 - 2013-08-12 19:06 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-12 19:06 - 2013-08-12 19:06 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-12 19:06 - 2013-08-12 19:06 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-04-27 23:29 - 2015-04-27 23:29 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-27 23:29 - 2015-04-27 23:29 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-10 23:48 - 2015-06-10 23:48 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061001\algo.dll
2015-03-11 22:17 - 2015-03-11 22:17 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-16 14:54 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5C14A003-CB2C-4CDB-A72E-31BB7DDA0A67}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{C94E3CA9-2567-4889-8791-0642021E76BD}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{A5DFBF0B-9AC9-4D3B-A428-B5CFF2B651D3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4C7B5A11-4A33-477A-90C7-1AF5C6A74F9A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{62F2C8F6-EC44-4DED-9F52-670B5053BA49}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D82189B6-99F6-4DB0-B317-DC5911086D2E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7BF48C98-E30F-4281-99A4-AFE14EBE637D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C4E9E666-E434-43E5-A3E1-949374C8104E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{89A3F221-A865-4518-B82F-6D71150CFB97}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E2FCDC33-4421-48F4-881E-463C576B05F4}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{FD65E2D1-0ECC-4D55-86A0-06E93E9DFA76}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{4C1AAA97-3403-4440-895E-E80166630168}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{0F71A4F4-7B1D-4635-A12C-61DF78D1CCED}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{928755E9-19F8-42EB-B3A0-9AB556EBC795}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F19E2961-57C3-4D74-81A9-52742D6E2E58}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{7CC75E84-0947-4D38-9B3D-C20E1257633D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{6A3340A1-BA88-422A-93D0-83685459A8B6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{CF784395-1668-4BCE-94CB-FB9F991950F9}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{9C8C254A-2D6C-42CD-9490-2A46A8B7E3E8}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{21F81D9B-AEB1-4A05-A8B3-DC33D48017A7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{702BE584-7999-4ADB-A2BD-2EDB40E9B912}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{993AD3AF-0B97-4851-98FC-9972647C3971}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F3F3121C-E448-49D1-8DF0-A360ADF1EB47}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{84CFC1F6-25FC-4335-A9CE-2D1DF348280D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{666DE872-E01E-4A10-BA22-FC8B3CE1BD47}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{9CFD266F-47EC-43BB-AA75-6126285DCCEF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{4FA488CA-6AEB-4455-A3B0-6E282D4D9A60}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{6C8C260A-01A1-4094-BF9E-BD7F07E250A4}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{144D0C08-A0EA-46FF-9D3D-9570ACCDD614}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{02CDC49C-00CE-4C40-A142-070BB7FEFEFE}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{D4D1EC39-8432-4A8D-87DA-3AFCD352AAD4}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{1E1632ED-E4C5-4A19-A5DC-CE9DDC80CC8B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{E0357DA6-0910-45C0-905B-45766DA19516}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{E151DBFC-4EF2-46B5-99C4-8EEFB90540F8}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{37B991FF-CD59-486B-A265-8012A8C59CCF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{2C90B705-F401-466E-9527-1BBC41B8747F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{9C2D26B6-0333-49E1-A0CB-D056A63AD534}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{A483DFEE-E9DA-48DA-95D0-A6F4A6C88CC2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{EEB02E67-8A95-4DA4-821A-7EB3B6D5B2F5}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4801D889-39E1-4C76-843A-C42BCFBBFD68}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{0C90D062-101F-4D42-A03D-2933BE44932B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{D7DFCEDF-BF0F-440C-9438-138D335B0F20}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{D44303B0-EB42-4713-A2CF-97E3CCAE540C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{63BEC29A-9479-4FC9-A1B4-01623A5F277D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{99CE7BCA-A07B-404C-85AE-B67039C86436}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{433A23AE-9B6F-4938-8678-41DFEFE7AB03}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D6C57E2A-E5AA-4162-9379-289F977D0075}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A5783C04-AE20-4D7A-8CF2-974FDBF2D709}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DE859A16-F9C9-4270-800D-AA703ED21297}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1AB961E7-62B2-48AD-A99C-4E268D345AFD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F9DE6EB5-18C0-4A8B-9FBA-AB4D28AF4E26}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{2C9C10B0-2E95-43F3-8BBB-0E9F295828B0}C:\users\smigel\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\smigel\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [UDP Query User{595E1487-A580-4D9F-AE35-B99E2EBA9AF6}C:\users\smigel\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\smigel\appdata\local\temp\_istmp1.dir\_ins5576._mp
FirewallRules: [{8B6AFB54-7F4C-4364-AB11-4B732F500210}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{47AE4871-E22C-45B0-96A6-F43569F0D950}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{411D1704-80F1-4A36-9EC3-C8DFFD96553E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{D87639D3-A567-43F2-B0A6-2CC86F964960}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E9A8CB4D-15D4-4BCB-883B-B2ED28452C33}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{727C8A36-48F0-4972-9ACE-542D26EEC261}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{92D70C53-31EB-46E6-95DD-66169AA6AD58}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{F2C55A0F-AD11-452B-ADC3-CE364F3E283A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{298CEE9D-C351-47F0-BA4A-9DD769966CF8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EC40C88B-018E-4C87-B278-0EC3707305A2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{63F8BFF1-D7E7-4B59-8738-F0C7B38C0722}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5C5C9B80-93B4-4C54-B994-AC66AE04F8A1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6A7EF3D6-0B45-492C-8C62-A02D60096DF3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4C63FBFC-294A-4574-8542-20F3A8B287CC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B83F1D5A-30E2-4AB8-A585-8AB4D350ED7A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{8DFCDEEA-E3A3-4589-B82C-AA5F910212C0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{88860151-D2FD-41FA-81E7-16F04F8D72F6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{B73E2857-84C8-4B52-BE41-521377CD5CEB}] => (Allow) C:\Program Files (x86)\Acorah Software Products\TaxCalcHub\TaxCalcHub.exe
FirewallRules: [{A47B8C93-5AAB-4FC1-833F-27907AA2E359}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{684E7ED6-956C-45C9-B6C5-31453D114666}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{946A2BED-0D47-4F63-BF14-0107E6358DD8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AC1CC4E1-3436-4427-9484-81016BD3FCB8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{084A8181-9642-49C0-845F-333EC993CB51}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{B12A1697-7687-4B24-89D8-DB52D6536058}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{68DFB0D6-B6F0-45C6-A13B-247435F8FCD3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{3D27B94B-DEDA-41A4-8493-B4B67041DD9F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{CC092DD3-E871-423F-831E-D084ED7F13A0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{0B5D4E62-A51E-4533-BECB-5FF474775DBF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{5049BE3D-E128-4921-ACC2-DF9D742991EE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{ECD03535-803B-40D7-BE86-FAA5DBE08BC1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{84468FC1-7AB7-49DF-88C2-8C2D051B1EC0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{766233FD-F571-400F-B508-7FA213E8FB76}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{277B2357-FDB2-49BE-94FC-464B5196790B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{674634F2-9F25-4872-B6BC-904FC2D5E12A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A9876FCD-B794-4C16-87DF-C6A7DAEB1599}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BADCB907-BF81-4D67-97DB-84F060449FB3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{89E20D4F-723B-4FD9-A195-AA859535A24F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{484527CF-7921-4A5A-9F0E-4DFF387E32E2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{61CAD21E-3A39-42F7-A4E8-A48A33A641B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1BFEA530-4417-4321-B65B-57AB4E1EE98D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{70842E12-8C64-47EC-8729-E5C2F95BCC79}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7F97FD28-19FD-4F80-B95B-277B0E01E2A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{42164B80-C68F-42C5-82EE-324037964CF6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A01C96C4-05BD-46FF-BB10-A4B5B4236B3A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D1B46549-822A-4BD6-BF5F-ABF1A94BCDE2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A8EE155B-D5A6-4E4B-AAB9-A659AE360733}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6079F48C-34AA-4E26-BC38-4F86E661AB4A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3BC3226A-AA05-4246-9218-71B19158562E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{52974BBF-DC58-40D3-8E51-C0B21C42AF2B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{845EB300-62EC-4FD9-A443-F356D505C9DC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A73F8AA0-48E0-4EC0-9A6C-4A5D0C617167}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EF1E9163-DAB9-4B02-A6CB-097DE15C6C52}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{CCD631A4-13BC-450A-992A-8FDB34730138}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{16754D92-EF2E-46C5-8FAF-4939D989574D}C:\program files (x86)\dev-php3\devphp3.exe] => (Allow) C:\program files (x86)\dev-php3\devphp3.exe
FirewallRules: [UDP Query User{912EDDFE-ED14-4084-8C88-AA9E219CD4EE}C:\program files (x86)\dev-php3\devphp3.exe] => (Allow) C:\program files (x86)\dev-php3\devphp3.exe
FirewallRules: [TCP Query User{2C66F4DE-671A-4951-B8E6-0A36D2FB127C}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{48ED91D9-A8B0-456B-92D1-7E5F77CB3D42}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{AC3C61C1-3795-4298-A793-A154EE975BAE}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{DCBFA1C1-DE24-4511-B5E3-6743257C5ABD}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{9BCF52D3-9339-41A8-9A9B-0466B50F4B21}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{F48FCE17-0439-4C27-A235-441FE16FF459}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{F5BBD8D8-7942-4623-9F69-B0E89586058A}C:\program files (x86)\dev-php3\devphp3.exe] => (Block) C:\program files (x86)\dev-php3\devphp3.exe
FirewallRules: [UDP Query User{CFC0E6A9-262A-4DD9-B3CE-61E7F380E7E5}C:\program files (x86)\dev-php3\devphp3.exe] => (Block) C:\program files (x86)\dev-php3\devphp3.exe
FirewallRules: [TCP Query User{29538709-ACDA-4FED-9E76-359A0F6C747C}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{785B6991-F505-4241-8D7B-A89AA3984D5C}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{F2501C44-A1F3-4E23-A5A5-18174193B34B}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{7579AFA5-E250-46E0-A0F5-565D5ABBAF75}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{1E00A2C3-5B8F-4F81-B161-CD554BFF9523}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{96E9566D-4045-48D9-B929-7875A2175F03}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{27C1B0F4-C094-4A28-95D2-5E527C0963C3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1C8B8156-0220-47DD-81E6-6EF09963CE2C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CC6C6075-F797-488A-BBA2-572B19FEA9FD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BBF488F0-ED34-4EF5-BC10-FA2132D26153}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FDFC46DE-204A-4D7E-973E-3B0FBFBF1830}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AD690440-7D7D-4980-9A82-5F14DC8BEDF1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AE9F39A1-33AB-4766-80FB-08BF0DDE423E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7F14BACB-E31C-40FF-A21A-11F4D921F6FA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{935804DD-528A-4820-8720-EC7E8364FE39}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{360BD2AD-3B79-475F-9291-ECECAFD835DE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{2C2FC837-80D9-4CAE-A8FD-B1ECE2BC7F1B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C8F8577C-B623-47FC-884D-6D757666D1C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2AACAB52-933C-4083-8651-7DD3B3788F70}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/11/2015 00:00:03 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters  Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (06/11/2015 00:00:03 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters  Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (06/10/2015 11:53:48 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters  Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (06/10/2015 11:53:48 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters  Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (06/10/2015 08:03:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.5.5623, Zeitstempel: 0x5563c49a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.5.5623, Zeitstempel: 0x5563b229
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x25fc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/10/2015 00:30:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x000006ba
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0xdfc
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_unknown0
Pfad der fehlerhaften Anwendung: setup.exe_unknown1
Pfad des fehlerhaften Moduls: setup.exe_unknown2
Berichtskennung: setup.exe_unknown3
Vollständiger Name des fehlerhaften Pakets: setup.exe_unknown4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: setup.exe_unknown5

Error: (06/10/2015 00:30:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Smigel-Acer)
Description: Die Anwendung oder der Dienst "ZooskMessenger" konnte nicht heruntergefahren werden.

Error: (06/10/2015 00:29:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0x000006ba
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x2808
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_unknown0
Pfad der fehlerhaften Anwendung: setup.exe_unknown1
Pfad des fehlerhaften Moduls: setup.exe_unknown2
Berichtskennung: setup.exe_unknown3
Vollständiger Name des fehlerhaften Pakets: setup.exe_unknown4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: setup.exe_unknown5

Error: (06/10/2015 00:29:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.5.5623, Zeitstempel: 0x5563c49a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.5.5623, Zeitstempel: 0x5563b229
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x16dc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (06/09/2015 06:13:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5406


System errors:
=============
Error: (06/10/2015 11:59:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/10/2015 11:59:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/10/2015 11:59:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/10/2015 11:59:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/10/2015 11:59:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access RadioMgr Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/10/2015 11:59:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/10/2015 11:59:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/10/2015 11:59:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth Device Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/10/2015 11:59:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/10/2015 11:59:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (06/11/2015 00:00:03 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters  Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (06/11/2015 00:00:03 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters  Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (06/10/2015 11:53:48 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters  Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (06/10/2015 11:53:48 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters  Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (06/10/2015 08:03:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.5.56235563c49amozalloc.dll38.0.5.56235563b2298000000300001aa125fc01d0a3a7306bd7c3C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll10a33d36-0f9b-11e5-828a-c45444832470

Error: (06/10/2015 00:30:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: setup.exe_unknown0.0.0.02a425e19KERNELBASE.dll6.3.9600.1741554504ade000006ba00014598dfc01d0a303e1e4e90aC:\Users\Smigel\AppData\Local\Temp\TMP448~1\setup.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll29d7ff0b-0ef7-11e5-8289-c45444832470

Error: (06/10/2015 00:30:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Smigel-Acer)
Description: 1C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exeZooskMessenger0211770880

Error: (06/10/2015 00:29:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: setup.exe_unknown0.0.0.02a425e19KERNELBASE.dll6.3.9600.1741554504ade000006ba00014598280801d0a303b5002bf6C:\Users\Smigel\AppData\Local\Temp\TMP448~1\setup.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll0e0832ce-0ef7-11e5-8289-c45444832470

Error: (06/10/2015 00:29:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.5.56235563c49amozalloc.dll38.0.5.56235563b2298000000300001aa116dc01d0a23e54eb1121C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf4296de8-0ef6-11e5-8289-c45444832470

Error: (06/09/2015 06:13:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5406


CodeIntegrity Errors:
===================================
  Date: 2015-03-22 12:45:18.109
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-11 23:41:50.105
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-11 23:29:38.529
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-11 22:52:42.920
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-11 22:13:45.086
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-11 21:26:38.918
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 20%
Total physical RAM: 8072.27 MB
Available physical RAM: 6388.7 MB
Total Pagefile: 9352.27 MB
Available Pagefile: 7619.24 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:898.59 GB) (Free:737.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 266AC530)

Partition: GPT Partition Type.

==================== End of log ============================
--- --- ---

cosinus 11.06.2015 09:49
FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001 -> {488BFFB8-A70B-44AF-AC57-BD5D1B1D2712} URL =
C:\WINDOWS\System32\Tasks\{BE623303-5467-4C84-833E-9C3218768450}
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Smigel 11.06.2015 21:48
Hallo Cosinus,

vielen Dank für die nächsten Anweisungen.
Ich war den ganzen Tag unterwegs, daher hat diese Antwort etwas auf sich warten lassen.

Ich hatte Avast für den FRST Scan wie gewünscht abgestellt. Nach dem Neustart hat sich dann Antimalwarebytes gemeldet - ich hoffe, das es nicht aktiv war und den Scan gestört hat.

Hier ist die Fixlog.txt:
Code:
Fix result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Smigel at 2015-06-11 22:35:52 Run:1
Running from C:\Users\Smigel\Desktop
Loaded Profiles: Smigel (Available Profiles: Smigel & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001 -> {488BFFB8-A70B-44AF-AC57-BD5D1B1D2712} URL =
C:\WINDOWS\System32\Tasks\{BE623303-5467-4C84-833E-9C3218768450}
EmptyTemp:
       
*****************

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{488BFFB8-A70B-44AF-AC57-BD5D1B1D2712}" => key removed successfully
HKCR\CLSID\{488BFFB8-A70B-44AF-AC57-BD5D1B1D2712} => key not found.
C:\WINDOWS\System32\Tasks\{BE623303-5467-4C84-833E-9C3218768450} => moved successfully.
EmptyTemp: => 12 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 22:36:19 ====

cosinus 11.06.2015 21:55
Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Smigel 11.06.2015 23:43
Hier schon mal der Log-file von MBAM - sieht gut aus:

ESET tut sich etwas schwer mit dem Herunterladen der Signaturdatenbank. Ich habe mehrfach die Fehlermeldung erhalten, ob ein Proxyserver eingestellt sei. Kann aber damit zusammenhängen, dass möglicherweise eine Internetstörung vorlag.

Ich versuch's jetzt noch mal. Ergebnis dürfte dann aber erst morgen früh vorliegen.


Code:
Fix result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Smigel at 2015-06-11 22:35:52 Run:1
Running from C:\Users\Smigel\Desktop
Loaded Profiles: Smigel (Available Profiles: Smigel & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2344713175-4130731840-4258726450-1001 -> {488BFFB8-A70B-44AF-AC57-BD5D1B1D2712} URL =
C:\WINDOWS\System32\Tasks\{BE623303-5467-4C84-833E-9C3218768450}
EmptyTemp:
       
*****************

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-2344713175-4130731840-4258726450-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{488BFFB8-A70B-44AF-AC57-BD5D1B1D2712}" => key removed successfully
HKCR\CLSID\{488BFFB8-A70B-44AF-AC57-BD5D1B1D2712} => key not found.
C:\WINDOWS\System32\Tasks\{BE623303-5467-4C84-833E-9C3218768450} => moved successfully.
EmptyTemp: => 12 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 22:36:19 ====

Smigel 12.06.2015 06:52
Liste der Anhänge anzeigen (Anzahl: 1)
Eset läuft noch...
Ich hatte den Virenscanner allerdings nur für eine Stunde abgeschaltet - der ist dann zwischendurch wieder angegangen. Glaube aber nicht, dass es am Virenscanner (Avast) liegt, dass Eset etwas gefunden hat - siehe Screenshot im Anhang:
Anhang 74524

Ich lasse ESET jetzt durchlaufen - Virenscanner ist wieder aus. Werde das Ergebnis aber wohl erst heute Nachmittag posten können.

cosinus 12.06.2015 11:21
Bitte auch das richtige Log von MBAM posten, du hast da irgendein Fixlog von FRST gepostet

Smigel 12.06.2015 16:06
Upps...

Hier ist der (hoffentlich!) richtige Logfile:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 11.06.2015
Suchlauf-Zeit: 23:16:16
Logdatei: 150611_MBAM_Scan.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.11.04
Rootkit Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Smigel

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 414972
Verstrichene Zeit: 11 Min, 45 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Und dann auch noch der von ESET:

ESET log.txt:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=dbcf1876c68f844590394554df9e7cba
# end=init
# utc_time=2015-06-11 10:09:45
# local_time=2015-06-12 12:09:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41221
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 0
Old modules - delete modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41221
Update Finalize
Updated modules version: 0
'Can not update to actual engine, exiting
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41221
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 0
Old modules - delete modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 0
'Can not update to actual engine, exiting
Update Init
Update Download
Update Finalize
Updated modules version: 24290
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=dbcf1876c68f844590394554df9e7cba
# end=updated
# utc_time=2015-06-11 10:46:03
# local_time=2015-06-12 12:46:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=dbcf1876c68f844590394554df9e7cba
# engine=24290
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-12 06:08:04
# local_time=2015-06-12 08:08:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=782 16777213 71 97 1236606 7988142 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1236452 11171676 0 0
# scanned=345167
# found=7
# cleaned=0
# scan_time=26521
sh=3B658F6E11D98ECA30985E7166D624665E003070 ft=0 fh=0000000000000000 vn="Variante von Win32/ELEX.CP evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Smigel\AppData\Local\Microsoft\Windows\INetCache\IE\1K2Q1Z38\1[1].zip"
sh=A2D074FFF0C3CDDFCAE49404EC095133266FBB26 ft=1 fh=3510c09058700c73 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Smigel\Downloads\Audacity - CHIP-Installer.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Smigel\Downloads\PDFCreator-1_7_3_setup.exe"
sh=F218CB4810038F0B9E1DAA6A8E73FA258D620A8C ft=1 fh=719afe2b4494447f vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Smigel\Downloads\PDFCreator-2_1_1-setup.exe"
sh=CB0FFB408870C6D10B9A1CB82FC4AC0A36312DD4 ft=1 fh=9dda181afbd8ec45 vn="Win32/Solvusoft.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Smigel\Downloads\Setup_FileViewPro_2015.exe"
sh=1B93CAC0FF37E1D6681CFDE51066888B76AD08B8 ft=1 fh=131f63c7269be413 vn="Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Smigel\Downloads\Spider-Solitaire-lnstall.exe"
sh=08131ADF7C15E801A902E72ADA9DBA8EF81AD101 ft=1 fh=0e19461b6ef503f8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Smigel\AppData\Local\Temp\DMR\dmr_72.exe"

cosinus 12.06.2015 22:10
Zitat:
C:\Users\Smigel\Downloads\Audacity - CHIP-Installer.exe
In Zukunft bitte keine Downloads mehr von chip.de! => CHIP-Installer - was ist das? - Anleitungen

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Smigel\Downloads\Audacity - CHIP-Installer.exe
C:\Users\Smigel\Downloads\PDFCreator-1_7_3_setup.exe
C:\Users\Smigel\Downloads\PDFCreator-2_1_1-setup.exe
C:\Users\Smigel\Downloads\Setup_FileViewPro_2015.exe
C:\Users\Smigel\Downloads\Spider-Solitaire-lnstall.exe
C:\Windows.old\Users\Smigel\AppData\Local\Temp
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Smigel 12.06.2015 22:26
Danke für den Hinweis. Eure Seite zu chip.de hatte ich dann gestern zufälligerweise mal gelesen. Sehr (im negativen Sinne) beeindruckend, wie man von einer seriös erscheinenden Seite getäuscht werden kann. Werde in Zukunft dann eher mal bei filepony suchen. Die Seite scheint ja deutlich ungefährlicher zu sein.

Hier das log:
Code:
Fix result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Smigel at 2015-06-12 23:19:30 Run:2
Running from C:\Users\Smigel\Downloads
Loaded Profiles: Smigel (Available Profiles: Smigel & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
C:\Users\Smigel\Downloads\Audacity - CHIP-Installer.exe
C:\Users\Smigel\Downloads\PDFCreator-1_7_3_setup.exe
C:\Users\Smigel\Downloads\PDFCreator-2_1_1-setup.exe
C:\Users\Smigel\Downloads\Setup_FileViewPro_2015.exe
C:\Users\Smigel\Downloads\Spider-Solitaire-lnstall.exe
C:\Windows.old\Users\Smigel\AppData\Local\Temp
EmptyTemp:
       
*****************

C:\Users\Smigel\Downloads\Audacity - CHIP-Installer.exe => moved successfully.
C:\Users\Smigel\Downloads\PDFCreator-1_7_3_setup.exe => moved successfully.
C:\Users\Smigel\Downloads\PDFCreator-2_1_1-setup.exe => moved successfully.
C:\Users\Smigel\Downloads\Setup_FileViewPro_2015.exe => moved successfully.
C:\Users\Smigel\Downloads\Spider-Solitaire-lnstall.exe => moved successfully.
C:\Windows.old\Users\Smigel\AppData\Local\Temp => moved successfully.
EmptyTemp: => 127.1 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 23:19:40 ====

cosinus 12.06.2015 22:30
Filepony wurde ja auch vom Trojaner-Board-Admin ins Leben gerufen ;)
Bei Filepony werden die Setups nicht gehostet, sondern nur verlinkt, d.h. tatsächlich lädt man die Software von Server des Herstellers runter. Und da ist auch sonst nix geändert oder in Downloader/Installer verpackt. Aber trotzdem musst du bei jedem Setup aufpassen, denn auch die originalen Setups wollen dem lesefaulen User gerne Junkware unterjubeln :pfui:

Sieht soweit ok aus :daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

Smigel 12.06.2015 22:47
Vielen Dank, Cosinus!
:dankeschoen:

Ghostery ist als Add-on installiert.
Es sieht alles gut aus.
:party:

Eine Frage habe ich noch:
Mein Virenscanner ist Avast Pro Antivirus.

Die Testversion von Malwarebytes Anti-Malware startet jetzt automatisch, wenn Windows gestartet wird.
Stören sich die beiden Programme oder kann ich sie nebeneinander laufen lassen?

Ansonsten werde ich mir jetzt mal die Unterstützungs-Seite von Trojaner-Board ansehen. Ihr seid schon ein hervorragender Site!!!
:applaus:

cosinus 12.06.2015 22:52
Eigentlich stören die sich nicht, aber not tut der Kram von MBAM auch nicht wirklich. Schalt es aus.

Dann wären wir durch! :daumenhoc

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

Abschließend müssen wir noch ein paar Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
   


Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Smigel 12.06.2015 23:18
Ich denke, alles ist erledigt und Du kannst meine Akte schließen.

Auch wenn ich hoffe, dass ich Eure Hilfe in Zukunft nicht benötige, weiß ich, an wen ich mich im Fall des Falls wenden kann.

Die Spendenseite hat dann zutreffend auch was abbekommen!

Nochmals vielen Dank!


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131