hexchen06 | 01.07.2014 21:08 | Werbefenster Adchoices Hallo,
auf meinem Rechner öffnen sich andauernd Werbefenster. In den Fenstern steht irgendwas von ADchoices.
Anbei die Logdateien. FRST Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2014
Ran by XXXXXXX (administrator) on XXXXXXX-PC on 01-07-2014 21:29:36
Running from C:\Users\XXXXXXX\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Farbar) C:\Users\XXXXXXX\Downloads\FRST64(1).exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\Setup\instup.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7138816 2012-06-17] (Broadcom Corporation)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [InstantUpdate] => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-06] ()
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [98304 2012-09-03] (Apple Computer, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-04] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
HKLM-x32\...\Runonce: [SpUninstallCleanUp] - REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2009-04-02] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\...\MountPoints2: {7b7b2065-0318-11e3-b942-404e57434401} - E:\AutoRun.exe
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\...\MountPoints2: {b33b7fa4-bf09-11e2-9c77-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\...\MountPoints2: {b33b7fe9-bf09-11e2-9c77-404e57434401} - E:\AutoRun.exe
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\...\MountPoints2: {ea692836-c2c8-11e2-8ef2-404e57434401} - E:\AutoRun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP8E2FE672-1771-4351-A6AB-6E13F3B1D504&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP8E2FE672-1771-4351-A6AB-6E13F3B1D504&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: leSss2pay - {48C0CDED-51CD-D946-500D-AB4DA3F89EE9} - C:\ProgramData\leSss2pay\uptts.x64.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: RoyalCOupon - {E8A656BB-C0E5-03CB-CF04-980DE5FB9CC0} - C:\ProgramData\RoyalCOupon\xrS.x64.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0A7DBD88-C27A-4553-B875-493AF9796952}: [NameServer]193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{B0748B4E-5603-4BE0-ADCB-5A32963F78BA}: [NameServer]193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{CFE525FC-DFEC-4BA4-8E58-B5B71F67AFF0}: [NameServer]193.189.244.206 193.189.244.225
FireFox:
========
FF ProfilePath: C:\Users\XXXXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\t1tqg8bn.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\XXXXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\t1tqg8bn.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\XXXXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\t1tqg8bn.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-03-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-11]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8E2FE672-1771-4351-A6AB-6E13F3B1D504&SSPV=", "https://www.google.de/?gws_rd=ssl"
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP8E2FE672-1771-4351-A6AB-6E13F3B1D504&q={searchTerms}&SSPV=
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\XXXXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-19]
CHR Extension: (Google Drive) - C:\Users\XXXXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-19]
CHR Extension: (YouTube) - C:\Users\XXXXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-19]
CHR Extension: (Google-Suche) - C:\Users\XXXXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-19]
CHR Extension: (SiteAdvisor) - C:\Users\XXXXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-03-19]
CHR Extension: (Color Space) - C:\Users\XXXXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmbfjgnachickfhchheghlmannlgcma [2014-06-15]
CHR Extension: (Google Wallet) - C:\Users\XXXXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2012-09-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-25] (AVAST Software)
S2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [File not signed]
S3 de_serv; C:\Program Files (x86)\Common Files\AVM\de_serv.exe [196669 2003-11-03] (AVM Berlin) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-13] (WildTangent)
S2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [45568 2014-01-15] (Parallel Lines Development, LLC) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5824512 2012-06-17] (Broadcom Corporation) [File not signed]
S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-25] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-25] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-25] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-03-01] ()
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [105472 2006-12-08] (AVM GmbH)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-03-21] (Broadcom Corporation.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.)
S3 fxusbase; C:\Windows\System32\DRIVERS\fxusbase.sys [706560 2006-12-08] (AVM Berlin)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-03-01] ()
S2 AVMPORT; \SystemRoot\System32\drivers\avmport.sys [X]
S3 gfiark; system32\drivers\gfiark.sys [X]
R2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-01 21:29 - 2014-07-01 21:29 - 00028435 _____ () C:\Users\XXXXXXX\Downloads\FRST.txt
2014-07-01 21:29 - 2014-07-01 21:29 - 00000000 ____D () C:\FRST
2014-07-01 21:28 - 2014-07-01 21:29 - 02083328 _____ (Farbar) C:\Users\XXXXXXX\Downloads\FRST64(1).exe
2014-07-01 21:26 - 2014-07-01 21:27 - 02083328 _____ (Farbar) C:\Users\XXXXXXX\Downloads\FRST64.exe
2014-07-01 21:26 - 2014-07-01 21:26 - 01073664 _____ (Farbar) C:\Users\XXXXXXX\Downloads\FRST.exe
2014-07-01 21:21 - 2014-07-01 21:21 - 00000000 ____D () C:\Users\XXXXXXX\Desktop\Virenscaner
2014-07-01 21:20 - 2014-07-01 21:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\XXXXXXX\Downloads\HijackThis.exe
2014-07-01 21:20 - 2014-07-01 21:20 - 00017891 _____ () C:\Users\XXXXXXX\Downloads\hijackthis.log
2014-07-01 21:12 - 2014-07-01 21:17 - 00003672 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg
2014-07-01 21:12 - 2014-07-01 21:12 - 00001400 _____ () C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2014-07-01 21:09 - 2014-07-01 21:09 - 00707664 _____ (iS3, Inc.) C:\Users\XXXXXXX\Downloads\SZSetup_AID10121_AV.exe
2014-07-01 20:50 - 2014-07-01 20:50 - 00000000 __SHD () C:\Users\XXXXXXX\AppData\Local\EmieUserList
2014-07-01 20:50 - 2014-07-01 20:50 - 00000000 __SHD () C:\Users\XXXXXXX\AppData\Local\EmieSiteList
2014-07-01 20:42 - 2014-07-01 20:42 - 00000000 ____D () C:\ProgramData\Websteroids
2014-06-25 20:00 - 2014-06-25 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-25 20:00 - 2014-06-25 20:00 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-15 19:24 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-15 19:24 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-15 19:24 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-15 19:24 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-15 19:24 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-15 19:24 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-15 19:24 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-15 19:24 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-15 19:24 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-15 19:24 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-15 19:24 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-15 19:24 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-15 19:24 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-15 19:24 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-15 19:24 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-15 19:24 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-15 19:24 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-15 19:24 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-15 19:24 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-15 19:24 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-15 19:24 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-15 19:24 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-15 19:24 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-15 19:24 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-15 19:24 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-15 19:24 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-15 19:24 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-15 19:23 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-15 19:23 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-15 19:23 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-15 19:23 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-15 19:23 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-15 19:23 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-15 19:23 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-15 19:23 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-15 19:23 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-15 19:23 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-15 19:23 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-15 19:23 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-15 19:23 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-15 19:23 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-15 19:23 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-15 19:23 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-15 19:23 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-15 19:23 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-15 19:23 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-15 19:23 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-15 19:23 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-15 19:23 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-15 19:23 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-15 19:23 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-15 19:23 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-15 19:23 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-15 19:23 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-15 19:23 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-15 19:23 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-15 19:23 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-15 19:23 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-15 19:23 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-15 19:23 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-15 19:23 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-15 19:23 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-15 19:23 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-15 19:23 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-15 19:23 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-15 19:23 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-15 19:23 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-15 19:23 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
==================== One Month Modified Files and Folders =======
2014-07-01 21:29 - 2014-07-01 21:29 - 00028435 _____ () C:\Users\XXXXXXX\Downloads\FRST.txt
2014-07-01 21:29 - 2014-07-01 21:29 - 00000000 ____D () C:\FRST
2014-07-01 21:29 - 2014-07-01 21:28 - 02083328 _____ (Farbar) C:\Users\XXXXXXX\Downloads\FRST64(1).exe
2014-07-01 21:27 - 2014-07-01 21:26 - 02083328 _____ (Farbar) C:\Users\XXXXXXX\Downloads\FRST64.exe
2014-07-01 21:26 - 2014-07-01 21:26 - 01073664 _____ (Farbar) C:\Users\XXXXXXX\Downloads\FRST.exe
2014-07-01 21:21 - 2014-07-01 21:21 - 00000000 ____D () C:\Users\XXXXXXX\Desktop\Virenscaner
2014-07-01 21:21 - 2012-03-26 09:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 21:20 - 2014-07-01 21:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\XXXXXXX\Downloads\HijackThis.exe
2014-07-01 21:20 - 2014-07-01 21:20 - 00017891 _____ () C:\Users\XXXXXXX\Downloads\hijackthis.log
2014-07-01 21:17 - 2014-07-01 21:12 - 00003672 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg
2014-07-01 21:12 - 2014-07-01 21:12 - 00001400 _____ () C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2014-07-01 21:12 - 2014-02-15 16:19 - 00000000 ____D () C:\ProgramData\Updater
2014-07-01 21:12 - 2014-02-15 16:19 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-07-01 21:09 - 2014-07-01 21:09 - 00707664 _____ (iS3, Inc.) C:\Users\XXXXXXX\Downloads\SZSetup_AID10121_AV.exe
2014-07-01 20:50 - 2014-07-01 20:50 - 00000000 __SHD () C:\Users\XXXXXXX\AppData\Local\EmieUserList
2014-07-01 20:50 - 2014-07-01 20:50 - 00000000 __SHD () C:\Users\XXXXXXX\AppData\Local\EmieSiteList
2014-07-01 20:50 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-01 20:50 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-01 20:49 - 2013-03-19 14:15 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 20:47 - 2012-06-17 03:16 - 01957668 _____ () C:\Windows\WindowsUpdate.log
2014-07-01 20:43 - 2014-04-10 14:13 - 00000000 ____D () C:\Users\XXXXXXX\AppData\Local\LogMeIn Hamachi
2014-07-01 20:42 - 2014-07-01 20:42 - 00000000 ____D () C:\ProgramData\Websteroids
2014-07-01 20:41 - 2013-03-19 14:15 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 20:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 20:41 - 2009-07-14 06:51 - 00079156 _____ () C:\Windows\setupact.log
2014-07-01 16:34 - 2014-02-21 15:08 - 00000000 ____D () C:\Users\XXXXXXX\AppData\Roaming\.minecraft
2014-06-30 16:58 - 2012-03-26 09:08 - 00000000 ____D () C:\ProgramData\Temp
2014-06-30 14:15 - 2012-11-11 18:02 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-25 20:24 - 2012-09-14 19:13 - 00000000 ____D () C:\Users\XXXXXXX\Documents\Outlook-Dateien
2014-06-25 20:00 - 2014-06-25 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-25 20:00 - 2014-06-25 20:00 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-25 20:00 - 2014-04-10 14:12 - 00000930 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-06-20 10:26 - 2013-08-21 15:44 - 00000000 ____D () C:\Users\XXXXXXX\AppData\Local\Runic Games
2014-06-16 11:02 - 2013-08-10 16:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-16 11:02 - 2012-11-11 18:03 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-16 11:01 - 2012-09-14 18:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-16 10:58 - 2014-05-08 15:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-15 20:51 - 2014-03-09 11:36 - 00000000 ____D () C:\ProgramData\236786e2634f5d65
2014-06-08 11:13 - 2014-06-15 19:23 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-15 19:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-09-15 08:51
==================== End Of Log ============================
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2014
Ran by XXXXXXX at 2014-07-01 21:30:11
Running from C:\Users\XXXXXXX\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
clear.fi SDK - MVP 2 (x32 Version: 2.0.1505 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.0.1502 - CyberLink Corp.) Hidden
100 Prozent Wimmelbild (HKLM-x32\...\{149F9A5E-889D-474B-BA15-AFA0E614E5EA}_is1) (Version: - cerasus.media GmbH)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Instant Update Service (HKLM\...\{36674AE9-6D3D-48D6-BC7B-209F556D65EE}) (Version: 1.00.3004 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.1107.1418 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Alchemy Mahjongg (HKLM-x32\...\Alchemy Mahjongg) (Version: - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.120 - Broadcom Corporation)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.00.3004 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3004 - Acer Incorporated)
ComCenter (HKLM-x32\...\ComCenter 1.0) (Version: - )
Cradle of Egypt (HKLM-x32\...\{2C02C8E3-CF3B-44BE-98C8-12A16EAF2713}_is1) (Version: - cerasus.media GmbH)
Cradle of Rome 2 (HKLM-x32\...\{E60E8119-F64A-436B-8449-4FF87FC97350}_is1) (Version: - cerasus.media GmbH)
Culture of Asia and Pirates Treasure (HKLM-x32\...\Culture of Asia and Pirates Treasure) (Version: - )
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeathMan (HKLM-x32\...\DeathMan_is1) (Version: - DominiGames)
Deep Ocean (HKLM-x32\...\Deep Ocean_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)
Die Legende des goldenen Buches Version 1.1 (HKLM-x32\...\Die Legende des goldenen Buches_is1) (Version: 1.1 - )
Die Sage von Odysseus (HKLM-x32\...\Die Sage von Odysseus_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileParade bundle uninstaller (HKLM-x32\...\FileParade bundle uninstaller) (Version: 1.0.0.0 - FileParade) <==== ATTENTION
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.1.2 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)
Google Drive (HKLM-x32\...\{56D4499E-AC3E-4B8D-91C9-C700C148C44B}) (Version: 1.13.5782.599 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Great Mahjongg (HKLM-x32\...\Great Mahjongg) (Version: - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Internet Updater (HKLM-x32\...\InternetUpdater) (Version: 2.6.57 - Parallel Lines Development, LLC) <==== ATTENTION
ISDN CAPI Port (HKLM-x32\...\AVM ISDN CAPI Port) (Version: - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Legends - Baum des Lebens (HKLM-x32\...\{93132891-B97C-406D-831E-3E37D2C1A62B}_is1) (Version: - cerasus.media GmbH)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 2.1.5 - Kobo Inc.)
Konfigurator Eumex 400 (HKLM-x32\...\Konfigurator Eumex 400) (Version: - )
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Acer Inc.)
leSss2pay (HKLM-x32\...\{82B558C7-2A69-D3D5-B65A-DCAB3B65AD02}) (Version: - lesS2epayi) <==== ATTENTION
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
Lollipop Deutsch 3 (HKLM-x32\...\Lollipop Deutsch 3_is1) (Version: - Cornelsen) <==== ATTENTION
Lollipop Mathe 3 (HKLM-x32\...\Lollipop Mathe 3_is1) (Version: - Cornelsen) <==== ATTENTION
Mahjongg - Ancient Egypt (HKLM-x32\...\{47A0EDD9-BAC6-4F7C-A22A-D69122970160}_is1) (Version: - cerasus.media GmbH)
Mahjongg - Ancient Mayas (HKLM-x32\...\{BDA4BA81-D380-4596-95D3-5D8FA612FDA1}_is1) (Version: - cerasus.media GmbH)
Mahjongg - Reise durch die Zeit (HKLM-x32\...\Mahjongg - Reise durch die Zeit) (Version: - )
Mahjongg Artifacts (HKLM-x32\...\Mahjongg Artifacts) (Version: - )
Mahjongg Dreams (HKLM-x32\...\{AD07C5E9-C15D-4508-92CA-C527F386D548}_is1) (Version: - cerasus.media GmbH)
Mahjongg Mysteries - Ancient Athena (HKLM-x32\...\{90AB5541-2FC9-41E7-BF33-16A162E97F2B}_is1) (Version: - cerasus.media GmbH)
Maxxjongg (HKLM-x32\...\Maxxjongg) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.09.04.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Mystery Stories - Das Geisterschiff (HKLM-x32\...\{9C362EEE-BEDE-4E97-9930-8F463B95BFF0}_is1) (Version: - Rondomedia)
Mystery Stories - Expedition des Grauens (HKLM-x32\...\{91AC4ECB-8C44-47CA-833D-0769B8CD0E7E}_is1) (Version: - cerasus.media GmbH)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9006 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rasputins Curse (HKLM-x32\...\Rasputins Curse) (Version: 1.00 - phenomedia publishing gmbh)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
Robinson Crusoe and the Cursed Pirates (HKLM-x32\...\Robinson Crusoe and the Cursed Pirates) (Version: 1.00 - phenomedia publishing gmbh)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 6.2.0.5 - WildTangent, Inc.)
T-Com Konfigurator Eumex 400 (HKLM-x32\...\T-Com Konfigurator Eumex 400) (Version: - )
The Mystery of the Crystal Portal - Die versunkene Welt (HKLM-x32\...\The Mystery of the Crystal Portal - Die versunkene Welt) (Version: 1.00 - phenomedia publishing gmbh)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight II (HKLM-x32\...\{55F7D521-17CA-454D-9D4D-975EF2E10708}_is1) (Version: - White Rabbit Interactive)
Torchlight Version 1.0 (HKLM-x32\...\{A3DD2EC4-D17E-4EE1-B6A5-4C7075B34627}_is1) (Version: 1.0 - Nordic Games GmbH)
Treasure Masters, Inc. (HKLM-x32\...\Treasure Masters, Inc.) (Version: - )
Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2610 - Broadcom Corporation)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\BC15EA930074932BB2C4B4493C9FD4EA95087D1A) (Version: 10/12/2007 6.85.4.0 - Nokia)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
03-05-2014 14:08:59 Windows Update
03-05-2014 15:31:44 Windows Update
08-05-2014 12:26:04 Windows Update
08-05-2014 13:53:04 Windows Update
13-05-2014 14:36:55 Windows Update
15-05-2014 14:13:03 Windows Update
20-05-2014 13:45:45 Windows Update
30-05-2014 14:55:56 Windows Update
04-06-2014 16:58:11 Windows Update
15-06-2014 17:18:32 Windows Update
15-06-2014 21:24:42 Windows Update
16-06-2014 08:58:27 Windows Modules Installer
16-06-2014 08:59:05 Windows Modules Installer
16-06-2014 08:59:50 Windows Modules Installer
20-06-2014 08:35:41 Windows Update
25-06-2014 18:05:08 Windows Update
01-07-2014 14:15:06 Windows Update
01-07-2014 19:10:46 Installed STOPzilla
01-07-2014 19:27:27 Removed STOPzilla
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-07-01 21:11 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {8FCCD5FC-865A-49C0-8A55-FF5E70DD5FA1} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {AB61133F-D7B5-4CC2-A715-70342F2380C6} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {B0E36AEA-E64D-4E44-8040-A1721C43568E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-19] (Google Inc.)
Task: {C22D605F-D547-4DF0-A0B7-15E1F622C68D} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {DC486354-47CF-4052-AE80-6927A3A7FB79} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: {E178CF5A-8084-4B29-A4E0-979098AA75A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-19] (Google Inc.)
Task: {ED4BAA8E-7F31-4304-B8FB-C02F4A5645A8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-25] (AVAST Software)
Task: {F1CF41AC-B867-40CB-9994-D8844AF977C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {F79047E9-4C18-46D9-8045-4745D7FA6CB8} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2012-01-19] (Acer)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-06-17 03:28 - 2012-10-02 21:51 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-14 12:29 - 2012-03-27 02:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-04-06 20:29 - 2012-04-06 20:29 - 00040552 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-04-06 20:29 - 2012-04-06 20:29 - 00022120 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2014-07-01 16:08 - 2014-06-30 19:59 - 02789376 _____ () C:\Program Files\AVAST Software\Avast\defs\14063001\algo.dll
2012-01-05 23:22 - 2012-01-05 23:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2014-01-25 20:23 - 2014-01-25 20:23 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-01-05 23:22 - 2012-01-05 23:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 23:22 - 2012-01-05 23:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-02-15 16:20 - 2014-02-15 16:20 - 02961368 _____ () c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2014-02-15 15:29 - 2014-02-15 15:29 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-18 19:02 - 2014-02-18 19:02 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\00a0b4a9df6e4abf30ae2af3624a77ce\IsdiInterop.ni.dll
2012-03-26 08:37 - 2012-02-02 01:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-17 03:32 - 2012-02-08 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\XXXXXXX:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\XXXXXXX\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\XXXXXXX\Cookies:gs5sys
AlternateDataStreams: C:\Users\XXXXXXX\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\XXXXXXX\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\XXXXXXX\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\XXXXXXX\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\XXXXXXX\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\XXXXXXX\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\XXXXXXX\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\XXXXXXX\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-3474577583-1851662577-3238914967-1001\Software\Classes\exefile: <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/01/2014 09:15:47 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" ; Beschreibung = STOPzilla Restore Point.; Fehler = 0x80042319).
Error: (07/01/2014 08:43:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 07:37:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 04:06:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2014 02:14:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2014 09:02:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/28/2014 00:48:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2014 05:28:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2014 07:59:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/23/2014 03:08:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/01/2014 09:09:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Optimizer Pro Crash Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/01/2014 09:09:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DCService.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/01/2014 08:45:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (07/01/2014 08:45:41 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (07/01/2014 08:42:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/01/2014 08:42:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Updater" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/01/2014 08:42:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Updater erreicht.
Error: (07/01/2014 08:41:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVMPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (07/01/2014 08:41:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\avmport.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (07/01/2014 07:39:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Microsoft Office Sessions:
=========================
Error: (07/01/2014 09:15:47 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" STOPzilla Restore Point.0x80042319
Error: (07/01/2014 08:43:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 07:37:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 04:06:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2014 02:14:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2014 09:02:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/28/2014 00:48:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2014 05:28:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2014 07:59:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/23/2014 03:08:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 8030.36 MB
Available physical RAM: 5666.89 MB
Total Pagefile: 16058.89 MB
Available Pagefile: 13506.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:597.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 8DBB1456)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=681 GB) - (Type=07 NTFS)
==================== End Of Log ============================
GMER Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-01 21:58:32
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JE4O 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\XXXXXXXX\AppData\Local\Temp\kwdiqfow.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[736] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\system32\winlogon.exe[776] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\system32\services.exe[840] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\system32\nvvsvc.exe[360] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[464] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1076] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE[1588] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\system32\WLANExt.exe[1596] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe[1660] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1736] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\system32\nvvsvc.exe[1752] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\system32\taskhost.exe[2060] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\system32\Dwm.exe[2120] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\Explorer.EXE[2168] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2452] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE[2504] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe[2572] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\dsiwmis.exe[2692] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe[2740] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\LMworker.exe[2748] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\LMutilps32.exe[2760] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Acer\Registration\GREGsvc.exe[2800] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Windows\System32\igfxtray.exe[2964] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\System32\hkcmd.exe[2972] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\System32\igfxpers.exe[2076] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2220] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2416] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\Elantech\ETDCtrl.exe[2932] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE[1132] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe[732] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3112] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[3188] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[3188] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075921465 2 bytes [92, 75]
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[3188] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759214bb 2 bytes [92, 75]
.text ... * 2
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[3288] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3384] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe[3732] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe[3732] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075921465 2 bytes [92, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe[3732] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759214bb 2 bytes [92, 75]
.text ... * 2
.text C:\Dolby PCEE4\pcee4.exe[3744] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3772] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3772] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075921465 2 bytes [92, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3772] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759214bb 2 bytes [92, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3788] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[3856] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075921465 2 bytes [92, 75]
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759214bb 2 bytes [92, 75]
.text ... * 2
.text C:\Program Files\AVAST Software\Avast\avastui.exe[3920] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3948] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe[3992] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[4000] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[4000] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075921465 2 bytes [92, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[4000] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759214bb 2 bytes [92, 75]
.text ... * 2
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[4028] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Windows\system32\igfxext.exe[516] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\system32\igfxsrvc.exe[3708] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2892] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075921465 2 bytes [92, 75]
.text C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe[2892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759214bb 2 bytes [92, 75]
.text ... * 2
.text C:\Windows\system32\taskeng.exe[4340] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe[4376] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Windows\system32\wbem\unsecapp.exe[4712] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe[4840] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5816] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007774ef8d 1 byte [62]
.text C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe[6752] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe[6820] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[2796] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[4168] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[5492] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
.text C:\Users\XXXXXXXX\Downloads\Gmer-19357.exe[6744] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007549a2fd 1 byte [62]
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\08edb9ee37aa
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\08edb9ee37aa (not active ControlSet)
---- EOF - GMER 2.1 ---- Kann mir irgendjemand helfen??
Vielen Dank! |