| boulderman | 24.01.2015 19:40 |
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Arbeit Daniel at 2015-01-24 19:36:49
Running from C:\Users\Arbeit Daniel\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8103 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3010 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Reader XI (11.0.04) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.234 - Broadcom Corporation)
BubbleSound (HKLM\...\BubbleSound) (Version: 1.0 - )
BWSRappSev2 (HKLM-x32\...\BWSRappSev2) (Version: 1.36.01.22 - BroServix+2.3)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\Pokki) (Version: 0.269.5.367 - Pokki)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.397 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9350 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-372149687-12892241-2324643792-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
23-01-2015 23:35:40 eBay Worldwide wird entfernt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {16F60ABF-AE90-4E90-A405-7D68C1B5625C} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-18] (Acer Incorporated)
Task: {17D23CAC-F6D6-4672-9493-10F2343ABB41} - \upfs7235 No Task File <==== ATTENTION
Task: {3A6C939F-4E5F-4970-897F-E0C90901EC69} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-01-18] (Acer Incorporate)
Task: {404DA473-0786-4809-A915-4B03E6F70C95} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-04] (Acer Incorporate)
Task: {4255E724-778F-4381-AFA7-B95845971801} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-23] (Google Inc.)
Task: {4D57C262-A3BE-4432-BD18-346FFAE20A05} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe
Task: {576F8236-280F-46B5-8612-FD9B56D84708} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {5FD06D2E-9369-42BA-9608-89DA3DBC1248} - System32\Tasks\QKTMVX => C:\Users\Arbeit Daniel\AppData\Roaming\QKTMVX.exe <==== ATTENTION
Task: {669E7F82-0EDD-46BF-9D2C-68B68A757F77} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>)
Task: {81E7E3BC-CCD0-4279-965F-AF784EAD2E28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-23] (Google Inc.)
Task: {87F451BC-A213-4181-A433-BA3FB820B1C1} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2014-01-16] (Acer Incorporated)
Task: {AB2E7681-602A-4B95-BEEF-7D0BD14AFDF2} - System32\Tasks\WDXJHF => C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF.exe [2015-01-23] (BroServix+2.3) <==== ATTENTION
Task: {AD6D8527-B0BA-433F-8F02-3E2E3FA0EEEE} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-04] (Acer Incorporate)
Task: {B24EA0E0-7E1D-44C0-BA20-7B788F02D6F7} - System32\Tasks\SWRDAM => C:\Users\Arbeit Daniel\AppData\Roaming\SWRDAM.exe <==== ATTENTION
Task: {C1609FE0-D5C3-4294-8744-A99045673A65} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {D8B17051-4D8C-462F-9882-3EA4F4548916} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {E5D427CF-FF1C-480F-A91A-F819B4D9416A} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\QKTMVX.job => C:\Users\Arbeit Daniel\AppData\Roaming\QKTMVX.exe <==== ATTENTION
Task: C:\Windows\Tasks\SWRDAM.job => C:\Users\Arbeit Daniel\AppData\Roaming\SWRDAM.exe <==== ATTENTION
Task: C:\Windows\Tasks\WDXJHF.job => C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2015-01-08 19:12 - 2015-01-08 19:12 - 02264576 _____ () C:\Program Files\BubbleSound\BubbleSound.dll
2014-02-18 19:02 - 2014-02-18 19:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-09-25 01:41 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-05-16 11:06 - 2014-03-07 17:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-12-31 23:52 - 2014-12-31 23:52 - 00569856 _____ () C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2014-12-31 23:52 - 2014-12-31 23:52 - 01400846 _____ () C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\avcodec-54.dll
2014-12-31 23:52 - 2014-12-31 23:52 - 00151054 _____ () C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\avutil-51.dll
2014-12-31 23:52 - 2014-12-31 23:52 - 00222734 _____ () C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\avformat-54.dll
2014-09-25 01:22 - 2013-12-10 00:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "3D BubbleSound"
HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\StartupApproved\Run: => "Optimizer Pro"
========================= Accounts: ==========================
Administrator (S-1-5-21-372149687-12892241-2324643792-500 - Administrator - Disabled)
Arbeit Daniel (S-1-5-21-372149687-12892241-2324643792-1001 - Administrator - Enabled) => C:\Users\Arbeit Daniel
Gast (S-1-5-21-372149687-12892241-2324643792-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-372149687-12892241-2324643792-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/24/2015 06:01:40 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/24/2015 05:18:46 PM) (Source: IntelDalJhi) (EventID: 11) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service has encountered an internal connection problem.
Error: (01/24/2015 05:17:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (01/24/2015 05:17:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (01/24/2015 05:17:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (01/24/2015 01:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: abengine.exe, Version: 2.3.1.2, Zeitstempel: 0x54812f7b
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000417
Fehleroffset: 0x100c9383
ID des fehlerhaften Prozesses: 0x4a0
Startzeit der fehlerhaften Anwendung: 0xabengine.exe0
Pfad der fehlerhaften Anwendung: abengine.exe1
Pfad des fehlerhaften Moduls: abengine.exe2
Berichtskennung: abengine.exe3
Vollständiger Name des fehlerhaften Pakets: abengine.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: abengine.exe5
Error: (01/24/2015 01:15:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17037, Zeitstempel: 0x5312c26d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17031, Zeitstempel: 0x530895af
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000065e8e
ID des fehlerhaften Prozesses: 0x1dd4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (01/24/2015 01:02:27 PM) (Source: MsiInstaller) (EventID: 11309) (User: Daniel)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.
Error: (01/23/2015 11:01:23 PM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: Die indizierten Daten von Windows Search für den Benutzer '<Event xmlns='hxxp://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2015-01-23T22:01:23.000000000Z'/><EventRecordID>845</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>Daniel</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>440061006E00690065006C005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>' können im Zuge der Löschung des Benutzerprofils nicht entfernt werden. Fehlercode %2.
%3.
Error: (01/23/2015 11:01:21 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: Content is missing.
Error Code:a7f42014
System errors:
=============
Error: (01/24/2015 05:29:43 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (01/24/2015 05:14:16 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 3abengine-Service{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}
Error: (01/24/2015 05:14:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "abengine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (01/24/2015 05:14:15 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 3abengine-Service{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}
Error: (01/24/2015 05:14:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "abengine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (01/24/2015 05:14:14 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 3abengine-Service{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}
Error: (01/24/2015 05:14:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "abengine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (01/24/2015 05:14:13 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 3abengine-Service{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}
Error: (01/24/2015 05:14:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "abengine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (01/24/2015 05:14:12 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 3abengine-Service{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}
Microsoft Office Sessions:
=========================
Error: (01/24/2015 06:01:40 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/24/2015 05:18:46 PM) (Source: IntelDalJhi) (EventID: 11) (User: )
Description:
Error: (01/24/2015 05:17:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe
Error: (01/24/2015 05:17:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe
Error: (01/24/2015 05:17:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Arbeit Daniel\AppData\Local\Temp\oct3B7.tmp.exe
Error: (01/24/2015 01:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: abengine.exe2.3.1.254812f7bunknown0.0.0.000000000c0000417100c93834a001d037cdd7a1dcbcC:\Program Files (x86)\Flwsrf\abengine.exeunknownba8a25c2-a3c5-11e4-825f-f0761c2d8656
Error: (01/24/2015 01:15:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.170375312c26dntdll.dll6.3.9600.17031530895afc00000050000000000065e8e1dd401d037cf4391c834C:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dlla7c0165e-a3c2-11e4-825f-f0761c2d8656
Error: (01/24/2015 01:02:27 PM) (Source: MsiInstaller) (EventID: 11309) (User: Daniel)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (01/23/2015 11:01:23 PM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: <Event xmlns='hxxp://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2015-01-23T22:01:23.000000000Z'/><EventRecordID>845</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>Daniel</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>440061006E00690065006C005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>
Error: (01/23/2015 11:01:21 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: a7f42014
CodeIntegrity Errors:
===================================
Date: 2015-01-24 13:18:23.649
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-24 13:18:23.621
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-24 13:15:25.068
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-24 13:15:25.051
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-24 13:14:54.758
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-24 13:14:44.875
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-24 13:14:40.713
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-24 13:14:40.677
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-24 13:14:32.958
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-01-24 13:14:32.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 54%
Total physical RAM: 4019.27 MB
Available physical RAM: 1846.49 MB
Total Pagefile: 5427.27 MB
Available Pagefile: 3082.61 MB
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Arbeit Daniel (administrator) on DANIEL on 24-01-2015 19:35:56
Running from C:\Users\Arbeit Daniel\Downloads
Loaded Profiles: Arbeit Daniel (Available profiles: Arbeit Daniel)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUicnt.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\HostAppService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Pokki) C:\Users\Arbeit Daniel\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(BroServix+2.3) C:\Program Files (x86)\BWSRappSev2\BWSRappSev2-bg.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Farbar) C:\Users\Arbeit Daniel\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [3D BubbleSound] => C:\Program Files\BubbleSound\3D BubbleSound.exe [14115328 2015-01-09] (zik.mu)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-07-24] (McAfee, Inc.)
HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-372149687-12892241-2324643792-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://tikotin.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {DF9F6E42-A85C-42CC-82C6-BB102DEF23E1} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-372149687-12892241-2324643792-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=ST500LT012-1DG142_W3P8REZNXXXXW3P8REZN&ts=1422051337&type=default&q={searchTerms}
BHO: BWSRappSev2 -> {11111111-1111-1111-1111-110611991117} -> C:\Program Files (x86)\BWSRappSev2\BWSRappSev2-bho64.dll (BroServix+2.3)
BHO-x32: BWSRappSev2 -> {11111111-1111-1111-1111-110611991117} -> C:\Program Files (x86)\BWSRappSev2\BWSRappSev2-bho.dll (BroServix+2.3)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\mcsniepl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog9 01 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9 16 C:\Windows\system32\abengine.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 02 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 03 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 04 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Winsock: Catalog9-x64 16 C:\Windows\system32\abengine64.dll [370880] (Abengine)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll ()
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-05-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-05-16]
FF HKU\S-1-5-21-372149687-12892241-2324643792-1001\...\Firefox\Extensions: [{7DEBE74A-F60E-1010-4430-598EAAAF698D}] - C:\Program Files (x86)\ver8SpeedChecker\186.xpi
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=MAA266058-6AD7-4DEC-B67D-0080AD9A963B&SearchSource=55&CUI=&UM=8&UP=SPD47E5FB2-76FE-4965-B099-7216033A1130&SSPV="
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-23]
CHR Extension: (Google Docs) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-23]
CHR Extension: (Google Drive) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-24]
CHR Extension: (YouTube) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-23]
CHR Extension: (Adblock Plus) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-24]
CHR Extension: (CommonShare) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmjbmkmgbfcjchbimamdpopjkmkbioi [2015-01-24]
CHR Extension: (Google Search) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-23]
CHR Extension: (Google Sheets) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-23]
CHR Extension: (SiteAdvisor) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-23]
CHR Extension: (AdBlock) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-24]
CHR Extension: (Google Wallet) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-23]
CHR Extension: (Gmail) - C:\Users\Arbeit Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-23]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-07-21]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-01-18] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [175464 2013-07-24] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-07-06] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-30] (McAfee, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-04] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-04] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-09-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-25] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-09-25] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-24 19:35 - 2015-01-24 19:36 - 00022272 _____ () C:\Users\Arbeit Daniel\Downloads\FRST.txt
2015-01-24 19:35 - 2015-01-24 19:36 - 00000000 ____D () C:\FRST
2015-01-24 19:35 - 2015-01-24 19:35 - 02129920 _____ (Farbar) C:\Users\Arbeit Daniel\Downloads\FRST64 (1).exe
2015-01-24 19:34 - 2015-01-24 19:34 - 02129920 _____ (Farbar) C:\Users\Arbeit Daniel\Downloads\FRST64.exe
2015-01-24 17:22 - 2015-01-24 17:22 - 00000000 ____D () C:\ProgramData\186fef6e00000659
2015-01-24 17:21 - 2015-01-24 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-24 17:16 - 2015-01-24 17:16 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-01-24 17:14 - 2015-01-24 17:14 - 00021976 _____ () C:\Windows\system32\Drivers\SPPD.sys
2015-01-24 14:01 - 2015-01-24 14:01 - 00000000 ____D () C:\Users\Arbeit Daniel\Documents\Optimizer Pro
2015-01-24 13:33 - 2015-01-24 17:24 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Windows Live
2015-01-24 13:32 - 2015-01-24 13:32 - 01239752 _____ (Microsoft Corporation) C:\Users\Arbeit Daniel\Downloads\wlsetup-web.exe
2015-01-24 13:26 - 2015-01-24 17:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-24 13:26 - 2015-01-24 13:26 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-24 13:26 - 2015-01-24 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-24 13:25 - 2015-01-24 13:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-24 13:25 - 2015-01-24 13:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-24 13:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-24 13:25 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-24 13:25 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-24 13:24 - 2015-01-24 13:24 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Arbeit Daniel\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-24 13:14 - 2015-01-24 13:14 - 00000000 ____D () C:\ProgramData\43a438fc00001e7f
2015-01-24 13:12 - 2015-01-24 13:12 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BubbleSound 1.0
2015-01-24 13:12 - 2015-01-24 13:12 - 00000000 ____D () C:\Program Files\BubbleSound
2015-01-24 13:10 - 2015-01-24 13:10 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Acer Aspire R7 Tutorial
2015-01-24 13:08 - 2015-01-24 17:14 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\InetStat
2015-01-24 13:08 - 2015-01-24 13:08 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2015-01-24 13:04 - 2014-12-05 00:09 - 00370880 _____ (Abengine) C:\Windows\system32\abengine64.dll
2015-01-24 13:03 - 2015-01-24 13:03 - 00000002 _____ () C:\END
2015-01-24 13:02 - 2015-01-24 17:15 - 00001384 _____ () C:\Windows\Tasks\SWRDAM.job
2015-01-24 13:02 - 2015-01-24 13:02 - 00004402 _____ () C:\Windows\System32\Tasks\SWRDAM
2015-01-24 13:02 - 2015-01-24 13:02 - 00000000 ____D () C:\Program Files (x86)\99d5089f-8116-4850-8c55-0f51a9c108f8
2015-01-24 13:01 - 2015-01-24 17:14 - 00000000 ____D () C:\ProgramData\TPMRZi
2015-01-23 23:18 - 2015-01-24 19:29 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 23:18 - 2015-01-24 17:16 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 23:18 - 2015-01-23 23:24 - 00004122 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-23 23:18 - 2015-01-23 23:24 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-23 23:18 - 2015-01-23 23:18 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Google
2015-01-23 23:18 - 2015-01-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-23 23:18 - 2015-01-23 23:18 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-23 23:16 - 2015-01-24 14:00 - 00000000 ___HD () C:\Users\Public\Temp
2015-01-23 23:15 - 2015-01-23 23:15 - 00003472 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Popup
2015-01-23 23:15 - 2015-01-23 23:15 - 00003208 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Start
2015-01-23 23:15 - 2015-01-23 23:15 - 00000000 ____D () C:\Users\Arbeit Daniel\Documents\ProPCCleaner
2015-01-23 23:15 - 2015-01-23 23:15 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Pro_PC_Cleaner
2015-01-23 23:14 - 2015-01-24 17:58 - 00001384 _____ () C:\Windows\Tasks\QKTMVX.job
2015-01-23 23:14 - 2015-01-24 17:15 - 00001384 _____ () C:\Windows\Tasks\WDXJHF.job
2015-01-23 23:14 - 2015-01-24 17:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-23 23:14 - 2015-01-24 17:12 - 00000000 ____D () C:\Program Files (x86)\BWSRappSev2
2015-01-23 23:14 - 2015-01-23 23:14 - 01878504 _____ (BroServix+2.3) C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF.exe
2015-01-23 23:14 - 2015-01-23 23:14 - 00004402 _____ () C:\Windows\System32\Tasks\WDXJHF
2015-01-23 23:14 - 2015-01-23 23:14 - 00004402 _____ () C:\Windows\System32\Tasks\QKTMVX
2015-01-23 23:14 - 2015-01-23 23:14 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\globalUpdate
2015-01-23 23:13 - 2015-01-23 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2015-01-23 23:11 - 2015-01-24 19:11 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0236F925-95AD-4D52-86AE-38EFBEF32D33}
2015-01-23 23:11 - 2015-01-24 18:10 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-372149687-12892241-2324643792-1001
2015-01-23 23:11 - 2015-01-23 23:11 - 00000000 __SHD () C:\Users\Arbeit Daniel\AppData\Local\EmieUserList
2015-01-23 23:11 - 2015-01-23 23:11 - 00000000 __SHD () C:\Users\Arbeit Daniel\AppData\Local\EmieSiteList
2015-01-23 23:11 - 2015-01-23 23:11 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Macromedia
2015-01-23 23:09 - 2015-01-24 13:01 - 00002163 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2015-01-23 23:09 - 2015-01-23 23:09 - 00000000 ____D () C:\Users\Public\Pokki
2015-01-23 23:09 - 2015-01-23 23:09 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\AOP SDK
2015-01-23 23:08 - 2015-01-24 17:17 - 00002334 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-01-23 23:07 - 2015-01-23 23:08 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\clear.fi
2015-01-23 23:07 - 2015-01-23 23:07 - 00000000 ____D () C:\Users\Arbeit Daniel\PicStream
2015-01-23 23:06 - 2015-01-23 23:06 - 00001272 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2015-01-23 23:06 - 2015-01-23 23:06 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-01-23 23:06 - 2015-01-23 23:06 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2015-01-23 23:05 - 2015-01-23 23:38 - 00001450 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-23 23:05 - 2015-01-23 23:06 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Packages
2015-01-23 23:05 - 2015-01-23 23:05 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-01-23 23:05 - 2015-01-23 23:05 - 00000020 ___SH () C:\Users\Arbeit Daniel\ntuser.ini
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Vorlagen
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Startmenü
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Netzwerkumgebung
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Lokale Einstellungen
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Eigene Dateien
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Druckumgebung
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Documents\Eigene Musik
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Documents\Eigene Bilder
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\AppData\Local\Verlauf
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\AppData\Local\Anwendungsdaten
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 _SHDL () C:\Users\Arbeit Daniel\Anwendungsdaten
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Adobe
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\VirtualStore
2015-01-23 23:05 - 2015-01-23 23:05 - 00000000 ____D () C:\Program Files\Accessory Store
2015-01-23 23:04 - 2015-01-24 17:18 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Local\Pokki
2015-01-23 23:04 - 2015-01-23 23:07 - 00000000 ____D () C:\Users\Arbeit Daniel
2015-01-23 23:04 - 2014-09-25 10:54 - 00000000 ___RD () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-23 23:04 - 2014-03-18 11:33 - 00000000 ___RD () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-23 23:04 - 2014-03-18 11:13 - 00000369 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-23 23:04 - 2014-03-18 11:13 - 00000369 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-23 23:04 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-23 23:04 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Arbeit Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-23 23:01 - 2015-01-24 17:31 - 00280983 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-23 22:59 - 2015-01-23 22:59 - 00000000 _SHDL () C:\Dokumente und Einstellungen
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-24 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-24 17:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-24 17:20 - 2014-09-25 10:46 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-01-24 17:20 - 2014-09-25 10:46 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-01-24 17:20 - 2014-03-18 11:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-24 17:15 - 2014-05-16 10:36 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-24 17:15 - 2014-03-18 10:54 - 00131226 _____ () C:\Windows\PFRO.log
2015-01-24 17:15 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-24 17:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\tracing
2015-01-24 17:14 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-24 17:12 - 2014-05-16 10:33 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-24 17:12 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini
2015-01-24 17:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-24 13:09 - 2013-08-22 15:46 - 00021366 _____ () C:\Windows\setupact.log
2015-01-24 13:06 - 2014-05-16 10:36 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-23 23:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\restore
2015-01-23 23:34 - 2014-05-16 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-23 23:34 - 2014-05-16 10:24 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-23 23:15 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-23 23:09 - 2014-05-16 11:03 - 00000000 ___HD () C:\OEM
2015-01-23 23:07 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-23 23:05 - 2014-05-16 11:09 - 00000000 ____D () C:\Windows\Panther
2015-01-23 23:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-01-23 22:59 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-23 22:59 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
==================== Files in the root of some directories =======
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\QKTMVX
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\SWRDAM
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF
2015-01-23 23:14 - 2015-01-23 23:14 - 1878504 _____ (BroServix+2.3) C:\Users\Arbeit Daniel\AppData\Roaming\WDXJHF.exe
2014-09-25 01:18 - 2014-09-25 01:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Arbeit Daniel\AppData\Local\Temp\60B625C8-ACFD-E501-3BD2-DB933563EF4C.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\7742FB50-1343-49C2-4BFE-D411A9042363.dll
C:\Users\Arbeit Daniel\AppData\Local\Temp\7742FB50-1343-49C2-4BFE-D411A9042363.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\Launcher__10272.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\oct3B7.tmp.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\optprosetup.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\setup_337.exe
C:\Users\Arbeit Daniel\AppData\Local\Temp\SpOrder.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-05-16 10:10
==================== End Of Log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
SecurityCheck und:
