| |
| |||||||
Log-Analyse und Auswertung: Omiga-Plus Spyware Addon gefunden; kann nicht deinstalliert werdenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.07.2014, 22:49
| #1 |
| |  Omiga-Plus Spyware Addon gefunden; kann nicht deinstalliert werden Hallo und guten Abend! Ich habe versehentlich von einer unvertrauenswürdigen Website den Adobe Flash Player heruntergeladen. Ergebnis ist, dass nun auf meinem Rechner ein ganzes Paket ungewünschter Programme - darunter das Browseraddon Omiga-Plus - installiert wurde. Omiga-Plus kann ich nicht über die Systemsteuerung deinstallieren (der Versuch führt zum Absturz des Laptops) und ich habe nun eine neue Startseite im Internet Explorer. Ich habe gesehen, dass ein anderer Nutzer dieses Forums dasselbe Problem hatte, und dass eine Lösung gefunden wurde. Im folgenden sind die Logs von defogger und frst. Gmer hat nicht funktioniert. Vielen Dank für das Angebot des Trojaner-Boards! Wenn Sie noch andere Informationen benötigen, lassen Sie mich es wissen. Mit freundlichen Grüßen, Mendel Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:13 on 16/07/2014 (my acer)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by my acer (administrator) on ACER on 16-07-2014 23:30:46
Running from C:\Users\my acer\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Parallel Lines Development, LLC) C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Users\my acer\AppData\Local\pgcchelper\pgcchelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsSoundRecorder_6.3.9600.20280_x64__8wekyb3d8bbwe\soundrec.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [fst_de_91] => [X]
HKLM-x32\...\Run: [t4pc_en_9] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3699949989-3844225254-4292911181-1001\...\Run: [Facebook Update] => C:\Users\my acer\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-10-14] (Facebook Inc.)
HKU\S-1-5-21-3699949989-3844225254-4292911181-1001\...\Run: [DataMgr] => C:\Users\my acer\AppData\Roaming\DataMgr\DataMgr.exe [168824 2013-10-09] (HTTO Group, Ltd.)
HKU\S-1-5-21-3699949989-3844225254-4292911181-1001\...\Run: [OMESupervisor] => C:\Users\my acer\AppData\Local\omesuperv.exe [2239256 2013-12-24] ()
HKU\S-1-5-21-3699949989-3844225254-4292911181-1001\...\Run: [pgcchelper] => C:\Users\my acer\AppData\Local\pgcchelper\pgcchelper.exe [465920 2013-08-21] ()
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [106888 2014-07-16] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [94088 2014-07-16] (Skytech Co., Ltd.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3320133&octid=EB_ORIGINAL_CTID&ISID=7D870992-EE11-4304-BAB1-14DBEFC5C64F&SearchSource=55&CUI=&UM=6&UP=SP65338D9E-5610-48EB-B88F-75DD083D5547&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA566AF1FAD0BCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ddizi.org/izle/44651/ruhumun-aynasi-2-bolum.htm/2#
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4&q={searchTerms}
URLSearchHook: HKLM-x32 - (No Name) - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - No File
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=n10781-211&apn_uid=6303059401224953&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=DE&userid=36a42965-5159-d46d-e09f-8bcf8dc8007c&searchtype=ds&q={searchTerms}&installDate=20/10/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=n10781-211&apn_uid=6303059401224953&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320133&octid=EB_ORIGINAL_CTID&ISID=7D870992-EE11-4304-BAB1-14DBEFC5C64F&SearchSource=58&CUI=&UM=6&UP=SP65338D9E-5610-48EB-B88F-75DD083D5547&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320133&octid=EB_ORIGINAL_CTID&ISID=7D870992-EE11-4304-BAB1-14DBEFC5C64F&SearchSource=58&CUI=&UM=6&UP=SP65338D9E-5610-48EB-B88F-75DD083D5547&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405536104&from=adks&uid=ST500LT012-9WS142_W0V4QXP4XXXXW0V4QXP4&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://pandasecurity.mystart.com/results.php?gen=ms&pr=vmn&id=pandasecuritytb&v=4_1&ent=ch_653&q={searchTerms}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=stnc_14_18&cd=2XzuyEtN2Y1L1QzuyDtBtCyC0DzztB0ByCzzyE0B0EyD0BtDtN0D0Tzu0SzzzytAtN1L2XzutBtFtBtCtFyEtFtCtN1L1Czu1B2Z1G1R1VtCyE1VtCzztN1L1G1B1V1N2Y1L1Qzu2SyE0CzzyC0A0F0DtAtGtByB0D0DtG0CtB0FyDtGtC0D0DzztGyB0EyBtBzy0AtCzyyCzytD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtA0B0D0FtBzyzytG0CzytAtDtG0CzztCtDtGzytB0DyEtGyE0FyCtC0A0DtD0Ezy0DyEtD2Q&cr=2040966159&ir=
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=stnc_14_18&cd=2XzuyEtN2Y1L1QzuyDtBtCyC0DzztB0ByCzzyE0B0EyD0BtDtN0D0Tzu0SzzzytAtN1L2XzutBtFtBtCtFyEtFtCtN1L1Czu1B2Z1G1R1VtCyE1VtCzztN1L1G1B1V1N2Y1L1Qzu2StAtBtAzz0EtCyB0EtGzy0E0A0AtGtD0FyC0DtGtC0A0BtCtGtAyEzztC0F0AtByEtDtCyDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtA0B0D0FtBzyzytG0CzytAtDtG0CzztCtDtGzytB0DyEtGyE0FyCtC0A0DtD0Ezy0DyEtD2Q&cr=677489117&ir=
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {FCF41DD8-57DE-4930-9012-075B25876C4A} URL = hxxp://www.mysearchresults.com/search?c=3527&t=01&q={searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110411411150} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110411411150} -> No File
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: No Name -> {66b103a7-d772-4fcd-ace4-16f79a9056e0} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: No Name -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> No File
BHO-x32: OfferMosquito -> {82B16A3D-F03E-4565-A532-666B219C9A53} -> C:\Users\my acer\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll (Bebo Media Ltd)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
BHO-x32: ytg timer -> {963B125B-8B21-49A2-A3A8-E37092276531} -> C:\Program Files (x86)\youtubegizm\updatebhoWin32.dll (youtubegizmos.com)
BHO-x32: Related Searches -> {96A25A24-2E87-4374-8A50-CC6F943FCE4D} -> C:\Users\my acer\AppData\Roaming\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll (Search Results)
BHO-x32: ygBHO Class -> {ed1e27f0-1bcd-42a4-ad62-7fc21e086e54} -> C:\Program Files (x86)\youtubegizm\jsloader.dll (youtubegizmos.com)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\my acer\AppData\Roaming\defaulttab\defaulttab\Apps\RelatedLinksBHO.dll (Search Results)
Toolbar: HKCU - No Name - {66B103A7-D772-4FCD-ACE4-16F79A9056E0} - No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\youtubegizm\tdataprotocol.dll (youtubegizmos.com)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\youtubegizm\tdataprotocol.dll (youtubegizmos.com)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\youtubegizm\tdataprotocol.dll (youtubegizmos.com)
Tcpip\..\Interfaces\{29C447CB-CF61-4CCB-943F-1B634428EC9E}: [NameServer]141.76.119.1,141.30.66.135
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\my acer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\my acer\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll (Bebo Media Ltd)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-08]
FF HKLM-x32\...\Firefox\Extensions: [seesimilar@SeeSimilar.com] - C:\Users\my acer\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com
FF Extension: SeeSimilar - C:\Users\my acer\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com [2013-10-08]
FF HKLM-x32\...\Firefox\Extensions: [speedtestanalysis@SpeedAnalysis.com] - C:\Users\my acer\AppData\Roaming\Mozilla\Extensions\speedtestanalysis@SpeedAnalysis.com
FF Extension: Speed Test Analysis - C:\Users\my acer\AppData\Roaming\Mozilla\Extensions\speedtestanalysis@SpeedAnalysis.com [2013-10-10]
FF HKLM-x32\...\Firefox\Extensions: [ext@flash-Enhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff
FF HKCU\...\Firefox\Extensions: [seesimilar@SeeSimilar.com] - C:\Users\my acer\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com
FF HKCU\...\Firefox\Extensions: [speedtestanalysis@SpeedAnalysis.com] - C:\Users\my acer\AppData\Roaming\Mozilla\Extensions\speedtestanalysis@SpeedAnalysis.com
Chrome:
=======
CHR HomePage: http:\/\/wisersearch.com\/?channel=de
CHR RestoreOnStartup: "http:\/\/wisersearch.com\/?channel=de"
CHR DefaultSearchKeyword: Search
CHR DefaultSearchProvider: Search
CHR DefaultSearchURL: http:\/\/wisersearch.com\/search.php?channel=de&q={searchTerms}
CHR Extension: (No Name) - C:\Users\my acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\2.0.3_0 [2014-03-14]
CHR Extension: (SaveClicker) - C:\Users\my acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccnkgemejminopfagkoebmlcdldjanck [2014-02-28]
CHR Extension: (OfferMosquito) - C:\Users\my acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2013-10-27]
CHR Extension: (Iminent) - C:\Users\my acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2014-01-18]
CHR Extension: (No Name) - C:\Users\my acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp [2014-01-18]
CHR Extension: (Lyrics for Youtube) - C:\Users\my acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhdoalfjomgiohmljhhfdipjlbejaejm [2013-10-20]
CHR HKCU\...\Chrome\Extension: [gbmdkmlcnbapgegninelmjbfibaghdmk] - C:\Users\my acer\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito\ext_offermosquito.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [jljheddigenhleadfofeccneimcmlefp] - C:\Users\my acer\AppData\Roaming\speedtest4354\speedtest4354.crx [2013-12-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [759688 2014-07-16] (Cherished Technololgy LIMITED)
R2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [45568 2014-01-15] (Parallel Lines Development, LLC) [File not signed]
R2 NewPlayerUpdaterService; C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe [11776 2014-02-25] () [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S3 Workflow Manager Spatial Notification Service; C:\Program Files (x86)\WMX\Desktop10.2\Bin\WMXSpatialNotificationService.exe [23992 2013-07-01] (ESRI)
S2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe run options=01110010010000000000000000000000 sourceguid=1C58550B-3B5C-46C3-B5F5-29DD3158EC0B [X]
==================== Drivers (Whitelisted) ====================
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}w64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}w64.sys [61016 2014-06-09] (StdLib)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]
U3 ugldrpob; \??\C:\Users\MYACER~1\AppData\Local\Temp\ugldrpob.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-16 23:29 - 2014-07-16 23:30 - 00022019 _____ () C:\Users\my acer\Desktop\FRST.txt
2014-07-16 23:28 - 2014-07-16 23:28 - 02086912 _____ (Farbar) C:\Users\my acer\Desktop\FRST64.exe
2014-07-16 23:15 - 2014-07-16 23:30 - 00000000 ____D () C:\FRST
2014-07-16 23:13 - 2014-07-16 23:13 - 00000000 _____ () C:\Users\my acer\defogger_reenable
2014-07-16 23:12 - 2014-07-16 23:13 - 00000476 _____ () C:\Users\my acer\Desktop\defogger_disable.log
2014-07-16 23:12 - 2014-07-16 23:12 - 00050477 _____ () C:\Users\my acer\Desktop\Defogger.exe
2014-07-16 22:09 - 2014-07-16 22:09 - 00284480 _____ () C:\WINDOWS\Minidump\071614-19421-01.dmp
2014-07-16 21:19 - 2014-07-16 21:19 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-16 21:17 - 2014-07-16 21:17 - 00000000 ____D () C:\ProgramData\374311380
2014-07-16 21:14 - 2014-07-16 22:04 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-07-16 21:14 - 2014-07-16 21:14 - 00000000 ____D () C:\Users\my acer\AppData\Local\pgcchelper
2014-07-16 20:58 - 2014-07-16 20:58 - 00003150 _____ () C:\WINDOWS\System32\Tasks\{58AFA535-552E-4B9D-BA80-9313B48E4C9B}
2014-07-16 20:42 - 2014-07-16 20:58 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-16 20:42 - 2014-07-16 20:42 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-16 20:42 - 2014-07-16 20:42 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-16 20:41 - 2014-07-16 21:40 - 00000000 ____D () C:\Users\my acer\AppData\Roaming\omiga-plus
2014-07-16 15:32 - 2014-07-16 15:32 - 00000165 ____H () C:\Users\my acer\Desktop\~$meine Auswertung.xlsx
2014-07-15 18:47 - 2014-07-15 18:47 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-07-15 18:46 - 2014-07-15 18:46 - 00000000 ____D () C:\Program Files\Realtek
2014-07-15 18:46 - 2013-09-03 17:56 - 03630168 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2014-07-15 18:46 - 2013-09-03 09:06 - 00642925 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-07-15 18:46 - 2013-08-30 08:46 - 02586328 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2014-07-15 18:46 - 2013-08-27 11:07 - 05680680 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2014-07-15 18:46 - 2013-08-20 14:17 - 02809048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2014-07-15 18:46 - 2013-08-06 03:47 - 00947248 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2014-07-15 18:46 - 2013-08-02 14:16 - 01005784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2014-07-15 18:46 - 2013-07-26 08:05 - 00617176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2014-07-15 18:46 - 2013-07-23 09:40 - 02103040 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2014-07-15 18:46 - 2013-04-24 11:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2014-07-15 18:46 - 2013-02-20 12:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2014-07-15 18:46 - 2012-11-14 05:41 - 00378000 _____ (Realtek Semiconductor) C:\WINDOWS\system32\RtkGuiCompLib.dll
2014-07-15 18:46 - 2011-12-20 09:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2014-07-15 18:46 - 2011-11-22 10:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2014-07-15 18:46 - 2011-09-02 08:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2014-07-15 18:46 - 2011-09-02 08:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2014-07-15 18:46 - 2011-09-02 08:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2014-07-15 18:46 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2014-07-15 18:46 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2014-07-15 18:46 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2014-07-15 18:46 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2014-07-15 18:46 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2014-07-15 18:46 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2014-07-15 18:46 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2014-07-15 18:46 - 2010-07-22 10:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2014-07-15 18:46 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2014-07-15 18:46 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2014-07-15 18:46 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2014-07-15 18:46 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2014-07-15 18:45 - 2013-09-03 17:00 - 32766976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2014-07-15 18:45 - 2013-09-03 14:16 - 00148184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2014-07-15 18:45 - 2013-08-14 10:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2014-07-15 18:45 - 2013-08-14 10:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2014-07-15 18:45 - 2013-08-07 11:41 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2014-07-15 18:45 - 2013-08-05 22:56 - 06219096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2014-07-15 18:45 - 2013-08-05 22:56 - 01908568 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2014-07-15 18:45 - 2013-08-05 22:56 - 00312152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2014-07-15 18:45 - 2013-08-05 22:56 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2014-07-15 18:45 - 2013-08-05 12:11 - 02743328 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2014-07-15 18:45 - 2013-07-24 04:07 - 02032896 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2014-07-15 18:45 - 2013-07-23 09:39 - 14048512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2014-07-15 18:45 - 2013-07-23 09:39 - 01916672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2014-07-15 18:45 - 2013-07-23 09:39 - 00922880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-07-15 18:45 - 2013-06-05 15:42 - 00208072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2014-07-15 18:45 - 2012-08-31 13:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2014-07-15 18:45 - 2012-08-31 13:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2014-07-15 18:45 - 2012-08-31 13:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2014-07-15 18:45 - 2012-08-31 13:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2014-07-15 18:45 - 2012-08-31 13:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2014-07-15 18:45 - 2012-03-08 05:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2014-07-15 18:45 - 2011-05-31 03:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2014-07-15 18:45 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2014-07-15 11:54 - 2014-07-15 11:54 - 00010500 _____ () C:\Users\my acer\Desktop\wegbaukosten.xlsx
2014-07-14 14:10 - 2014-07-15 20:50 - 00014021 _____ () C:\Users\my acer\Desktop\meine Auswertung.xlsx
2014-07-14 01:27 - 2014-07-14 01:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-07-12 13:05 - 2014-07-12 13:06 - 00724672 _____ () C:\Users\my acer\Downloads\setup.exe
2014-07-11 23:11 - 2014-07-16 22:52 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-11 23:11 - 2014-07-11 23:11 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-10 17:54 - 2014-06-26 22:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-10 17:54 - 2014-06-26 22:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 16:37 - 2014-07-10 16:37 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-10 14:45 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-10 14:11 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-10 14:11 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-10 14:11 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-10 12:09 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-10 12:09 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-10 12:09 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-10 12:08 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-10 12:08 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-10 12:08 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-10 12:08 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-10 12:08 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-10 12:08 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-10 12:08 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-10 12:08 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-10 12:08 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-10 12:08 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-10 12:08 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-10 12:08 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-10 12:08 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-10 12:08 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-10 12:08 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-10 12:08 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-10 12:08 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-10 12:08 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-10 12:08 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-10 12:08 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-10 12:08 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-10 12:08 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-10 12:08 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-10 12:08 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-10 12:08 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-10 12:08 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-10 12:08 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-10 12:08 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-10 12:08 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-10 12:08 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-10 12:08 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-10 12:08 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-10 12:08 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-10 12:08 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-10 12:07 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-10 12:07 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 12:07 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 12:07 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-10 12:07 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-10 12:07 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-10 12:06 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-10 12:06 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-10 12:06 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-10 12:06 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-10 12:06 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-10 12:06 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-10 12:06 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-10 12:06 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-10 12:06 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-10 00:52 - 2014-07-10 00:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-10 00:52 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-10 00:52 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 23:00 - 2014-07-09 23:00 - 01010424 _____ () C:\Users\my acer\Downloads\setup (3).exe
2014-07-09 22:59 - 2014-07-09 23:00 - 01010424 _____ () C:\Users\my acer\Downloads\setup (2).exe
2014-07-09 01:15 - 2014-07-16 15:07 - 00000000 ____D () C:\Users\my acer\Desktop\Covernance
2014-07-09 00:36 - 2014-07-09 00:36 - 00000000 ____D () C:\Users\my acer\AppData\Local\Chromium
2014-07-09 00:36 - 2014-07-09 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2014-07-09 00:36 - 2014-07-09 00:36 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron
2014-07-08 11:32 - 2014-07-08 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeProMo WSL
2014-07-08 11:32 - 2014-07-08 11:30 - 00724992 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2014-07-08 11:31 - 2014-07-08 11:34 - 00000000 ____D () C:\Program Files (x86)\HeProMo WSL
2014-06-30 17:04 - 2014-06-30 17:04 - 00000000 ____H () C:\Users\my acer\Documents\Default.rdp
2014-06-22 22:19 - 2014-06-22 22:19 - 00000000 ____D () C:\Users\my acer\AppData\Roaming\Thunderbird
2014-06-22 22:19 - 2014-06-22 22:19 - 00000000 ____D () C:\Users\my acer\AppData\Local\Thunderbird
2014-06-20 23:35 - 2014-06-20 23:35 - 00001872 _____ () C:\Users\my acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-06-17 21:51 - 2014-06-22 15:07 - 00000000 ____D () C:\Users\my acer\Desktop\Ökonomie
==================== One Month Modified Files and Folders =======
2014-07-16 23:30 - 2014-07-16 23:29 - 00022019 _____ () C:\Users\my acer\Desktop\FRST.txt
2014-07-16 23:30 - 2014-07-16 23:15 - 00000000 ____D () C:\FRST
2014-07-16 23:28 - 2014-07-16 23:28 - 02086912 _____ (Farbar) C:\Users\my acer\Desktop\FRST64.exe
2014-07-16 23:27 - 2014-03-31 17:11 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-16 23:23 - 2013-11-24 17:42 - 00000000 ____D () C:\Users\my acer\AppData\Local\CrashDumps
2014-07-16 23:17 - 2014-02-28 17:27 - 00000364 _____ () C:\WINDOWS\Tasks\AmiUpdXp.job
2014-07-16 23:13 - 2014-07-16 23:13 - 00000000 _____ () C:\Users\my acer\defogger_reenable
2014-07-16 23:13 - 2014-07-16 23:12 - 00000476 _____ () C:\Users\my acer\Desktop\defogger_disable.log
2014-07-16 23:13 - 2013-12-17 18:14 - 00000000 ____D () C:\Users\my acer
2014-07-16 23:12 - 2014-07-16 23:12 - 00050477 _____ () C:\Users\my acer\Desktop\Defogger.exe
2014-07-16 23:12 - 2013-12-17 18:27 - 01154712 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-16 23:05 - 2013-10-02 07:49 - 00000000 __SHD () C:\Recovery
2014-07-16 23:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-16 22:57 - 2014-03-16 14:49 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3699949989-3844225254-4292911181-1001
2014-07-16 22:52 - 2014-07-11 23:11 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-16 22:52 - 2014-03-31 17:11 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-16 22:52 - 2013-12-17 18:35 - 00000000 __RDO () C:\Users\my acer\SkyDrive
2014-07-16 22:51 - 2014-06-09 04:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-16 22:51 - 2013-11-14 00:18 - 00475196 _____ () C:\WINDOWS\PFRO.log
2014-07-16 22:51 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-16 22:51 - 2013-08-22 15:25 - 10223616 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-16 22:09 - 2014-07-16 22:09 - 00284480 _____ () C:\WINDOWS\Minidump\071614-19421-01.dmp
2014-07-16 22:09 - 2014-01-20 01:50 - 349828386 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-16 22:09 - 2014-01-20 01:50 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-16 22:04 - 2014-07-16 21:14 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-07-16 21:40 - 2014-07-16 20:41 - 00000000 ____D () C:\Users\my acer\AppData\Roaming\omiga-plus
2014-07-16 21:19 - 2014-07-16 21:19 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-16 21:17 - 2014-07-16 21:17 - 00000000 ____D () C:\ProgramData\374311380
2014-07-16 21:17 - 2014-02-19 23:44 - 00000000 ____D () C:\Users\my acer\AppData\Roaming\systweak
2014-07-16 21:14 - 2014-07-16 21:14 - 00000000 ____D () C:\Users\my acer\AppData\Local\pgcchelper
2014-07-16 20:58 - 2014-07-16 20:58 - 00003150 _____ () C:\WINDOWS\System32\Tasks\{58AFA535-552E-4B9D-BA80-9313B48E4C9B}
2014-07-16 20:58 - 2014-07-16 20:42 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-16 20:42 - 2014-07-16 20:42 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-16 20:42 - 2014-07-16 20:42 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-16 20:41 - 2013-12-17 18:32 - 00001670 _____ () C:\Users\my acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-16 20:03 - 2014-05-05 16:33 - 00000000 ____D () C:\Users\my acer\Desktop\Kommunikation-Gruppenarbeit
2014-07-16 19:54 - 2013-10-03 17:20 - 00000000 ____D () C:\Users\my acer\AppData\Local\Packages
2014-07-16 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-16 15:32 - 2014-07-16 15:32 - 00000165 ____H () C:\Users\my acer\Desktop\~$meine Auswertung.xlsx
2014-07-16 15:07 - 2014-07-09 01:15 - 00000000 ____D () C:\Users\my acer\Desktop\Covernance
2014-07-15 20:50 - 2014-07-14 14:10 - 00014021 _____ () C:\Users\my acer\Desktop\meine Auswertung.xlsx
2014-07-15 18:48 - 2013-10-20 17:06 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-07-15 18:47 - 2014-07-15 18:47 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-07-15 18:47 - 2013-08-22 16:46 - 00314827 _____ () C:\WINDOWS\setupact.log
2014-07-15 18:46 - 2014-07-15 18:46 - 00000000 ____D () C:\Program Files\Realtek
2014-07-15 17:40 - 2014-05-04 04:02 - 00000000 ____D () C:\Users\my acer\Desktop\Präzise
2014-07-15 14:12 - 2013-11-14 09:26 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-15 14:12 - 2013-11-14 09:11 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-15 14:12 - 2013-11-14 09:11 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-15 11:54 - 2014-07-15 11:54 - 00010500 _____ () C:\Users\my acer\Desktop\wegbaukosten.xlsx
2014-07-14 01:31 - 2014-07-14 01:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-07-12 13:06 - 2014-07-12 13:05 - 00724672 _____ () C:\Users\my acer\Downloads\setup.exe
2014-07-12 02:33 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-12 02:09 - 2014-03-10 17:34 - 00000000 ____D () C:\Users\my acer\Desktop\bwr
2014-07-12 01:57 - 2014-05-15 00:10 - 00000000 ____D () C:\Users\my acer\Desktop\Prophylaxe und Umweltbelastungen
2014-07-12 01:49 - 2014-01-30 17:35 - 00000000 ____D () C:\Users\my acer\Desktop\Materarbeit
2014-07-11 23:11 - 2014-07-11 23:11 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-11 22:42 - 2013-10-06 21:36 - 00000000 ____D () C:\Users\my acer\Documents\setups
2014-07-11 11:12 - 2013-10-05 10:26 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-11 11:10 - 2013-10-05 10:26 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-10 17:53 - 2013-08-22 16:44 - 00560840 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-10 16:37 - 2014-07-10 16:37 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-10 16:37 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 16:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 16:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 16:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 16:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-10 14:48 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-10 14:45 - 2014-03-12 22:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 00:52 - 2014-07-10 00:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 23:00 - 2014-07-09 23:00 - 01010424 _____ () C:\Users\my acer\Downloads\setup (3).exe
2014-07-09 23:00 - 2014-07-09 22:59 - 01010424 _____ () C:\Users\my acer\Downloads\setup (2).exe
2014-07-09 00:36 - 2014-07-09 00:36 - 00000000 ____D () C:\Users\my acer\AppData\Local\Chromium
2014-07-09 00:36 - 2014-07-09 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2014-07-09 00:36 - 2014-07-09 00:36 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron
2014-07-08 11:34 - 2014-07-08 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeProMo WSL
2014-07-08 11:34 - 2014-07-08 11:31 - 00000000 ____D () C:\Program Files (x86)\HeProMo WSL
2014-07-08 11:30 - 2014-07-08 11:32 - 00724992 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2014-07-07 18:10 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-01 14:42 - 2014-05-02 01:44 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EB91649A-5E91-4A5C-B40A-84C10C1C038E}
2014-07-01 00:45 - 2014-07-10 14:11 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-30 17:34 - 2013-12-29 22:23 - 00020320 _____ (System Speedup) C:\WINDOWS\system32\roboot64.exe
2014-06-30 17:04 - 2014-06-30 17:04 - 00000000 ____H () C:\Users\my acer\Documents\Default.rdp
2014-06-28 09:48 - 2014-07-10 14:11 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 09:07 - 2014-07-10 14:11 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 22:55 - 2014-07-10 17:54 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:55 - 2014-07-10 17:54 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 16:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-23 15:06 - 2014-06-11 15:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-06-23 15:06 - 2014-02-06 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-23 15:06 - 2013-10-04 12:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-23 03:22 - 2014-03-31 17:11 - 00004100 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-23 03:22 - 2014-03-31 17:11 - 00003864 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-22 22:19 - 2014-06-22 22:19 - 00000000 ____D () C:\Users\my acer\AppData\Roaming\Thunderbird
2014-06-22 22:19 - 2014-06-22 22:19 - 00000000 ____D () C:\Users\my acer\AppData\Local\Thunderbird
2014-06-22 15:07 - 2014-06-17 21:51 - 00000000 ____D () C:\Users\my acer\Desktop\Ökonomie
2014-06-20 23:35 - 2014-06-20 23:35 - 00001872 _____ () C:\Users\my acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-06-19 03:39 - 2014-07-10 12:08 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-19 02:48 - 2014-07-10 12:08 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-19 02:16 - 2014-07-10 12:08 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-19 02:09 - 2014-07-10 12:08 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-19 01:51 - 2014-07-10 12:08 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-10 12:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-10 12:08 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-19 01:46 - 2014-07-10 12:08 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-19 01:39 - 2014-07-10 12:08 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-19 01:33 - 2014-07-10 12:08 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-10 12:08 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-19 01:27 - 2014-07-10 12:08 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-19 01:12 - 2014-07-10 12:08 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-19 00:59 - 2014-07-10 12:08 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-10 12:08 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-19 00:58 - 2014-07-10 12:08 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-19 00:57 - 2014-07-10 12:08 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-19 00:52 - 2014-07-10 12:08 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-10 12:08 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-10 12:08 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-19 00:45 - 2014-07-10 12:08 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-10 12:08 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-10 12:08 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-10 12:08 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-10 12:08 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-10 12:08 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-10 12:08 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-17 00:26 - 2014-07-10 12:09 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-17 00:24 - 2014-07-10 12:09 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3460.dll
Some content of TEMP:
====================
C:\Users\my acer\AppData\Local\Temp\18be6784_.exe
C:\Users\my acer\AppData\Local\Temp\294823_.exe
C:\Users\my acer\AppData\Local\Temp\Adobe Flash Player.exe
C:\Users\my acer\AppData\Local\Temp\air6961.exe
C:\Users\my acer\AppData\Local\Temp\air7C8F.exe
C:\Users\my acer\AppData\Local\Temp\airB3CC.exe
C:\Users\my acer\AppData\Local\Temp\airE29F.exe
C:\Users\my acer\AppData\Local\Temp\avast_free_antivirus_setup_online.exe
C:\Users\my acer\AppData\Local\Temp\avira_pc_cleaner_de.exe
C:\Users\my acer\AppData\Local\Temp\B3CD_SoftwareUpdaterSetupC.exe
C:\Users\my acer\AppData\Local\Temp\BackupSetup.exe
C:\Users\my acer\AppData\Local\Temp\BullGuard Antivirus Setup.exe
C:\Users\my acer\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\my acer\AppData\Local\Temp\CloudBackup553.exe
C:\Users\my acer\AppData\Local\Temp\CoordBasics10_0.exe
C:\Users\my acer\AppData\Local\Temp\CrossfireLoader.exe
C:\Users\my acer\AppData\Local\Temp\Delta.exe
C:\Users\my acer\AppData\Local\Temp\DeltaTB.exe
C:\Users\my acer\AppData\Local\Temp\dlLogic.exe
C:\Users\my acer\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\my acer\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\my acer\AppData\Local\Temp\DRHelper_uninstallComplete.exe
C:\Users\my acer\AppData\Local\Temp\EnableExtDll.dll
C:\Users\my acer\AppData\Local\Temp\expertpdf_v4_softonic_deu.exe
C:\Users\my acer\AppData\Local\Temp\f.exe
C:\Users\my acer\AppData\Local\Temp\FlashPlayer__4587_i221267087_il128.exe
C:\Users\my acer\AppData\Local\Temp\FlashPlayer__4587_i221278359_il128.exe
C:\Users\my acer\AppData\Local\Temp\FoxySecuritySetup.exe
C:\Users\my acer\AppData\Local\Temp\FoxySecuritySetup[1].exe
C:\Users\my acer\AppData\Local\Temp\free-pdf-perfect_1.0_de-DE.exe
C:\Users\my acer\AppData\Local\Temp\HWVendorDetection(1).exe
C:\Users\my acer\AppData\Local\Temp\HWVendorDetection.exe
C:\Users\my acer\AppData\Local\Temp\ICReinstall_adobe-flash-player_setup.exe
C:\Users\my acer\AppData\Local\Temp\ICReinstall_superbike-racers-downloader.exe
C:\Users\my acer\AppData\Local\Temp\IEHistory.exe
C:\Users\my acer\AppData\Local\Temp\iLividSetup-r400-n-bc.exe
C:\Users\my acer\AppData\Local\Temp\Iminent.exe
C:\Users\my acer\AppData\Local\Temp\InstalledPrograms.exe
C:\Users\my acer\AppData\Local\Temp\install_helper.exe
C:\Users\my acer\AppData\Local\Temp\Java.exe
C:\Users\my acer\AppData\Local\Temp\MybabylonTB.exe
C:\Users\my acer\AppData\Local\Temp\nceobazluyzkmw.exe
C:\Users\my acer\AppData\Local\Temp\nitro_reader3.exe
C:\Users\my acer\AppData\Local\Temp\nsbE3B3.exe
C:\Users\my acer\AppData\Local\Temp\nscC660.exe
C:\Users\my acer\AppData\Local\Temp\nsfD4A5.exe
C:\Users\my acer\AppData\Local\Temp\nsg6FB1.exe
C:\Users\my acer\AppData\Local\Temp\nsk5B68.exe
C:\Users\my acer\AppData\Local\Temp\nskF69A.exe
C:\Users\my acer\AppData\Local\Temp\nsm4F4C.exe
C:\Users\my acer\AppData\Local\Temp\nsm7850.exe
C:\Users\my acer\AppData\Local\Temp\nsoA308.exe
C:\Users\my acer\AppData\Local\Temp\nsqB9A8.exe
C:\Users\my acer\AppData\Local\Temp\nssF4F0.exe
C:\Users\my acer\AppData\Local\Temp\nstFD31.exe
C:\Users\my acer\AppData\Local\Temp\nsv1258.exe
C:\Users\my acer\AppData\Local\Temp\nsv5570.exe
C:\Users\my acer\AppData\Local\Temp\nsyD3EE.exe
C:\Users\my acer\AppData\Local\Temp\nsz6AFD.exe
C:\Users\my acer\AppData\Local\Temp\Opera_19.0.1326.63_Campaign_21_Setup.exe
C:\Users\my acer\AppData\Local\Temp\OptimizerPro.exe
C:\Users\my acer\AppData\Local\Temp\OptimizerPro[1].exe
C:\Users\my acer\AppData\Local\Temp\optprosetup.exe
C:\Users\my acer\AppData\Local\Temp\Player-Chrome.exe
C:\Users\my acer\AppData\Local\Temp\PreExe_ID_13296.exe
C:\Users\my acer\AppData\Local\Temp\PreExe_ID_13667.exe
C:\Users\my acer\AppData\Local\Temp\python-3-3-2.exe
C:\Users\my acer\AppData\Local\Temp\python-332-Downloader.exe
C:\Users\my acer\AppData\Local\Temp\rdm.exe
C:\Users\my acer\AppData\Local\Temp\RegClean7.exe
C:\Users\my acer\AppData\Local\Temp\SBKX_Demo_Setup.exe
C:\Users\my acer\AppData\Local\Temp\Setup__4185_i273889708_il10.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_alarm-fur-cobra-11.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_cdburnerxp-pro-64-bit.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_dvd-shrink.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_expert-pdf.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_flightgear.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_free-avi-video-converter.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_microsoft-flight-simulator-x.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_nitro-pdf-reader.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_pdf-xchange-viewer.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_youtube-downloader-hd-portable.exe
C:\Users\my acer\AppData\Local\Temp\SoftonicDownloader_fuer_ytd-video-downloader.exe
C:\Users\my acer\AppData\Local\Temp\Softonic_chr_1-8-29-3_cn.exe
C:\Users\my acer\AppData\Local\Temp\Softonic_chr_1-8-29-3_cn[1].exe
C:\Users\my acer\AppData\Local\Temp\SpeedAnalysisSetup.exe
C:\Users\my acer\AppData\Local\Temp\SpeedAnalysisSetup[1].exe
C:\Users\my acer\AppData\Local\Temp\speedupmypc.exe
C:\Users\my acer\AppData\Local\Temp\spstub.exe
C:\Users\my acer\AppData\Local\Temp\superbike-racers-downloader(1).exe
C:\Users\my acer\AppData\Local\Temp\superbike-racers-downloader.exe
C:\Users\my acer\AppData\Local\Temp\UnityWebPlayer(1).exe
C:\Users\my acer\AppData\Local\Temp\UnityWebPlayer(2).exe
C:\Users\my acer\AppData\Local\Temp\UnityWebPlayer(3).exe
C:\Users\my acer\AppData\Local\Temp\UnityWebPlayer(4).exe
C:\Users\my acer\AppData\Local\Temp\UnityWebPlayer.exe
C:\Users\my acer\AppData\Local\Temp\vcredist_x86.exe
C:\Users\my acer\AppData\Local\Temp\WarfaceLoader.exe
C:\Users\my acer\AppData\Local\Temp\wsl_produktivitaetsmodell_mobilseilkran.exe
C:\Users\my acer\AppData\Local\Temp\WSSetup.exe
C:\Users\my acer\AppData\Local\Temp\X16-33163.exe
C:\Users\my acer\AppData\Local\Temp\ZuneSetupPkg.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-16 19:59
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by my acer at 2014-07-16 23:31:33
Running from C:\Users\my acer\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 10 Plugin 64-bit (HKLM\...\Adobe Flash Player Plugin 64) (Version: 10.2.161.23 - Adobe Systems Incorporated)
ArcGIS 10.2 for Desktop (HKLM-x32\...\ArcGIS 10.2 for Desktop) (Version: 10.2.3348 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2 for Desktop (x32 Version: 10.2.3348 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.2 Workflow Manager for Desktop (HKLM-x32\...\{AC9A8AAC-D253-4BE9-AD30-1894895CB399}) (Version: 10.2.3348 - Environmental Systems Research Institute, Inc.)
Bandizip (HKCU\...\Bandizip) (Version: 3.08 - Bandisoft.com)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HeProMo WSL 1.01 (HKLM-x32\...\WSL_HeProMod_0.1) (Version: - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access 2007 (HKLM-x32\...\Access) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: - )
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
omiga-plus uninstall (HKLM-x32\...\omiga-plus uninstall) (Version: - omiga-plus)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.1 - Tracker Software Products Ltd)
pgcchelper (HKCU\...\pgcchelper) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7032 - Realtek Semiconductor Corp.)
SBK®X Superbike World Championship Demo (HKLM-x32\...\{2C138BE1-1110-4F05-890F-C4613B44CF2D}) (Version: 1.00.0000 - Black Bean Games)
SBK®X Superbike World Championship Demo (x32 Version: 1.00.0000 - Black Bean Games) Hidden
SRWare Iron Version SRWare Iron 35.0.1900.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 35.0.1900.0 - SRWare)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_Access_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_Access_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_Access_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_Access_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
==================== Restore Points =========================
01-07-2014 21:31:37 Geplanter Prüfpunkt
10-07-2014 12:16:50 Windows Update
16-07-2014 20:48:51 avast! antivirus system restore point
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {093452A3-03F5-4128-9A31-DC23D3008562} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C7FB2B2-4B42-4105-A385-3C39B82E85E7} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {13416774-A440-49A6-9074-1EA22DCF2437} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3699949989-3844225254-4292911181-1001
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {25144AD5-E958-4A00-BB9E-312A7000E7B1} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31CAB11B-CF24-4157-BC74-48CDB2360BA2} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3B729BE0-1F46-464F-8D94-58D4CA0FF936} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA2B110-8C22-429B-831C-BF0DD94436CD} - \1ClickMovieDownloader V6-chromeinstaller No Task File <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F0AE9CD-0418-4DD1-9347-924C48FB79F0} - \Maxthon Update No Task File <==== ATTENTION
Task: {700FAF72-69CF-45D9-B574-F677E155D322} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11] (Adobe Systems Incorporated)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AB045770-D2F5-431A-843C-F14716224409} - \AmiUpdXp No Task File <==== ATTENTION
Task: {B647E078-5904-4698-9E7D-FD5B57851990} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Task: {CFA99838-3FC1-4439-9AFD-4DA47E366B05} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-11] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D2D49890-83F2-40B8-954E-61A773710FE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06] (Google Inc.)
Task: {D8225CEE-1B13-44A5-9293-DFB7F74A57C2} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F2753E6F-41BB-4E3D-B709-982E6F421B8A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\my acer\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-02-25 17:00 - 2014-02-25 17:00 - 00011776 _____ () C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-08-21 08:37 - 2013-08-21 08:37 - 00465920 _____ () C:\Users\my acer\AppData\Local\pgcchelper\pgcchelper.exe
2014-05-01 19:22 - 2014-05-01 19:22 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\aff3455c2babb61a57f50a484284a7a2\PSIClient.ni.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\my acer\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "mobilegeni daemon"
HKCU\...\StartupApproved\Run: => "Facebook Update"
HKCU\...\StartupApproved\Run: => "Intermediate"
HKCU\...\StartupApproved\Run: => "SSync"
HKCU\...\StartupApproved\Run: => "SCheck"
HKCU\...\StartupApproved\Run: => "Snoozer"
HKCU\...\StartupApproved\Run: => "NextLive"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/16/2014 11:23:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x1058
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5
Error: (07/16/2014 11:23:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x12b4
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5
Error: (07/16/2014 10:49:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (07/16/2014 07:50:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm PlayerRT.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1618
Startzeit: 01cfa11e6712eeb8
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\9FD20106.MediaPlayer_1.1.1.216_x64__nwhm06f2kfry2\PlayerRT.exe
Berichts-ID: ae6a6d72-0d11-11e4-beb7-089e0176b6cb
Vollständiger Name des fehlerhaften Pakets: 9FD20106.MediaPlayer_1.1.1.216_x64__nwhm06f2kfry2
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (07/16/2014 07:50:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: ACER)
Description: Die App „9FD20106.MediaPlayer_1.1.1.216_x64__nwhm06f2kfry2+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (07/16/2014 01:44:15 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/14/2014 08:24:16 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/14/2014 01:37:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Maxthon.exe, Version 4.4.1.2000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1460
Startzeit: 01cf9f57d0fa06fa
Endzeit: 13
Anwendungspfad: C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
Berichts-ID: 3f52ad7f-0b4b-11e4-beb4-089e0176b6cb
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/14/2014 02:26:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rundll32.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 117c
Startzeit: 01cf9efa18aee398
Endzeit: 15
Anwendungspfad: C:\WINDOWS\System32\rundll32.exe
Berichts-ID: 705300f7-0aed-11e4-beb2-2016d82b684b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/13/2014 10:05:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
System errors:
=============
Error: (07/16/2014 11:21:15 PM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Acermy acerS-1-5-21-3699949989-3844225254-4292911181-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/16/2014 11:21:15 PM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Acermy acerS-1-5-21-3699949989-3844225254-4292911181-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/16/2014 11:18:37 PM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Acermy acerS-1-5-21-3699949989-3844225254-4292911181-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/16/2014 11:18:19 PM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Acermy acerS-1-5-21-3699949989-3844225254-4292911181-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/16/2014 11:18:13 PM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Acermy acerS-1-5-21-3699949989-3844225254-4292911181-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/16/2014 11:18:11 PM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Acermy acerS-1-5-21-3699949989-3844225254-4292911181-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/16/2014 11:17:53 PM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Acermy acerS-1-5-21-3699949989-3844225254-4292911181-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/16/2014 11:17:51 PM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Acermy acerS-1-5-21-3699949989-3844225254-4292911181-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/16/2014 11:17:49 PM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Acermy acerS-1-5-21-3699949989-3844225254-4292911181-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/16/2014 11:16:50 PM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Acermy acerS-1-5-21-3699949989-3844225254-4292911181-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-07-16 22:27:45.242
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-16 22:27:45.123
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-16 22:27:44.994
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-16 22:27:44.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-16 22:27:44.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-16 22:27:44.632
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-16 22:27:44.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-16 22:27:44.391
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-16 22:27:44.272
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-16 22:27:44.150
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Percentage of memory in use: 49%
Total physical RAM: 3931.36 MB
Available physical RAM: 1994.99 MB
Total Pagefile: 7899.36 MB
Available Pagefile: 5847.64 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:450.16 GB) (Free:367.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E1CA5076)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 19 GB) (Disk ID: 753853D4)
Partition 1: (Not Active) - (Size=4 GB) - (Type=84)
Partition 2: (Not Active) - (Size=15 GB) - (Type=73)
==================== End Of Log ============================
|
|
16.07.2014, 23:22
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Omiga-Plus Spyware Addon gefunden; kann nicht deinstalliert werden Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Bitte lade Dir zoek.exe von hier: http://hijackthis.nl/smeenk/
Schritt 3   Bitte starte FRST erneut, und drücke auf Scan. Bitte poste mir den Inhalt des Logs.
__________________ |
|
| Themen zu Omiga-Plus Spyware Addon gefunden; kann nicht deinstalliert werden |
| absturz, adobe, avast, avira, converter, defender, email, error, excel, flash player, focus, homepage, icreinstall, installation, internet, mozilla, omiga-plus, port, problem, realtek, registry, rundll, scan, services.exe, software, spyware, svchost.exe, tracker, vcredist, windows, windowsapps |
Linear-Darstellung
