| |
| |||||||
Log-Analyse und Auswertung: Rollaround müllt den PC mit Werbung zuWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
08.03.2015, 16:18
| #1 |
| |  Rollaround müllt den PC mit Werbung zu seit heute habe ich den rollaround trojaner und er müllt mir das notebook zu. ich kann überhaupt nichts mehr öffnen. ständig erscheinen irgendwelche werbebanner. ich hab mir auf der chip-seite cdex und audacity heruntergeladen und danach war dieser müll auf meinem rechner  ich hoffe ihr könnt mir irgendwie helfen? danke schon mal LG mooni hier nun die frst.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 01
Ran by iris (administrator) on ACER on 08-03-2015 15:47:44
Running from C:\Users\iris\Downloads
Loaded Profiles: iris (Available profiles: iris)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\iris\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\iris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-2723542903-286362930-262935172-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-2723542903-286362930-262935172-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2723542903-286362930-262935172-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1300288 2015-03-02] (Lavasoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\iris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\iris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2723542903-286362930-262935172-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net
HKU\S-1-5-21-2723542903-286362930-262935172-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> DefaultScope {413A4388-D8CF-46AE-8B79-AB1102A27FC2} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {413A4388-D8CF-46AE-8B79-AB1102A27FC2} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2723542903-286362930-262935172-1001 -> DefaultScope {A10C8EE6-AF93-11E4-8267-201A06E2D714} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2723542903-286362930-262935172-1001 -> {413A4388-D8CF-46AE-8B79-AB1102A27FC2} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2723542903-286362930-262935172-1001 -> {A10C8EE6-AF93-11E4-8267-201A06E2D714} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-05-27] (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Roll Around -> {83c0e288-8fa0-43d3-acc7-c1e839d85abc} -> C:\Program Files (x86)\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll [2015-03-08] ()
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-06-23] (DVDVideoSoft Ltd.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-04-25] (McAfee, Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\SysWOW64\LavasoftTcpService.dll [325944] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [372248] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [372248] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [372248] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [372248] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [372248] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\iris\AppData\Roaming\Mozilla\Firefox\Profiles\qy138dug.default
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Websuche
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://de.msn.com/
FF Keyword.URL: hxxp://www.startseite24.net/?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-08] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF user.js: detected! => C:\Users\iris\AppData\Roaming\Mozilla\Firefox\Profiles\qy138dug.default\user.js [2015-03-08]
FF SearchPlugin: C:\Users\iris\AppData\Roaming\Mozilla\Firefox\Profiles\qy138dug.default\searchplugins\google-images.xml [2014-12-31]
FF SearchPlugin: C:\Users\iris\AppData\Roaming\Mozilla\Firefox\Profiles\qy138dug.default\searchplugins\google-maps.xml [2014-12-31]
FF SearchPlugin: C:\Users\iris\AppData\Roaming\Mozilla\Firefox\Profiles\qy138dug.default\searchplugins\search_engine_trovi.xml [2014-12-07]
FF SearchPlugin: C:\Users\iris\AppData\Roaming\Mozilla\Firefox\Profiles\qy138dug.default\searchplugins\Web Search.xml [2015-02-08]
FF SearchPlugin: C:\Users\iris\AppData\Roaming\Mozilla\Firefox\Profiles\qy138dug.default\searchplugins\zonealarm.xml [2014-11-16]
FF Extension: Avira Browser Safety - C:\Users\iris\AppData\Roaming\Mozilla\Firefox\Profiles\qy138dug.default\Extensions\abs@avira.com [2015-02-08]
FF Extension: zonealarm.com - C:\Users\iris\AppData\Roaming\Mozilla\Firefox\Profiles\qy138dug.default\Extensions\ffxtlbr@zonealarm.com [2014-11-16]
FF Extension: Roll Around - C:\Users\iris\AppData\Roaming\Mozilla\Firefox\Profiles\qy138dug.default\Extensions\{120d139c-badc-425d-b697-9b0ae489425e}.xpi [2015-03-08]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-03-11]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-03-11]
FF HKU\S-1-5-21-2723542903-286362930-262935172-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-07-05]
FF HKU\S-1-5-21-2723542903-286362930-262935172-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-03-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-03-01]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-27] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [836984 2015-03-02] (Lavasoft Limited)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768 2015-03-02] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 Service Mgr RollAround; "C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe" [X]
S2 Update Mgr RollAround; "C:\Program Files (x86)\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-11-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-08 15:47 - 2015-03-08 15:48 - 00027201 _____ () C:\Users\iris\Downloads\FRST.txt
2015-03-08 15:45 - 2015-03-08 15:48 - 00000000 ____D () C:\FRST
2015-03-08 15:44 - 2015-03-08 15:45 - 02095104 _____ (Farbar) C:\Users\iris\Downloads\FRST64.exe
2015-03-08 15:41 - 2015-03-08 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-03-08 13:38 - 2015-03-08 13:38 - 01923888 _____ () C:\Users\iris\Downloads\Adaware_Installer_11.5.exe
2015-03-08 13:27 - 2015-03-08 13:27 - 00000856 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-03-08 13:27 - 2015-03-08 13:27 - 00000844 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-03-08 13:27 - 2015-03-08 13:27 - 00000000 ____D () C:\Program Files\Audacity
2015-03-08 13:21 - 2015-03-08 13:21 - 22892794 _____ (Audacity Team ) C:\Users\iris\Downloads\audacity-win-2.0.6.exe
2015-03-08 13:18 - 2015-03-08 13:18 - 00000000 ____D () C:\Users\iris\Documents\CyberLink
2015-03-08 13:18 - 2015-03-08 13:18 - 00000000 ____D () C:\Users\iris\AppData\Roaming\CyberLink
2015-03-08 13:18 - 2015-03-08 13:18 - 00000000 ____D () C:\Users\iris\AppData\Local\MediaShow
2015-03-08 13:17 - 2015-03-08 13:17 - 00000000 ____D () C:\Users\iris\AppData\Local\CyberLink
2015-03-08 12:42 - 2015-03-08 12:43 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-03-08 12:42 - 2015-03-08 12:42 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-03-08 12:42 - 2015-03-08 12:42 - 00000000 ____D () C:\Users\iris\AppData\Local\Lavasoft
2015-03-08 12:41 - 2015-03-08 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-03-08 12:41 - 2015-03-08 12:41 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-03-08 12:41 - 2015-03-02 18:02 - 00372248 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-03-08 12:41 - 2015-03-02 18:02 - 00325944 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-03-08 12:40 - 2015-03-08 12:41 - 00000000 ____D () C:\Users\iris\AppData\Local\CDex
2015-03-08 12:40 - 2015-03-08 12:40 - 00000993 _____ () C:\Users\Public\Desktop\CDex.lnk
2015-03-08 12:40 - 2015-03-08 12:40 - 00000000 ____D () C:\Users\iris\AppData\Roaming\OpenCandy
2015-03-08 12:40 - 2015-03-08 12:40 - 00000000 ____D () C:\Users\iris\AppData\Roaming\Lavasoft
2015-03-08 12:40 - 2015-03-08 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
2015-03-08 12:40 - 2015-03-08 12:40 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-03-08 12:40 - 2015-03-08 12:40 - 00000000 ____D () C:\Program Files (x86)\Roll Around
2015-03-08 12:34 - 2014-04-14 04:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-03-08 12:32 - 2015-03-08 12:33 - 13139941 _____ (Georgy Berdyshev) C:\Users\iris\Downloads\CDex-1.77-win32.exe
2015-03-01 23:24 - 2015-03-01 23:25 - 01771008 _____ () C:\Users\iris\Downloads\Kalender_2015_1.pps
2015-03-01 22:54 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-01 22:54 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-01 14:20 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-03-01 14:20 - 2014-07-30 02:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-03-01 14:20 - 2014-07-29 06:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2015-03-01 13:49 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-03-01 13:49 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-01 13:49 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-01 13:49 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-01 13:49 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-03-01 13:49 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-01 13:49 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-01 13:49 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-03-01 13:49 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-03-01 13:49 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-03-01 13:49 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-01 13:49 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-01 13:49 - 2014-03-13 08:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-03-01 13:49 - 2014-03-13 07:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2015-03-01 13:48 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-03-01 13:48 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-01 13:48 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-01 13:48 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-01 13:48 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-03-01 13:48 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-01 13:48 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-01 13:18 - 2015-02-03 20:31 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-01 13:18 - 2015-02-03 20:31 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-01 13:09 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-01 13:09 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-14 14:57 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-14 14:57 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-14 11:57 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-14 11:57 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-14 11:57 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-14 11:57 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-14 11:57 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-14 11:57 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-14 11:57 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-14 11:57 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-14 11:57 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-14 11:57 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-14 11:57 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-14 11:57 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-14 11:57 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-14 11:57 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-14 11:57 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-14 11:57 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-14 11:57 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-14 11:57 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-14 11:57 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-14 11:57 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-14 11:57 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-14 11:57 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-14 11:57 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-14 11:57 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-14 11:57 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-14 11:57 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-14 11:57 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-14 11:57 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-14 11:57 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-14 11:57 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-14 11:57 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-14 11:57 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-14 11:57 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-14 11:57 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-14 11:57 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-14 11:57 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-14 11:57 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-14 11:57 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-14 11:57 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-14 11:57 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-14 11:57 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-14 11:57 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-14 11:57 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-14 11:57 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-14 11:57 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-14 11:57 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-14 11:57 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-14 11:51 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-14 11:51 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-14 11:51 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-14 11:51 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-14 11:51 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-14 11:51 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-14 11:51 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-14 11:51 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-14 11:51 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-14 11:50 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-14 11:50 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-14 11:50 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-14 11:50 - 2014-12-09 00:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-14 11:38 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-14 11:32 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-02-14 11:32 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-02-14 11:32 - 2014-04-08 23:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2015-02-14 11:32 - 2014-04-08 23:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2015-02-14 11:32 - 2014-04-08 19:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2015-02-14 11:32 - 2014-04-08 19:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2015-02-14 11:19 - 2015-02-14 11:19 - 00001173 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-02-08 14:44 - 2015-02-08 14:44 - 03120360 _____ () C:\Users\iris\Downloads\aim523292.exe
2015-02-08 13:53 - 2015-02-08 13:53 - 96187369 _____ () C:\Users\iris\Downloads\Anastacia-Resurrection-%28Deluxe_Edition%29-2CD-2014-gnvr.rar
2015-02-08 13:48 - 2015-02-08 13:49 - 86857674 _____ () C:\Users\iris\Downloads\Roman_Lob_-_Home-2014-MOD.rar
2015-02-08 13:46 - 2015-02-08 13:47 - 109844620 _____ () C:\Users\iris\Downloads\Faun-Luna-DELUXE_EDITION-DE-2014-NGE.rar
2015-02-08 13:43 - 2015-02-08 13:44 - 196459193 _____ () C:\Users\iris\Downloads\Unheilig-Gipfelstuermer-2CD-DE-2014-VOiCE.rar
2015-02-08 13:34 - 2015-02-08 13:36 - 197077706 _____ () C:\Users\iris\Downloads\Spandau_Ballet-Diamond-Special_Edition-2CD-Remastered-2010-D2H-CannaPower.rar
2015-02-08 13:31 - 2015-02-08 13:32 - 93934200 _____ () C:\Users\iris\Downloads\SpBa-Heliask.rar
2015-02-08 13:03 - 2014-04-11 04:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-02-08 13:03 - 2014-04-11 04:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-02-08 13:03 - 2014-04-11 04:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-02-08 13:03 - 2014-04-11 04:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-02-08 13:03 - 2014-04-11 04:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-02-08 13:03 - 2014-04-11 03:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-02-08 13:00 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2015-02-08 13:00 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-02-08 13:00 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2015-02-08 13:00 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-02-08 12:58 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-02-08 12:58 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-02-08 12:58 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-02-08 12:58 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-02-08 12:58 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-02-08 12:58 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-02-08 12:58 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-02-08 12:58 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-02-08 12:58 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-02-08 12:58 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-02-08 12:58 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-02-08 12:58 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2015-02-08 12:58 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2015-02-08 12:58 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-02-08 12:58 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2015-02-08 12:58 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2015-02-08 12:58 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-02-08 12:58 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2015-02-08 12:58 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-08 12:58 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-02-08 12:58 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-02-08 12:58 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2015-02-08 12:58 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-08 12:58 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-02-08 12:58 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-02-08 12:58 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2015-02-08 12:58 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-08 12:58 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-02-08 12:58 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-02-08 12:58 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-02-08 12:58 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-02-08 12:58 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-08 12:58 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-02-08 12:58 - 2014-07-24 16:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-02-08 12:58 - 2014-07-24 12:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-02-08 12:58 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2015-02-08 12:58 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-02-08 12:58 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-02-08 12:56 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-02-08 12:56 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2015-02-08 12:56 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2015-02-08 12:56 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2015-02-08 12:56 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2015-02-08 12:56 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2015-02-08 12:56 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2015-02-08 12:56 - 2014-05-03 00:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2015-02-08 12:56 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2015-02-08 12:56 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-02-08 12:56 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-02-08 12:56 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2015-02-08 12:56 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-02-08 12:56 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-02-08 12:56 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-02-08 12:56 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2015-02-08 12:56 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-02-08 12:56 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2015-02-08 12:56 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-02-08 12:56 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-02-08 12:56 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2015-02-08 12:56 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-02-08 12:56 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-02-08 12:56 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2015-02-08 12:56 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-02-08 12:56 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-02-08 12:56 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-02-08 12:56 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-02-08 12:56 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2015-02-08 12:56 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2015-02-08 12:52 - 2014-10-13 03:43 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-02-08 12:52 - 2014-10-13 03:43 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-02-08 12:52 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-02-08 12:52 - 2014-10-13 03:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-02-08 12:40 - 2015-02-08 12:40 - 00001967 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-02-08 12:40 - 2015-02-08 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-02-08 12:38 - 2015-02-08 12:38 - 00000000 ____D () C:\Program Files\McAfee Security Scan
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2021-10-21 14:36 - 2014-06-24 09:51 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 08:34 - 2014-06-24 09:51 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2015-03-08 15:46 - 2014-06-29 10:20 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2723542903-286362930-262935172-1001
2015-03-08 15:46 - 2014-06-24 09:33 - 01230816 _____ () C:\Windows\WindowsUpdate.log
2015-03-08 15:46 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-08 15:41 - 2014-07-12 11:32 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-08 15:41 - 2014-06-24 19:17 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-03-08 15:41 - 2014-06-24 19:17 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-03-08 15:41 - 2014-03-11 14:23 - 00001880 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2015-03-08 15:41 - 2014-03-11 13:58 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-08 15:37 - 2014-12-31 12:55 - 00000000 ___RD () C:\Users\iris\Dropbox
2015-03-08 15:37 - 2014-12-31 12:52 - 00000000 ____D () C:\Users\iris\AppData\Roaming\Dropbox
2015-03-08 15:37 - 2014-06-29 10:14 - 00000000 ____D () C:\Users\iris\AppData\Local\Pokki
2015-03-08 15:36 - 2014-12-27 11:06 - 00000000 ____D () C:\Users\iris\AppData\Roaming\Skype
2015-03-08 15:35 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-08 15:34 - 2014-07-20 13:48 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-08 15:34 - 2013-08-22 15:46 - 00025170 _____ () C:\Windows\setupact.log
2015-03-08 15:34 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-08 15:33 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-08 15:25 - 2013-08-22 15:44 - 00362760 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-08 15:24 - 2014-06-29 10:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-08 15:24 - 2014-03-11 13:44 - 00157464 _____ () C:\Windows\PFRO.log
2015-03-08 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-08 14:48 - 2014-06-29 10:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-08 12:55 - 2014-06-29 19:56 - 00000000 ____D () C:\Users\iris\AppData\Roaming\Winamp
2015-03-08 12:43 - 2014-07-05 12:47 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-08 12:40 - 2014-12-07 13:26 - 00000000 ____D () C:\Users\iris\programme
2015-03-08 12:40 - 2014-07-20 11:55 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-08 12:38 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-08 12:35 - 2014-07-05 12:47 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-01 14:36 - 2013-08-22 20:11 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-01 14:36 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-01 14:36 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-03-01 14:36 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-01 14:36 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-01 14:36 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-03-01 14:36 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2015-03-01 14:36 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-03-01 14:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-01 14:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-01 14:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-03-01 14:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-03-01 14:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-03-01 14:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-01 14:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-01 13:11 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-02-14 11:24 - 2014-12-31 12:55 - 00001080 _____ () C:\Users\iris\Desktop\Dropbox.lnk
2015-02-14 11:24 - 2014-12-31 12:53 - 00000000 ____D () C:\Users\iris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-14 11:19 - 2014-07-20 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-14 11:18 - 2014-07-20 11:56 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-08 14:08 - 2014-06-29 19:54 - 00002343 _____ () C:\Users\iris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-08 13:21 - 2014-07-20 13:48 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-08 13:21 - 2014-07-20 13:48 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-08 13:21 - 2014-07-20 13:48 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 12:41 - 2014-07-12 11:32 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-08 12:38 - 2015-01-18 13:42 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
==================== Files in the root of some directories =======
2014-06-24 09:52 - 2014-06-24 09:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\iris\AppData\Local\Temp\avgnt.exe
C:\Users\iris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcqzuya.dll
C:\Users\iris\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\iris\AppData\Local\Temp\oct29A3.tmp.exe
C:\Users\iris\AppData\Local\Temp\oct3AB7.tmp.exe
C:\Users\iris\AppData\Local\Temp\oct43AD.tmp.exe
C:\Users\iris\AppData\Local\Temp\oct4DDF.tmp.exe
C:\Users\iris\AppData\Local\Temp\oct7F10.tmp.exe
C:\Users\iris\AppData\Local\Temp\oct9F57.tmp.exe
C:\Users\iris\AppData\Local\Temp\octA018.tmp.exe
C:\Users\iris\AppData\Local\Temp\octDA90.tmp.exe
C:\Users\iris\AppData\Local\Temp\octE57.tmp.exe
C:\Users\iris\AppData\Local\Temp\OpenOffice_4.1.1_Win_x86_install_de.exe
C:\Users\iris\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\iris\AppData\Local\Temp\SkypeSetup.exe
C:\Users\iris\AppData\Local\Temp\SpOrder.dll
C:\Users\iris\AppData\Local\Temp\sqlite3.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-01 13:32
==================== End Of Log ============================
und hier die additionFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2015 01
Ran by iris at 2015-03-08 15:51:27
Running from C:\Users\iris\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-2723542903-286362930-262935172-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Ad-Aware Web Companion (x32 Version: 1.1.908.1803 - Lavasoft) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.77.0.2015 - Georgy Berdyshev)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-2723542903-286362930-262935172-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.194 - McAfee, Inc.)
mediserv Abrechnungsmodul 4.8.4 (Build 1053) (HKLM-x32\...\mediserv Abrechnungsmodul) (Version: - mediserv GmbH)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-2723542903-286362930-262935172-1001\...\Pokki) (Version: 0.269.7.513 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Roll Around (HKLM-x32\...\Roll Around) (Version: 2.0.5544.40649 - Roll Around)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Web Companion (HKLM-x32\...\{AB75B78F-CFFA-4027-A8DC-94357F2F77EE}_WebCompanion) (Version: 1.1.908.1803 - Lavasoft)
Websuche (HKLM-x32\...\Websuche) (Version: - URL24)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.2.015.000 - Check Point)
ZoneAlarm Security Toolbar (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar (HKU\S-1-5-21-2723542903-286362930-262935172-1001\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2723542903-286362930-262935172-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\iris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2723542903-286362930-262935172-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2723542903-286362930-262935172-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2723542903-286362930-262935172-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2723542903-286362930-262935172-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2723542903-286362930-262935172-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2723542903-286362930-262935172-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2723542903-286362930-262935172-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2723542903-286362930-262935172-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2723542903-286362930-262935172-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\iris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
28-12-2014 14:05:01 Windows Update
03-01-2015 13:40:19 Windows Update
01-02-2015 12:03:25 Windows Update
14-02-2015 11:16:13 Windows Update
01-03-2015 13:33:09 Windows Update
08-03-2015 12:29:06 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {11691139-4634-4C76-8291-186E70454CA8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {21BD4CF7-CA92-4ABB-8CA8-F93F4C341220} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {3F4C07D4-1820-4368-9F12-DEF80BC741D7} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-26] (Acer Incorporated)
Task: {3F4EA948-0D84-458B-9C0D-A04A7A5FAB88} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {5B7CE490-94E0-4142-B975-E6C3376416CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.)
Task: {8086A038-A02F-4A6C-970E-5546885955B6} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {88DFCDA9-F932-4231-8801-4FDECB5F5F29} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {9FFE8C4A-5CD6-4306-86E3-32BD4D9DF3C6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-08] (Microsoft Corporation)
Task: {A68BC0B8-D023-490C-A2FD-09738F79E011} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-20] (Google Inc.)
Task: {DF008B5D-8273-4923-824A-CE68632CD459} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {EB521775-9F5B-47FE-80D2-0D80A370BC99} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-08] (Adobe Systems Incorporated)
Task: {F11E5899-9832-490E-B6D8-B0A8CAD8FAD8} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-09-07 00:48 - 2013-09-07 00:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 00:45 - 2013-09-07 00:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 00:52 - 2013-09-07 00:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-03-11 14:11 - 2013-09-03 20:45 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00072512 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-03-02 18:00 - 2015-03-02 18:00 - 00179560 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00046920 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00123224 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-03-02 18:01 - 2015-03-02 18:01 - 00069960 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2015-03-02 18:00 - 2015-03-02 18:00 - 00039256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00750080 _____ () C:\Users\iris\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-08 15:36 - 2015-03-08 15:36 - 00043008 _____ () c:\users\iris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcqzuya.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00047616 _____ () C:\Users\iris\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00865280 _____ () C:\Users\iris\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00200704 _____ () C:\Users\iris\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-06-24 09:46 - 2013-09-04 00:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2723542903-286362930-262935172-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-2723542903-286362930-262935172-500 - Administrator - Disabled)
Gast (S-1-5-21-2723542903-286362930-262935172-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2723542903-286362930-262935172-1003 - Limited - Enabled)
iris (S-1-5-21-2723542903-286362930-262935172-1001 - Administrator - Enabled) => C:\Users\iris
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/08/2015 02:50:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.1.5542, Zeitstempel: 0x54f851c0
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.1.5542, Zeitstempel: 0x54f8437e
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x15e4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (03/08/2015 02:47:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1fa4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (03/08/2015 00:41:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1a70
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (03/01/2015 11:51:40 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.ComponentModel.Win32Exception (0x80004005): Key (Users\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall) could not be opened Error: 87, Hive: Users, Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.CheckResultAndThrowWin32Exception(Int32 result, String message)
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.OpenRegKey()
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.Start()
bei Avira.OE.ServiceHost.AppInfoRepositoryFactory.CreateRegistryAppInfoRepository(RegistryHive registryHive, String registryPath, RegistryView registryView)
bei Avira.OE.ServiceHost.DesktopApplications.UpdateUserAppInfoRepository(String userSid)
bei Avira.OE.ServiceHost.DesktopApplications.UpdateOnNewUserSid(String userSid)
bei Avira.OE.ServiceHost.DesktopApplications.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei S...
Error: (03/01/2015 10:49:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: acer)
Description: Bei der Aktivierung der App „Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/01/2015 10:49:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm UNKNOWN, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: d04
Startzeit: 01d05469954ae335
Endzeit: 4294967295
Anwendungspfad: UNKNOWN
Berichts-ID: d4453a80-c05c-11e4-8269-201a06e2d714
Vollständiger Name des fehlerhaften Pakets: Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.Reader
Error: (03/01/2015 10:49:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: acer)
Description: Die App „Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe+Microsoft.Reader“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (03/01/2015 10:43:19 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.ComponentModel.Win32Exception (0x80004005): Key (Users\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall) could not be opened Error: 87, Hive: Users, Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.CheckResultAndThrowWin32Exception(Int32 result, String message)
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.OpenRegKey()
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.Start()
bei Avira.OE.ServiceHost.AppInfoRepositoryFactory.CreateRegistryAppInfoRepository(RegistryHive registryHive, String registryPath, RegistryView registryView)
bei Avira.OE.ServiceHost.DesktopApplications.UpdateUserAppInfoRepository(String userSid)
bei Avira.OE.ServiceHost.DesktopApplications.UpdateOnNewUserSid(String userSid)
bei Avira.OE.ServiceHost.DesktopApplications.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei S...
Error: (02/08/2015 02:08:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (02/08/2015 02:08:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
System errors:
=============
Error: (03/08/2015 03:35:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Mgr RollAround" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/08/2015 03:35:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service Mgr RollAround" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/08/2015 03:35:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IE Search Set erreicht.
Error: (03/08/2015 03:30:07 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (03/08/2015 03:26:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (03/08/2015 03:25:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 08.03.2015 um 15:16:04 unerwartet heruntergefahren.
Error: (03/08/2015 01:12:49 PM) (Source: DCOM) (EventID: 10010) (User: acer)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/08/2015 01:12:19 PM) (Source: DCOM) (EventID: 10010) (User: acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/08/2015 00:29:04 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (03/08/2015 00:29:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst mcpltsvc erreicht.
Microsoft Office Sessions:
=========================
Error: (03/08/2015 02:50:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.1.554254f851c0mozalloc.dll36.0.1.554254f8437e8000000300001e0215e401d059a69e9653bbC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll0cee454e-c59a-11e4-8269-201a06e2d714
Error: (03/08/2015 02:47:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f22480000003000014251fa401d0599d7c36a138C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb1b1baf2-c599-11e4-8269-201a06e2d714
Error: (03/08/2015 00:41:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f22480000003000014251a7001d05993f3b7c6b1C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll07f7c9df-c588-11e4-8269-201a06e2d714
Error: (03/01/2015 11:51:40 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.ComponentModel.Win32Exception (0x80004005): Key (Users\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall) could not be opened Error: 87, Hive: Users, Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.CheckResultAndThrowWin32Exception(Int32 result, String message)
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.OpenRegKey()
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.Start()
bei Avira.OE.ServiceHost.AppInfoRepositoryFactory.CreateRegistryAppInfoRepository(RegistryHive registryHive, String registryPath, RegistryView registryView)
bei Avira.OE.ServiceHost.DesktopApplications.UpdateUserAppInfoRepository(String userSid)
bei Avira.OE.ServiceHost.DesktopApplications.UpdateOnNewUserSid(String userSid)
bei Avira.OE.ServiceHost.DesktopApplications.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei S...
Error: (03/01/2015 10:49:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: acer)
Description: Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader-2144927142
Error: (03/01/2015 10:49:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: UNKNOWN0.0.0.0d0401d05469954ae3354294967295UNKNOWNd4453a80-c05c-11e4-8269-201a06e2d714Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbweMicrosoft.Reader
Error: (03/01/2015 10:49:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: acer)
Description: Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe+Microsoft.Reader
Error: (03/01/2015 10:43:19 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.ComponentModel.Win32Exception (0x80004005): Key (Users\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall) could not be opened Error: 87, Hive: Users, Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.CheckResultAndThrowWin32Exception(Int32 result, String message)
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.OpenRegKey()
bei Avira.OE.WinCore.Utility.RegistryValueWatcher.Start()
bei Avira.OE.ServiceHost.AppInfoRepositoryFactory.CreateRegistryAppInfoRepository(RegistryHive registryHive, String registryPath, RegistryView registryView)
bei Avira.OE.ServiceHost.DesktopApplications.UpdateUserAppInfoRepository(String userSid)
bei Avira.OE.ServiceHost.DesktopApplications.UpdateOnNewUserSid(String userSid)
bei Avira.OE.ServiceHost.DesktopApplications.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei S...
Error: (02/08/2015 02:08:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\iris\AppData\Local\Pokki\Engine\HostAppService.exe
Error: (02/08/2015 02:08:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\iris\AppData\Local\Pokki\Engine\HostAppService.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 72%
Total physical RAM: 3985.27 MB
Available physical RAM: 1108.71 MB
Total Pagefile: 4689.27 MB
Available Pagefile: 1530.84 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB
==================== Drives ================================
Drive c: (lokaler Datenträger ) (Fixed) (Total:287.85 GB) (Free:240.39 GB) NTFS
Drive d: (Sicherung) (Fixed) (Total:250.13 GB) (Free:250.01 GB) NTFS
Drive f: (install) (Fixed) (Total:166.02 GB) (Free:165.89 GB) NTFS
Drive g: (MP3) (Fixed) (Total:203.73 GB) (Free:201.73 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2FB84136)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
| Themen zu Rollaround müllt den PC mit Werbung zu |
| adware, antivir, antivirus, avira, browser, converter, desktop, dvdvideosoft ltd., firefox, flash player, google, installation, launch, lavasofttcpservice64.dll, mozilla, omnibox, realtek, registry, rundll, security, siteadvisor, software, svchost.exe, symantec, system, trojaner, web companion, werbung, windows, wlan |
Baum-Darstellung