| wolf_pack | 10.05.2015 11:51 |
habe ich gemacht, so hier die logs
mbam.txt Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 10.05.2015
Suchlauf-Zeit: 11:59:50
Logdatei: mbam.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.05.10.02
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: MartinA
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 349658
Verstrichene Zeit: 12 Min, 25 Seks
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente gefunden)
Module: 0
(Keine schädliche Elemente gefunden)
Registrierungsschlüssel: 86
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{2b0d9133-daef-4f8b-9e40-e1e95aa6bfa9}, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2B0D9133-DAEF-4F8B-9E40-E1E95AA6BFA9}, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2B0D9133-DAEF-4F8B-9E40-E1E95AA6BFA9}, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_.P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_.P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_.9, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_.P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_.P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_.9, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_.P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_.P2b0d9133_daef_4f8b_9e40_e1e95aa6bfa9_.9, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2B0D9133-DAEF-4F8B-9E40-E1E95AA6BFA9}, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2b0d9133-daef-4f8b-9e40-e1e95aa6bfa9}, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{2B0D9133-DAEF-4F8B-9E40-E1E95AA6BFA9}, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{2B0D9133-DAEF-4F8B-9E40-E1E95AA6BFA9}, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{2B0D9133-DAEF-4F8B-9E40-E1E95AA6BFA9}\INPROCSERVER32, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{492c4b47-e542-4dd0-8074-daa4ec7cbf78}, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{492C4B47-E542-4DD0-8074-DAA4EC7CBF78}, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{492C4B47-E542-4DD0-8074-DAA4EC7CBF78}, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P492c4b47_e542_4dd0_8074_daa4ec7cbf78_.P492c4b47_e542_4dd0_8074_daa4ec7cbf78_, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P492c4b47_e542_4dd0_8074_daa4ec7cbf78_.P492c4b47_e542_4dd0_8074_daa4ec7cbf78_.9, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P492c4b47_e542_4dd0_8074_daa4ec7cbf78_.P492c4b47_e542_4dd0_8074_daa4ec7cbf78_, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P492c4b47_e542_4dd0_8074_daa4ec7cbf78_.P492c4b47_e542_4dd0_8074_daa4ec7cbf78_.9, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P492c4b47_e542_4dd0_8074_daa4ec7cbf78_.P492c4b47_e542_4dd0_8074_daa4ec7cbf78_, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P492c4b47_e542_4dd0_8074_daa4ec7cbf78_.P492c4b47_e542_4dd0_8074_daa4ec7cbf78_.9, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{492C4B47-E542-4DD0-8074-DAA4EC7CBF78}, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{492c4b47-e542-4dd0-8074-daa4ec7cbf78}, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{492C4B47-E542-4DD0-8074-DAA4EC7CBF78}, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{492C4B47-E542-4DD0-8074-DAA4EC7CBF78}, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{492C4B47-E542-4DD0-8074-DAA4EC7CBF78}\INPROCSERVER32, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{9e3a39f3-ad01-4ad3-b310-012b7d8dc135}, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9E3A39F3-AD01-4AD3-B310-012B7D8DC135}, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9E3A39F3-AD01-4AD3-B310-012B7D8DC135}, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_.P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_.P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_.9, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_.P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_.P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_.9, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_.P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_.P9e3a39f3_ad01_4ad3_b310_012b7d8dc135_.9, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9E3A39F3-AD01-4AD3-B310-012B7D8DC135}, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9e3a39f3-ad01-4ad3-b310-012b7d8dc135}, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{9E3A39F3-AD01-4AD3-B310-012B7D8DC135}, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{9E3A39F3-AD01-4AD3-B310-012B7D8DC135}, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{9E3A39F3-AD01-4AD3-B310-012B7D8DC135}\INPROCSERVER32, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{50596bb4-7c3c-433c-a0a4-56b0b3740c3f}, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{50596BB4-7C3C-433C-A0A4-56B0B3740C3F}, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{50596BB4-7C3C-433C-A0A4-56B0B3740C3F}, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_.P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_.P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_.9, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_.P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_.P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_.9, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_.P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_.P50596bb4_7c3c_433c_a0a4_56b0b3740c3f_.9, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{50596BB4-7C3C-433C-A0A4-56B0B3740C3F}, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{50596bb4-7c3c-433c-a0a4-56b0b3740c3f}, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{50596BB4-7C3C-433C-A0A4-56B0B3740C3F}, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{50596BB4-7C3C-433C-A0A4-56B0B3740C3F}, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{50596BB4-7C3C-433C-A0A4-56B0B3740C3F}\INPROCSERVER32, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{ADA38E4E-F20A-4399-BE91-E260AC341C69}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{191F1F24-6CD9-4CC9-8CF7-1006772638D5}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{29C26002-10DE-4440-AB58-588CDCAE63C2}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{45EC1006-A536-4A2D-BE5B-76FE7DBD89DE}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AC5090B9-9FFA-48F7-8011-A70E000B85E0}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{191F1F24-6CD9-4CC9-8CF7-1006772638D5}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{29C26002-10DE-4440-AB58-588CDCAE63C2}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{45EC1006-A536-4A2D-BE5B-76FE7DBD89DE}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AC5090B9-9FFA-48F7-8011-A70E000B85E0}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{191F1F24-6CD9-4CC9-8CF7-1006772638D5}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{29C26002-10DE-4440-AB58-588CDCAE63C2}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{45EC1006-A536-4A2D-BE5B-76FE7DBD89DE}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AC5090B9-9FFA-48F7-8011-A70E000B85E0}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{ADA38E4E-F20A-4399-BE91-E260AC341C69}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{ADA38E4E-F20A-4399-BE91-E260AC341C69}, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{583609BD-FBCC-402D-98A7-5195235E4237}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{371AE050-C774-4AC0-B431-7ACFC153DB21}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4D466BF1-62CE-49DF-A224-640582053786}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A6326619-397C-4912-AC6E-531170B5A983}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F7620559-942D-4B8D-8C75-F85C4465EAAA}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{371AE050-C774-4AC0-B431-7ACFC153DB21}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4D466BF1-62CE-49DF-A224-640582053786}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A6326619-397C-4912-AC6E-531170B5A983}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F7620559-942D-4B8D-8C75-F85C4465EAAA}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{371AE050-C774-4AC0-B431-7ACFC153DB21}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4D466BF1-62CE-49DF-A224-640582053786}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A6326619-397C-4912-AC6E-531170B5A983}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F7620559-942D-4B8D-8C75-F85C4465EAAA}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{583609BD-FBCC-402D-98A7-5195235E4237}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{583609BD-FBCC-402D-98A7-5195235E4237}, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
Registrierungswerte: 4
PUP.Optional.HomePageHelper.A, HKU\S-1-5-21-3264276999-4266021351-3850562702-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EB3E2173-B4F0-11E4-8263-F0761C3C1254}|FaviconURL, hxxp://homepage-web.com/favicon.ico, In Quarantäne, [3ac0cec3414956e0cb4188498f74bf41]
PUP.Optional.HomePageHelper.A, HKU\S-1-5-21-3264276999-4266021351-3850562702-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EB3E2173-B4F0-11E4-8263-F0761C3C1254}|FaviconURLFallback, hxxp://homepage-web.com/favicon.ico, In Quarantäne, [a5554948d5b542f4cd3fe3eeaf54ee12]
PUP.Optional.HomePageHelper.A, HKU\S-1-5-21-3264276999-4266021351-3850562702-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EB3E2173-B4F0-11E4-8263-F0761C3C1254}|TopResultURL, hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}, In Quarantäne, [7e7cc1d0eb9ff73fd834d4fdfc07ce32]
PUP.Optional.HomePageHelper.A, HKU\S-1-5-21-3264276999-4266021351-3850562702-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EB3E2173-B4F0-11E4-8263-F0761C3C1254}|URL, hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}, In Quarantäne, [c139efa20c7e39fd7e8ef2df0300718f]
Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)
Ordner: 8
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajnjaghjodocddaglgghffgacnoepgf\183, In Quarantäne, [fefc553c137794a2bdcbf66dec19738d],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajnjaghjodocddaglgghffgacnoepgf, In Quarantäne, [fefc553c137794a2bdcbf66dec19738d],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcpghjpdhmmddoiipeafngfpkbpnokd\164, In Quarantäne, [5aa0543dc6c4aa8c2f596ef540c5956b],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcpghjpdhmmddoiipeafngfpkbpnokd, In Quarantäne, [5aa0543dc6c4aa8c2f596ef540c5956b],
PUP.Optional.CoolNCheap.A, C:\Program Files (x86)\CoolncheAAP, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.BuyFast.A, C:\Program Files (x86)\buyfaast, In Quarantäne, [44b68908870344f25859a0c5aa5b8d73],
PUP.Optional.OfferSale.A, C:\Program Files (x86)\offerSale, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.BuyFast.A, C:\Program Files (x86)\Buyfast, In Quarantäne, [3ac0d5bc7911ce68916919ae17eccf31],
Dateien: 29
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\rrocCketSAlei\gI2BcZdCZ2yhyb.x64.dll, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\rrocCketSAlei\gI2BcZdCZ2yhyb.dll, In Quarantäne, [2bcf0c8533571b1b7933e525ba4c659b],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\buyfaast\8iz8ogOaKyS7jH.x64.dll, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\buyfaast\8iz8ogOaKyS7jH.dll, In Quarantäne, [52a8652c9feb6acc832eca79bc46827e],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\offerSale\ItaMD0cSJfnlDQ.x64.dll, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\offerSale\ItaMD0cSJfnlDQ.dll, In Quarantäne, [6c8e523f01897bbb4d64dc67da28659b],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\CoolncheAAP\GG0RYz1ypA39LM.x64.dll, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\CoolncheAAP\GG0RYz1ypA39LM.dll, In Quarantäne, [fffb1f72cebc3ef8694349c128defc04],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\Mozilla Firefox\dbghelp.dll, In Quarantäne, [51a91d744941f83ed91df954ea18ef11],
PUP.Optional.OpenCandy, C:\$Recycle.Bin\S-1-5-21-3264276999-4266021351-3850562702-1001\$R41YKZ0.exe, In Quarantäne, [7f7b365b55355bdb2be7e955dc2a11ef],
PUP.Optional.MultiPlug.Uns, C:\$Recycle.Bin\S-1-5-21-3264276999-4266021351-3850562702-1001\$RW7BILG\shoppi.exe, In Quarantäne, [2bcf4e438cfecf67f557d176da2946ba],
PUP.Optional.Multiplug.A, C:\Users\MartinA\AppData\Local\Temp\__tmp_15d757e1, In Quarantäne, [7486464b36547eb8d02562e9bf43a55b],
PUP.Optional.Multiplug.A, C:\Users\MartinA\AppData\Local\Temp\__tmp_254ae992, In Quarantäne, [609a068b7d0db58137be51faae54b34d],
PUP.Optional.Multiplug.A, C:\Users\MartinA\AppData\Local\Temp\__tmp_3d477d56, In Quarantäne, [19e1f9981d6d46f0a45152f90bf7ba46],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajnjaghjodocddaglgghffgacnoepgf\183\lsdb.js, In Quarantäne, [fefc553c137794a2bdcbf66dec19738d],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajnjaghjodocddaglgghffgacnoepgf\183\background.html, In Quarantäne, [fefc553c137794a2bdcbf66dec19738d],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajnjaghjodocddaglgghffgacnoepgf\183\content.js, In Quarantäne, [fefc553c137794a2bdcbf66dec19738d],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajnjaghjodocddaglgghffgacnoepgf\183\manifest.json, In Quarantäne, [fefc553c137794a2bdcbf66dec19738d],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcpghjpdhmmddoiipeafngfpkbpnokd\164\lsdb.js, In Quarantäne, [5aa0543dc6c4aa8c2f596ef540c5956b],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcpghjpdhmmddoiipeafngfpkbpnokd\164\background.html, In Quarantäne, [5aa0543dc6c4aa8c2f596ef540c5956b],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcpghjpdhmmddoiipeafngfpkbpnokd\164\content.js, In Quarantäne, [5aa0543dc6c4aa8c2f596ef540c5956b],
PUP.Optional.MultiPlug.A, C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcpghjpdhmmddoiipeafngfpkbpnokd\164\manifest.json, In Quarantäne, [5aa0543dc6c4aa8c2f596ef540c5956b],
PUP.Optional.CoolNCheap.A, C:\Program Files (x86)\CoolncheAAP\GG0RYz1ypA39LM.tlb, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.CoolNCheap.A, C:\Program Files (x86)\CoolncheAAP\GG0RYz1ypA39LM.dat, In Quarantäne, [7189a0f1771368cec53f02626e97fd03],
PUP.Optional.BuyFast.A, C:\Program Files (x86)\buyfaast\8iz8ogOaKyS7jH.tlb, In Quarantäne, [44b68908870344f25859a0c5aa5b8d73],
PUP.Optional.BuyFast.A, C:\Program Files (x86)\buyfaast\8iz8ogOaKyS7jH.dat, In Quarantäne, [44b68908870344f25859a0c5aa5b8d73],
PUP.Optional.OfferSale.A, C:\Program Files (x86)\offerSale\ItaMD0cSJfnlDQ.tlb, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.OfferSale.A, C:\Program Files (x86)\offerSale\ItaMD0cSJfnlDQ.dat, In Quarantäne, [be3c3b56008a979f69285313a65ff30d],
PUP.Optional.BuyFast.A, C:\Program Files (x86)\Buyfast\Buyfast.dat, In Quarantäne, [3ac0d5bc7911ce68916919ae17eccf31],
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end)
AdwCleaner[S1].txt Code:
# AdwCleaner v4.203 - Bericht erstellt 10/05/2015 um 12:21:04
# Aktualisiert 30/04/2015 von Xplode
# Datenbank : 2015-05-09.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : MartinA - MARTIN
# Gestarted von : C:\Users\MartinA\Downloads\AdwCleaner_4.203.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\3eb09516000036db
Ordner Gelöscht : C:\ProgramData\978fb76d000018f2
Ordner Gelöscht : C:\ProgramData\a56d4f4d00003ba6
Ordner Gelöscht : C:\ProgramData\{40a3edc9-6fae-8d4f-40a3-3edc96fab725}
Ordner Gelöscht : C:\Program Files (x86)\TerminusDefender
Ordner Gelöscht : C:\Program Files (x86)\rrocCketSAlei
Ordner Gelöscht : C:\Program Files (x86)\salEofFerr
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\d9435ba1-7625-874b-a3e6-db0335b6c684
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Super Optimizer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v37.0.2 (x86 de)
[bz1oh92f.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "Ask Web Search");
[bz1oh92f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.ay2h36JtxSCzOVKA.scode", "(function(){try{if(window.self.location.href.indexOf(\"qTwHrdw8rTk8qja9rTr9pdaEra\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\"[...]
[bz1oh92f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.jH85Jw6B3udMBF9U.scode", "(function(){try{if(window.location.href.indexOf(\"qTwHrdw8rTk8qja9rTr9pdaEra\")>-1){return;}}catch(e){}try{var d=[[\"backin.net\",\"trianglecash.com\",\[...]
[bz1oh92f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.lastActivePing", "1427315310844");
[bz1oh92f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.toolbar.ownSearch", true);
[bz1oh92f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.weather.location", "10001");
[bz1oh92f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[bz1oh92f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[bz1oh92f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "allin1convert@mindspark.com");
-\\ Google Chrome v
*************************
AdwCleaner[R1].txt - [3131 Bytes] - [10/05/2015 12:19:49]
AdwCleaner[S1].txt - [3028 Bytes] - [10/05/2015 12:21:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3087 Bytes] ##########
JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 8.1 x64
Ran by MartinA on 10.05.2015 at 12:28:09,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1992381828-41947218-4104882132-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3264276999-4266021351-3850562702-1001
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3264276999-4266021351-3850562702-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-4252618201-129315852-961335818-500
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EB3E2173-B4F0-11E4-8263-F0761C3C1254}
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [Folder] C:\Users\MartinA\AppData\Roaming\mozilla\firefox\profiles\bz1oh92f.default\extensions\toolbar@web.de
Successfully deleted the following from C:\Users\MartinA\AppData\Roaming\mozilla\firefox\profiles\bz1oh92f.default\prefs.js
user_pref(extensions.ay2h36JtxSCzOVKA.url, hxxp://getjpi1.info/sync2/?q=hfZ9ojk8hyn8hdkMCyVUojwErTaErchTB6lKDzt4okmxtNtVh7n0rjkEqdw6rdgGqdw8tMFHhd9Fqja9rjUFpdkErdrMDMlGojUM
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.05.2015 at 12:30:13,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und FRTS Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by MartinA at 2015-05-10 12:34:32
Running from C:\Users\MartinA\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3264276999-4266021351-3850562702-500 - Administrator - Disabled)
Gast (S-1-5-21-3264276999-4266021351-3850562702-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3264276999-4266021351-3850562702-1003 - Limited - Enabled)
MartinA (S-1-5-21-3264276999-4266021351-3850562702-1001 - Administrator - Enabled) => C:\Users\MartinA
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.07.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.02.2002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.07.2004.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.02.2003.0 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.06.2000 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2010.3 - Acer Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.06.2002.2 - Acer Incorporated)
Bengal Special (HKLM-x32\...\Bengal Special) (Version: - )
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: - )
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.)
FileZilla Client 3.10.1.1 (HKLM-x32\...\FileZilla Client) (Version: 3.10.1.1 - Tim Kosse)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Hilfe (HKLM-x32\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3947 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WebMatrix 3 (HKLM-x32\...\{F3A4C164-245F-4548-AE80-BB766E16B637}) (Version: 2.0.1932 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
NVIDIA Grafiktreiber 333.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.57 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Piczoom 2 4.15.9.1 (HKLM-x32\...\{5EBFB7EF-4A99-46D6-B4F6-72E685874D48}_is1) (Version: - Zinnfiguren Rieger)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21257 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7300 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
USB Tablet Manager (HKLM\...\RmTablet) (Version: 5.01 - )
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{54030B4E-C77C-4B6E-9606-7F0DB9E3823D}) (Version: 22.00.8811 - Buhl Data Service GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
25-03-2015 22:10:40 Installed Microsoft Web Platform Installer 5.0
06-04-2015 23:10:41 Windows Update
11-04-2015 22:04:29 Microsoft Visual C++ 2005 Redistributable wird installiert
16-04-2015 22:07:04 Windows Update
19-04-2015 22:10:35 Windows Update
28-04-2015 11:22:51 Windows Modules Installer
07-05-2015 21:29:43 Revo Uninstaller's restore point - CoolncheAAP
09-05-2015 12:09:20 Revo Uninstaller's restore point - RelayTurbo
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {09E01F86-4B9E-4F56-9C7B-43FCF15FA724} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
Task: {16BBC68F-35F3-4AD6-90B5-B59492E44151} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {195199FC-11C5-40C1-B056-ED312DC809C0} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {26D731B1-3F8A-4E9B-9278-58AAA0239373} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {277B6DA1-7170-4830-B766-B141ED19C4B7} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {55E21077-EAF9-4BE4-AE0C-76C57781265B} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {69C617AE-E0D0-473D-A0A2-F5CF5062AE30} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {6FC58521-A068-4D87-95EF-2266ED17320C} - \Optimize Start Menu Cache Files-S-1-5-21-3264276999-4266021351-3850562702-1001 No Task File <==== ATTENTION
Task: {80A010D2-CA99-4862-B01E-B88C780E3C9B} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {901295A4-841B-4FBD-9A3C-3703002E9C11} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {9B9FCF82-BE75-4203-A4A4-A7FD05D55202} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {B2343CB4-9CA6-406B-A7C9-148C9B8A249B} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-03-18] (Acer)
Task: {B3052B3F-18F1-47B8-847D-89D7FD394560} - \Optimize Start Menu Cache Files-S-1-5-21-3264276999-4266021351-3850562702-500 No Task File <==== ATTENTION
Task: {BCA8A19D-EDFE-47BD-BAD6-9B2B5E246131} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
Task: {CA1CF660-E3E3-40AA-9730-1DEAFA74D6B6} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {E071B90E-A8AC-4031-9A84-753CF519F12B} - System32\Tasks\InfoCollect => C:\Program Files (x86)\Acer\Acer Portal\InfoCollect.exe [2015-03-18] ()
Task: {F36D1570-3299-4896-90C7-5AEBB8F0EEF2} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {FA009B06-5E75-4FC5-B1F8-E6EE92E55D74} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2015-04-16 16:04 - 2015-04-16 16:04 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-09-03 12:03 - 2014-09-03 12:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\MartinA\Documents\MAG.eml:OECustomProperty
AlternateDataStreams: C:\Users\MartinA\Documents\Markt in Wittenberg 09.eml:OECustomProperty
AlternateDataStreams: C:\Users\MartinA\Documents\MAV.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3264276999-4266021351-3850562702-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MartinA\Pictures\Psychedelic.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3458DD54-E0FF-4F06-BB29-EF4CB149B028}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{DB3BE63B-6FCD-4057-A6AF-2596A11BA895}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{96D89B5C-58D3-4755-AD8B-91EEA9E706C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{A4F8DA0F-6AE5-451E-AA84-E0EED01AC04D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{4BB4B980-4B2D-45A2-AF75-6A91021BA3B7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{549E3BB0-DE9A-4F7D-B47E-282EB7EEEF71}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{068FAEF0-419C-42F8-9935-E7A12CE7DD2B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{CEDB11DA-08F7-4AB2-B54D-09BBBC28445C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F5D0EC4F-CEA6-489B-95B9-C40F7EA8DC3A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{0F127E0F-2071-4BE6-BC28-63A41B47D13A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6B5235CA-497C-411E-8AD3-D2F00EC0213A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3B910979-E5EC-459C-81B0-0A3554D6A31E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ABBEF037-05D4-481C-AE4B-513992BB0DDB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{1E173FB2-407A-4682-8E86-29F225D01D90}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{ABBB2CA4-AB2A-4053-8CDB-E683D023C15B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{1BBB1628-A8A2-443E-904C-C7C63B74FF62}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{B58047CB-FBB9-4746-BEB2-FF98D89DDB7B}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{F9A4B32D-599A-4402-95A1-24EBF9603016}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{A378CB54-71E5-4006-9374-608625136DF2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{4111AA7A-B8B8-4063-955E-CE0519455BBD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{6F95A266-8184-4E75-A5D0-172AF8882619}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{FCC1734B-B87F-41E5-958B-771D45C9591A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{D8D5AABE-4FBE-4DAE-BFC1-A7A2CEE8F6D8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{1E3CF3E2-4DEA-4F29-8E7D-2F35527A3652}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EA144B97-439F-4E1E-88A0-ACA72CD6E137}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DCC1E474-7249-4F26-B13A-BC600D1B6190}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{70365BEC-62A8-4B83-A514-165E73822E29}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0011469B-379E-4FA3-A607-536D072AC0B7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4C12B57B-F1BF-438F-829E-DC0DD4B07964}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{14EC1289-1069-4A63-BD53-343E3AD9096E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C1F0716B-44A3-46A3-B7B9-9A07B74E2CF2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A09F7D40-FF86-4568-83D4-A8B535F23311}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{7C4AC122-5B8C-42D4-B306-CA5B5CCFD413}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3FC14C11-6C3F-4EE0-96A0-053C9DCE4D35}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{FCDF9451-6805-4EE9-9D8A-D77AB048A356}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{64D79D85-9B3F-4BE4-A534-2E7D472D82F9}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{B85CA09B-0CB6-48E8-AFC0-E1E62E605AED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{A8625FAE-708F-4FE4-AEEB-2E1C88219C13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9420667F-BADD-4C47-A27B-7813811B7A87}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F3488BBE-A218-46E1-9017-C2E276220550}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{24613572-3175-4711-99A5-88BAB6863F87}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{A5611BE7-1E4B-491E-8953-13DE70ED242A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{3508AA22-2CC1-4AA5-9BB9-3A667E4F2422}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{FE46F485-FCC5-49A3-86F4-AF9F19CEE54A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{40C65113-C748-492C-9E57-1E0429E44FD7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{A561128D-26F7-43A6-AEF9-227B332DBE42}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{BC6F75F6-006A-4399-81F3-484F5F50700D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{739D1243-9CF8-4CA6-80BE-5E6B3650A3F5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{55706D80-1505-40AF-A0CB-4B51A925E03C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{215BF219-5816-417C-B756-D7CAFE26E29B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{427A1B3B-F783-4766-A29F-3C1D89A35794}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A74D7C9B-1558-4787-95C3-4D3CD3415FD6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{725E1043-F688-412A-ABB3-DA7750976335}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5C16FFAA-EA05-450B-B572-D8C6C7B01B75}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1946FA9B-87D0-4030-BF0C-09D67040BE94}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DD598394-D80D-4C42-B655-BE8A38B50B06}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{61B83446-6601-4BBC-8FEC-369876997FB2}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{B94185A0-D302-491B-A587-4C210A2DD0A7}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{70C8DA3C-15B1-41D3-B34B-5EF28546E72F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6F4C0E84-C935-48D7-906E-D9C431FCC21E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{86F43607-36F8-44B2-8CCF-B16D08AACF16}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D760C498-6A49-4250-9750-A2DD2BE72AA9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{14807E4F-622B-4253-8814-5044615D5844}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6D7A78A0-E411-44A8-8D40-5C96545A1466}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{77039848-77CF-470E-8D1B-C420CA0BDD5E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{14FB50C8-53C8-4DF0-AE19-AB1D3FB52848}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/09/2015 11:56:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.7, Zeitstempel: 0x55091de0
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011891
ID des fehlerhaften Prozesses: 0x19ac
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5
Error: (05/07/2015 08:56:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x810
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (05/07/2015 08:56:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1908
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (05/07/2015 08:56:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x11b0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (05/05/2015 08:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x177c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (05/05/2015 08:36:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1994
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (05/05/2015 08:36:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.2.5583, Zeitstempel: 0x552ef76c
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.2.5583, Zeitstempel: 0x552ee9ae
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x824
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (05/03/2015 11:39:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.7, Zeitstempel: 0x55091de0
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011891
ID des fehlerhaften Prozesses: 0x188c
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5
Error: (05/03/2015 10:40:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: abFilesTrayIcon.exe, Version: 2.2.2002.0, Zeitstempel: 0x54f6c8a8
Name des fehlerhaften Moduls: abFilesTrayIcon.exe, Version: 2.2.2002.0, Zeitstempel: 0x54f6c8a8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001756e
ID des fehlerhaften Prozesses: 0x1810
Startzeit der fehlerhaften Anwendung: 0xabFilesTrayIcon.exe0
Pfad der fehlerhaften Anwendung: abFilesTrayIcon.exe1
Pfad des fehlerhaften Moduls: abFilesTrayIcon.exe2
Berichtskennung: abFilesTrayIcon.exe3
Vollständiger Name des fehlerhaften Pakets: abFilesTrayIcon.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: abFilesTrayIcon.exe5
Error: (04/28/2015 11:22:46 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
System errors:
=============
Error: (05/10/2015 00:28:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "User Experience Improvement Program" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2015 00:28:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/10/2015 00:28:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2015 00:28:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access RadioMgr Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2015 00:28:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2015 00:28:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2015 00:28:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2015 00:28:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/10/2015 00:28:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2015 00:28:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WTService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (05/09/2015 11:56:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.755091de0MSVCR100.dll10.0.40219.14d5f0c22c00000050001189119ac01d08a36ef76749aC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\SYSTEM32\MSVCR100.dlla7be4cb0-f631-11e4-8277-f0761c3c1254
Error: (05/07/2015 08:56:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa181001d088f4e0036a17C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb7b8c83f-f4ea-11e4-8277-f0761c3c1254
Error: (05/07/2015 08:56:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1190801d088f4dfdd4474C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb6b0228f-f4ea-11e4-8277-f0761c3c1254
Error: (05/07/2015 08:56:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa111b001d088f4df850d26C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb384b4c1-f4ea-11e4-8277-f0761c3c1254
Error: (05/05/2015 08:36:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1177c01d0875f95844bbdC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla460d31e-f355-11e4-8277-f0761c3c1254
Error: (05/05/2015 08:36:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa1199401d0875f95377a4fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla3510647-f355-11e4-8277-f0761c3c1254
Error: (05/05/2015 08:36:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa182401d0875f95007fc1C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla1231e8a-f355-11e4-8277-f0761c3c1254
Error: (05/03/2015 11:39:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.755091de0MSVCR100.dll10.0.40219.14d5f0c22c000000500011891188c01d085e16ce6289bC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\SYSTEM32\MSVCR100.dlldef6fa07-f1dc-11e4-8275-f0761c3c1254
Error: (05/03/2015 10:40:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: abFilesTrayIcon.exe2.2.2002.054f6c8a8abFilesTrayIcon.exe2.2.2002.054f6c8a8c00000050001756e181001d085e16c30f556C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exeC:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exeb0596ec9-f1d4-11e4-8275-f0761c3c1254
Error: (04/28/2015 11:22:46 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 16%
Total physical RAM: 8106.33 MB
Available physical RAM: 6802.63 MB
Total Pagefile: 9386.33 MB
Available Pagefile: 7965.18 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:915.17 GB) (Free:766.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 155A5B7F)
Partition: GPT Partition Type.
==================== End Of Log ============================
Und die FRST Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by MartinA (administrator) on MARTIN on 10-05-2015 12:32:33
Running from C:\Users\MartinA\Downloads
Loaded Profiles: MartinA (Available profiles: MartinA)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor)
HKLM\...\Run: [AtwtusbIcon] => C:\Windows\system32\AtwtusbIcon.exe [3593728 2012-09-10] ()
HKLM\...\Run: [MacrokeyManager] => WTMKM.exe
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-03-18] (Acer Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2015-04-16] ()
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3264276999-4266021351-3850562702-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-11-25] (Spotify Ltd)
HKU\S-1-5-21-3264276999-4266021351-3850562702-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2541312 2015-03-18] (Acer)
HKU\S-1-5-21-3264276999-4266021351-3850562702-1001\...\Run: [RemoteFilesTrayIcon] => C:\Program Files (x86)\Acer\abFiles\abFilesTrayIcon.exe [2045184 2015-03-04] (acer)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3264276999-4266021351-3850562702-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3264276999-4266021351-3850562702-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3264276999-4266021351-3850562702-1001 -> {DBDE7930-F865-4DDC-ACC5-7E5673D92EC0} URL =
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\MartinA\AppData\Roaming\Mozilla\Firefox\Profiles\bz1oh92f.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-02-15] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-02-15] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-02-15] ()
FF Extension: coupcoup - C:\Users\MartinA\AppData\Roaming\Mozilla\Firefox\Profiles\bz1oh92f.default\Extensions\tdjbomdedjedptg@ucmemqjyfolpudiugjg.edu [2015-05-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-02-15]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-02-15]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-02-15]
FF Extension: No Name - C:\Users\MartinA\AppData\Roaming\Mozilla\Firefox\Profiles\bz1oh92f.default\extensions\toolbar@web.de [Not Found]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Docs) - C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Kaspersky Protection) - C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\MartinA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2749696 2015-03-18] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-06-05] (Intel Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [326760 2014-09-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 WTService; C:\Windows\system32\atwtusb.exe [581120 2012-10-19] () [File not signed]
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-09] (ELAN Microelectronic Corp.)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-10] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-10] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [199624 2014-06-05] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [56008 2015-03-27] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247496 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [824008 2015-03-27] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [31432 2014-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [69320 2014-11-20] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 moufiltr; C:\Windows\System32\drivers\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [506072 2014-06-20] (Realsil Semiconductor Corporation)
S3 TabletFilter; C:\Windows\System32\drivers\TabletFilter.sys [7680 2012-08-15] (Windows (R) Win 7 DDK provider)
R3 vhidmini; C:\Windows\System32\drivers\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-10 12:32 - 2015-05-10 12:32 - 00017343 _____ () C:\Users\MartinA\Downloads\FRST.txt
2015-05-10 12:30 - 2015-05-10 12:30 - 00001728 _____ () C:\Users\MartinA\Desktop\JRT.txt
2015-05-10 12:28 - 2015-05-10 12:28 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MARTIN-Windows-8.1-(64-bit).dat
2015-05-10 12:28 - 2015-05-10 12:28 - 00000000 ____D () C:\RegBackup
2015-05-10 12:23 - 2015-05-10 12:26 - 02720307 _____ (Thisisu) C:\Users\MartinA\Downloads\JRT.exe
2015-05-10 12:22 - 2015-05-10 12:22 - 00003167 _____ () C:\Users\MartinA\Desktop\AdwCleaner[S1].txt
2015-05-10 12:18 - 2015-05-10 12:21 - 00000000 ____D () C:\AdwCleaner
2015-05-10 12:18 - 2015-05-10 12:18 - 02204160 _____ () C:\Users\MartinA\Downloads\AdwCleaner_4.203.exe
2015-05-10 12:17 - 2015-05-10 12:17 - 00022832 _____ () C:\Users\MartinA\Desktop\mbam.txt
2015-05-10 11:59 - 2015-05-10 12:16 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-10 11:59 - 2015-05-10 11:59 - 00001082 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-10 11:59 - 2015-05-10 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-10 11:59 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-10 11:59 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-10 11:59 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-10 11:58 - 2015-05-10 11:58 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\MartinA\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-09 12:10 - 2015-05-09 12:10 - 00000000 ____D () C:\Users\MartinA\Downloads\FRST-OlderVersion
2015-05-07 21:29 - 2015-05-07 21:29 - 00000000 ____D () C:\Users\MartinA\Downloads\RevoUninstallerPortable
2015-05-07 21:20 - 2015-05-10 12:32 - 00000000 ____D () C:\FRST
2015-05-07 21:19 - 2015-05-09 12:10 - 02102784 _____ (Farbar) C:\Users\MartinA\Downloads\FRST64.exe
2015-05-07 20:55 - 2015-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\Naruto Ultimate Battle 2
2015-05-05 20:36 - 2015-05-09 12:30 - 00000079 _____ () C:\Program Files (x86)\prefs.js
2015-04-28 11:52 - 2015-04-28 11:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-21 21:37 - 2014-10-29 05:59 - 03460472 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-04-21 21:37 - 2014-10-29 04:08 - 18822656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-04-21 21:37 - 2014-10-29 03:33 - 15157760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-04-21 21:37 - 2014-10-29 03:17 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-04-21 21:37 - 2014-10-29 03:02 - 14354944 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-04-21 21:37 - 2014-10-29 02:52 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-04-21 21:37 - 2014-10-29 02:46 - 09530368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2015-04-21 21:37 - 2014-10-29 02:45 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-04-21 21:36 - 2014-10-29 06:10 - 01816008 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2015-04-21 21:36 - 2014-10-29 06:00 - 02314952 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-04-21 21:36 - 2014-10-29 06:00 - 02229168 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-04-21 21:36 - 2014-10-29 05:59 - 02529856 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-04-21 21:36 - 2014-10-29 05:59 - 00014144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2015-04-21 21:36 - 2014-10-29 05:58 - 00014528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2015-04-21 21:36 - 2014-10-29 05:57 - 03138720 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2015-04-21 21:36 - 2014-10-29 05:57 - 03118096 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2015-04-21 21:36 - 2014-10-29 05:57 - 02745160 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-04-21 21:36 - 2014-10-29 05:57 - 02450216 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2015-04-21 21:36 - 2014-10-29 05:57 - 01286048 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2015-04-21 21:36 - 2014-10-29 05:55 - 02174976 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2015-04-21 21:36 - 2014-10-29 05:55 - 01660528 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-04-21 21:36 - 2014-10-29 05:55 - 01543768 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2015-04-21 21:36 - 2014-10-29 05:52 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-04-21 21:36 - 2014-10-29 05:52 - 02334080 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-04-21 21:36 - 2014-10-29 05:52 - 01518504 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-04-21 21:36 - 2014-10-29 05:52 - 01509688 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-04-21 21:36 - 2014-10-29 05:52 - 01288096 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2015-04-21 21:36 - 2014-10-29 05:52 - 01165744 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2015-04-21 21:36 - 2014-10-29 05:51 - 01310912 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-04-21 21:36 - 2014-10-29 05:13 - 01901240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-04-21 21:36 - 2014-10-29 05:12 - 01946144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-04-21 21:36 - 2014-10-29 05:12 - 01907384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2015-04-21 21:36 - 2014-10-29 05:11 - 02689392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2015-04-21 21:36 - 2014-10-29 05:11 - 02528760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-04-21 21:36 - 2014-10-29 05:11 - 02447104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2015-04-21 21:36 - 2014-10-29 05:11 - 01024200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2015-04-21 21:36 - 2014-10-29 05:10 - 01564464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2015-04-21 21:36 - 2014-10-29 05:10 - 01209624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-04-21 21:36 - 2014-10-29 05:07 - 02324208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-04-21 21:36 - 2014-10-29 04:59 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-04-21 21:36 - 2014-10-29 04:29 - 04483072 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2015-04-21 21:36 - 2014-10-29 04:25 - 00785920 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-04-21 21:36 - 2014-10-29 04:24 - 04418560 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-04-21 21:36 - 2014-10-29 04:19 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-04-21 21:36 - 2014-10-29 04:10 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-04-21 21:36 - 2014-10-29 04:00 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-04-21 21:36 - 2014-10-29 03:57 - 02924032 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2015-04-21 21:36 - 2014-10-29 03:56 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2015-04-21 21:36 - 2014-10-29 03:51 - 00941056 _____ (Microsoft Corporation) C:\Windows\system32\XpsFilt.dll
2015-04-21 21:36 - 2014-10-29 03:47 - 02072064 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2015-04-21 21:36 - 2014-10-29 03:45 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-04-21 21:36 - 2014-10-29 03:45 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\rdpinput.exe
2015-04-21 21:36 - 2014-10-29 03:44 - 02984448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-04-21 21:36 - 2014-10-29 03:43 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2015-04-21 21:36 - 2014-10-29 03:42 - 01999872 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-21 21:36 - 2014-10-29 03:40 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2015-04-21 21:36 - 2014-10-29 03:39 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-04-21 21:36 - 2014-10-29 03:38 - 04690432 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2015-04-21 21:36 - 2014-10-29 03:35 - 04709888 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-21 21:36 - 2014-10-29 03:35 - 03256320 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-04-21 21:36 - 2014-10-29 03:31 - 02941952 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2015-04-21 21:36 - 2014-10-29 03:28 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-04-21 21:36 - 2014-10-29 03:26 - 03561984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2015-04-21 21:36 - 2014-10-29 03:24 - 02464768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-21 21:36 - 2014-10-29 03:24 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2015-04-21 21:36 - 2014-10-29 03:22 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-04-21 21:36 - 2014-10-29 03:18 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-04-21 21:36 - 2014-10-29 03:17 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-04-21 21:36 - 2014-10-29 03:16 - 05267968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2015-04-21 21:36 - 2014-10-29 03:12 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-04-21 21:36 - 2014-10-29 03:11 - 01639424 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-04-21 21:36 - 2014-10-29 03:10 - 02469888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-04-21 21:36 - 2014-10-29 03:10 - 02344960 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-21 21:36 - 2014-10-29 03:08 - 02608640 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-04-21 21:36 - 2014-10-29 03:08 - 02542080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-04-21 21:36 - 2014-10-29 03:08 - 02174976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-04-21 21:36 - 2014-10-29 03:08 - 01822720 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2015-04-21 21:36 - 2014-10-29 03:05 - 03273216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-04-21 21:36 - 2014-10-29 03:03 - 04067840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-04-21 21:36 - 2014-10-29 03:03 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2015-04-21 21:36 - 2014-10-29 02:59 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-04-21 21:36 - 2014-10-29 02:54 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-04-21 21:36 - 2014-10-29 02:52 - 02554880 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-04-21 21:36 - 2014-10-29 02:52 - 02170368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-04-21 21:36 - 2014-10-29 02:52 - 01461248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2015-04-21 21:36 - 2014-10-29 02:52 - 01275904 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-04-21 21:36 - 2014-10-29 02:51 - 01554432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-21 21:36 - 2014-10-29 02:50 - 12749824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-04-21 21:36 - 2014-10-29 02:50 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2015-04-21 21:36 - 2014-10-29 02:48 - 03056128 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2015-04-21 21:36 - 2014-10-29 02:46 - 01919488 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-04-21 21:36 - 2014-10-29 02:46 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-04-21 21:36 - 2014-10-29 02:45 - 01725952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-04-21 21:36 - 2014-10-29 02:43 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-04-21 21:36 - 2014-10-29 02:42 - 01922560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-04-21 21:36 - 2014-10-29 02:42 - 01221120 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-04-21 21:36 - 2014-10-29 02:39 - 02814464 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-04-21 21:36 - 2014-10-29 02:38 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-21 21:36 - 2014-10-29 02:37 - 06386176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2015-04-21 21:36 - 2014-10-29 02:35 - 01668096 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-04-21 21:36 - 2014-10-29 02:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-04-21 21:36 - 2014-10-29 02:33 - 06213632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-21 21:36 - 2014-10-15 10:32 - 02025792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-04-21 21:36 - 2014-10-07 08:45 - 03307112 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-21 21:36 - 2014-10-07 05:44 - 02890296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-04-21 21:36 - 2014-09-25 05:42 - 00373568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-04-21 21:35 - 2014-10-29 06:09 - 01950280 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2015-04-21 21:35 - 2014-10-29 06:09 - 01239576 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2015-04-21 21:35 - 2014-10-29 06:00 - 01540696 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-04-21 21:35 - 2014-10-29 06:00 - 01385216 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-21 21:35 - 2014-10-29 06:00 - 00740664 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-04-21 21:35 - 2014-10-29 06:00 - 00544408 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-04-21 21:35 - 2014-10-29 05:57 - 01576312 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-04-21 21:35 - 2014-10-29 05:57 - 01552704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-04-21 21:35 - 2014-10-29 05:57 - 01210176 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2015-04-21 21:35 - 2014-10-29 05:57 - 00643064 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-04-21 21:35 - 2014-10-29 05:55 - 01133200 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-21 21:35 - 2014-10-29 05:55 - 01063432 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2015-04-21 21:35 - 2014-10-29 05:55 - 00730824 _____ (Microsoft Corporation) C:\Windows\system32\clbcatq.dll
2015-04-21 21:35 - 2014-10-29 05:52 - 01064720 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-04-21 21:35 - 2014-10-29 05:52 - 00988544 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2015-04-21 21:35 - 2014-10-29 05:52 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-04-21 21:35 - 2014-10-29 05:52 - 00952384 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-04-21 21:35 - 2014-10-29 05:52 - 00850656 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2015-04-21 21:35 - 2014-10-29 05:52 - 00821696 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-04-21 21:35 - 2014-10-29 05:52 - 00734448 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-04-21 21:35 - 2014-10-29 05:52 - 00634768 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-04-21 21:35 - 2014-10-29 05:52 - 00580024 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2015-04-21 21:35 - 2014-10-29 05:18 - 01782912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2015-04-21 21:35 - 2014-10-29 05:18 - 01103768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2015-04-21 21:35 - 2014-10-29 05:18 - 00848568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2015-04-21 21:35 - 2014-10-29 05:18 - 00016504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psapi.dll
2015-04-21 21:35 - 2014-10-29 05:11 - 01037656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2015-04-21 21:35 - 2014-10-29 05:10 - 01287112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2015-04-21 21:35 - 2014-10-29 05:10 - 01178104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 01321192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 01115104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 00959112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 00857384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 00785568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 00705008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 00700328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 00584120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 00551064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-04-21 21:35 - 2014-10-29 05:07 - 00482360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2015-04-21 21:35 - 2014-10-29 05:05 - 00890128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-04-21 21:35 - 2014-10-29 04:56 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2015-04-21 21:35 - 2014-10-29 04:50 - 01192960 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-04-21 21:35 - 2014-10-29 04:48 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2015-04-21 21:35 - 2014-10-29 04:43 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2015-04-21 21:35 - 2014-10-29 04:31 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\sqlceqp40.dll
2015-04-21 21:35 - 2014-10-29 04:29 - 01246720 _____ (Microsoft Corporation) C:\Windows\system32\ogldrv.dll
2015-04-21 21:35 - 2014-10-29 04:28 - 01502208 _____ (Microsoft Corporation) C:\Windows\system32\xpssvcs.dll
2015-04-21 21:35 - 2014-10-29 04:26 - 00771584 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2015-04-21 21:35 - 2014-10-29 04:17 - 02003456 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2015-04-21 21:35 - 2014-10-29 04:17 - 00537088 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-21 21:35 - 2014-10-29 04:11 - 01070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2015-04-21 21:35 - 2014-10-29 04:08 - 01540096 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2015-04-21 21:35 - 2014-10-29 04:08 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-04-21 21:35 - 2014-10-29 04:08 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2015-04-21 21:35 - 2014-10-29 04:07 - 06692352 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2015-04-21 21:35 - 2014-10-29 04:04 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2015-04-21 21:35 - 2014-10-29 04:03 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-21 21:35 - 2014-10-29 03:59 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2015-04-21 21:35 - 2014-10-29 03:56 - 01526784 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2015-04-21 21:35 - 2014-10-29 03:56 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-04-21 21:35 - 2014-10-29 03:55 - 01697280 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-04-21 21:35 - 2014-10-29 03:53 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-04-21 21:35 - 2014-10-29 03:53 - 01065984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8.dll
2015-04-21 21:35 - 2014-10-29 03:53 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2015-04-21 21:35 - 2014-10-29 03:52 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-21 21:35 - 2014-10-29 03:50 - 01289216 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2015-04-21 21:35 - 2014-10-29 03:49 - 00742400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlceqp40.dll
2015-04-21 21:35 - 2014-10-29 03:48 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-04-21 21:35 - 2014-10-29 03:47 - 01096192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ogldrv.dll
2015-04-21 21:35 - 2014-10-29 03:46 - 01497600 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-04-21 21:35 - 2014-10-29 03:45 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-04-21 21:35 - 2014-10-29 03:45 - 00672768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2015-04-21 21:35 - 2014-10-29 03:45 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-04-21 21:35 - 2014-10-29 03:43 - 01092608 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-04-21 21:35 - 2014-10-29 03:43 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2015-04-21 21:35 - 2014-10-29 03:42 - 03724800 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2015-04-21 21:35 - 2014-10-29 03:42 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\PurchaseWindowsLicense.dll
2015-04-21 21:35 - 2014-10-29 03:40 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-04-21 21:35 - 2014-10-29 03:39 - 01571328 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2015-04-21 21:35 - 2014-10-29 03:39 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-04-21 21:35 - 2014-10-29 03:37 - 01563136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2015-04-21 21:35 - 2014-10-29 03:37 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-04-21 21:35 - 2014-10-29 03:34 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-04-21 21:35 - 2014-10-29 03:34 - 01037824 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-04-21 21:35 - 2014-10-29 03:33 - 01056768 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2015-04-21 21:35 - 2014-10-29 03:32 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2015-04-21 21:35 - 2014-10-29 03:32 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-04-21 21:35 - 2014-10-29 03:30 - 06465536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2015-04-21 21:35 - 2014-10-29 03:30 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-04-21 21:35 - 2014-10-29 03:29 - 00833536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-04-21 21:35 - 2014-10-29 03:25 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-04-21 21:35 - 2014-10-29 03:25 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2015-04-21 21:35 - 2014-10-29 03:24 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-04-21 21:35 - 2014-10-29 03:24 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-04-21 21:35 - 2014-10-29 03:23 - 01500672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-04-21 21:35 - 2014-10-29 03:22 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2015-04-21 21:35 - 2014-10-29 03:22 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-04-21 21:35 - 2014-10-29 03:21 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-04-21 21:35 - 2014-10-29 03:20 - 01492480 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-04-21 21:35 - 2014-10-29 03:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2015-04-21 21:35 - 2014-10-29 03:19 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2015-04-21 21:35 - 2014-10-29 03:18 - 01050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2015-04-21 21:35 - 2014-10-29 03:17 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2015-04-21 21:35 - 2014-10-29 03:17 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-04-21 21:35 - 2014-10-29 03:16 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-04-21 21:35 - 2014-10-29 03:14 - 03553280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2015-04-21 21:35 - 2014-10-29 03:14 - 00854528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-04-21 21:35 - 2014-10-29 03:14 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-04-21 21:35 - 2014-10-29 03:14 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-04-21 21:35 - 2014-10-29 03:14 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2015-04-21 21:35 - 2014-10-29 03:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll
2015-04-21 21:35 - 2014-10-29 03:12 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2015-04-21 21:35 - 2014-10-29 03:11 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2015-04-21 21:35 - 2014-10-29 03:10 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-21 21:35 - 2014-10-29 03:09 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2015-04-21 21:35 - 2014-10-29 03:09 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\provcore.dll
2015-04-21 21:35 - 2014-10-29 03:09 - 00809984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-04-21 21:35 - 2014-10-29 03:09 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2015-04-21 21:35 - 2014-10-29 03:08 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-04-21 21:35 - 2014-10-29 03:08 - 01478144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2015-04-21 21:35 - 2014-10-29 03:08 - 00881664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2015-04-21 21:35 - 2014-10-29 03:07 - 01396736 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-04-21 21:35 - 2014-10-29 03:07 - 01247232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2015-04-21 21:35 - 2014-10-29 03:07 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-04-21 21:35 - 2014-10-29 03:07 - 00747008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-04-21 21:35 - 2014-10-29 03:07 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-04-21 21:35 - 2014-10-29 03:06 - 00747520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2015-04-21 21:35 - 2014-10-29 03:03 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2015-04-21 21:35 - 2014-10-29 03:03 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-04-21 21:35 - 2014-10-29 03:03 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2015-04-21 21:35 - 2014-10-29 03:01 - 01710592 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-04-21 21:35 - 2014-10-29 03:01 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-04-21 21:35 - 2014-10-29 03:01 - 00843776 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-04-21 21:35 - 2014-10-29 03:00 - 01705984 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-04-21 21:35 - 2014-10-29 03:00 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-04-21 21:35 - 2014-10-29 02:59 - 01636864 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2015-04-21 21:35 - 2014-10-29 02:59 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-04-21 21:35 - 2014-10-29 02:59 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-04-21 21:35 - 2014-10-29 02:59 - 01021440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-04-21 21:35 - 2014-10-29 02:56 - 01337344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-04-21 21:35 - 2014-10-29 02:56 - 01248256 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2015-04-21 21:35 - 2014-10-29 02:56 - 01028608 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-04-21 21:35 - 2014-10-29 02:56 - 01001984 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2015-04-21 21:35 - 2014-10-29 02:56 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-04-21 21:35 - 2014-10-29 02:56 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2015-04-21 21:35 - 2014-10-29 02:55 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2015-04-21 21:35 - 2014-10-29 02:53 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2015-04-21 21:35 - 2014-10-29 02:52 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-04-21 21:35 - 2014-10-29 02:52 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-04-21 21:35 - 2014-10-29 02:52 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2015-04-21 21:35 - 2014-10-29 02:52 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2015-04-21 21:35 - 2014-10-29 02:51 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2015-04-21 21:35 - 2014-10-29 02:50 - 01482752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2015-04-21 21:35 - 2014-10-29 02:48 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-04-21 21:35 - 2014-10-29 02:48 - 00949760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-04-21 21:35 - 2014-10-29 02:48 - 00562688 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2015-04-21 21:35 - 2014-10-29 02:47 - 02090496 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-04-21 21:35 - 2014-10-29 02:46 - 01265152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2015-04-21 21:35 - 2014-10-29 02:46 - 01015808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-04-21 21:35 - 2014-10-29 02:45 - 00918016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2015-04-21 21:35 - 2014-10-29 02:45 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-04-21 21:35 - 2014-10-29 02:42 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2015-04-21 21:35 - 2014-10-29 02:42 - 00654848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2015-04-21 21:35 - 2014-10-29 02:41 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-04-21 21:35 - 2014-10-29 02:41 - 01317376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2015-04-21 21:35 - 2014-10-29 02:41 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-04-21 21:35 - 2014-10-29 02:40 - 02104832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2015-04-21 21:35 - 2014-10-29 02:39 - 01000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-04-21 21:35 - 2014-10-29 02:38 - 01262080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-04-21 21:35 - 2014-10-29 02:37 - 00724480 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2015-04-21 21:35 - 2014-10-29 02:36 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-04-21 21:35 - 2014-10-29 02:36 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-04-21 21:35 - 2014-10-29 02:35 - 00772096 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2015-04-21 21:35 - 2014-10-29 02:35 - 00688128 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-21 21:35 - 2014-10-29 02:35 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2015-04-21 21:35 - 2014-10-29 02:33 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2015-04-21 21:35 - 2014-10-29 02:31 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2015-04-21 21:35 - 2014-10-29 02:30 - 00602624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2015-04-21 21:35 - 2014-10-09 00:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
|
So funktioniert es:
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
dann auf 
und dann auf 
. 