Nein ich hatte keine Funde, der letzte Scan liegt ca. 2 Tage zurück.
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Eva (administrator) on PNOTEBOOK on 03-04-2014 14:26:11
Running from C:\Users\Eva\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Akamai Technologies, Inc.) C:\Users\Eva\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Eva\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-07-18] (Alcor Micro Corp.)
HKLM-x32\...\Run: [LManager] - [X]
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Aeria Ignite] - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-4060989551-856434254-1111834742-1004\...\Run: [Akamai NetSession Interface] - C:\Users\Eva\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1316640 2013-10-31] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1008928 2013-10-31] (Conduit)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {DF6E6726-D617-4550-B3B6-8DAA2603033D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {DF6E6726-D617-4550-B3B6-8DAA2603033D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {DF6E6726-D617-4550-B3B6-8DAA2603033D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {DF6E6726-D617-4550-B3B6-8DAA2603033D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {DF6E6726-D617-4550-B3B6-8DAA2603033D} URL =
BHO: Plus-HD-2.2 - {11111111-1111-1111-1111-110311301136} - C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho64.dll (Plus HD)
BHO-x32: SaveSense - {0f21b1e5-5afc-43c9-9c66-515046e92ec2} - C:\Program Files (x86)\SaveSense\SaveSenseIE.dll (SaveSense)
BHO-x32: Plus-HD-2.2 - {11111111-1111-1111-1111-110311301136} - C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll (Plus HD)
DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} https://col0-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=1306276718
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\243ln5cg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Extension: Plus-HD-2.2 - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\243ln5cg.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com [2014-02-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Extension: (Plus-HD-2.2) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo [2014-02-24]
CHR Extension: (Google Wallet) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-24]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-05] (WildTangent)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-11-16] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe /svc [X]
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe /medsvc [X]
==================== Drivers (Whitelisted) ====================
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-19] (Avira Operations GmbH & Co. KG)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-01] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-11-16] (Dritek System Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-03 14:26 - 2014-04-03 14:26 - 00011144 _____ () C:\Users\Eva\Downloads\FRST.txt
2014-04-03 14:25 - 2014-04-03 14:26 - 00000000 ____D () C:\FRST
2014-04-03 14:24 - 2014-04-03 14:24 - 02157056 _____ (Farbar) C:\Users\Eva\Downloads\FRST64.exe
2014-04-01 19:11 - 2012-08-30 13:37 - 02213776 _____ (ELAN Microelectronics Corp.) C:\Windows\ETDUninst.dll
2014-04-01 18:38 - 2014-04-01 18:39 - 05192353 _____ (Swearware) C:\Users\Eva\Downloads\ComboFix.exe
2014-04-01 18:24 - 2014-04-01 22:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-01 18:24 - 2014-04-01 18:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-01 18:17 - 2014-04-01 18:18 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Eva\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-21 20:59 - 2014-03-21 20:59 - 00000000 ____D () C:\Users\Eva\AppData\Local\Skype
2014-03-21 20:58 - 2014-03-21 20:58 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-16 12:33 - 2014-03-16 12:33 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\dvdcss
2014-03-12 03:04 - 2014-02-23 10:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 03:03 - 2014-02-23 10:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 03:03 - 2014-02-23 10:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 03:03 - 2014-02-23 10:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-12 03:03 - 2014-02-23 10:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-12 03:03 - 2014-02-23 10:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 03:03 - 2014-02-23 10:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 03:03 - 2014-02-23 10:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 03:03 - 2014-02-23 10:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 03:03 - 2014-02-23 10:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 03:03 - 2014-02-23 10:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 03:03 - 2014-02-23 10:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 03:03 - 2014-02-23 10:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-12 03:03 - 2014-02-23 10:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 03:03 - 2014-02-23 10:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 03:03 - 2014-02-23 10:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 03:03 - 2014-02-23 08:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 03:03 - 2014-02-23 08:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 03:03 - 2014-02-23 08:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 03:03 - 2014-02-23 08:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 03:03 - 2014-02-23 08:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 03:03 - 2014-02-23 08:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 03:03 - 2014-02-23 06:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-03-12 03:02 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 03:02 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-12 03:02 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-12 03:01 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 03:01 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 03:01 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 03:01 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 03:01 - 2013-12-07 08:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-12 03:01 - 2013-12-07 07:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-11 01:50 - 2014-03-21 21:05 - 00000000 ____D () C:\Users\Eva\Documents\Bewerbung
2014-03-08 00:35 - 2014-03-05 00:52 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-08 00:35 - 2014-03-05 00:52 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== One Month Modified Files and Folders =======
2014-04-03 14:26 - 2014-04-03 14:26 - 00011144 _____ () C:\Users\Eva\Downloads\FRST.txt
2014-04-03 14:26 - 2014-04-03 14:25 - 00000000 ____D () C:\FRST
2014-04-03 14:24 - 2014-04-03 14:24 - 02157056 _____ (Farbar) C:\Users\Eva\Downloads\FRST64.exe
2014-04-03 14:21 - 2013-12-06 22:48 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\Skype
2014-04-03 14:18 - 2014-02-24 00:05 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-03 10:38 - 2013-06-27 00:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 10:36 - 2013-11-23 20:31 - 00000952 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-04-03 10:31 - 2013-11-23 20:31 - 00000316 _____ () C:\Windows\Tasks\SaveSense.job
2014-04-03 01:33 - 2013-11-23 20:33 - 00001318 _____ () C:\Windows\Tasks\Plus-HD-2.2-updater.job
2014-04-03 01:32 - 2013-11-23 20:32 - 00002094 _____ () C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job
2014-04-03 01:32 - 2013-11-23 20:32 - 00001930 _____ () C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job
2014-04-03 01:32 - 2013-11-23 20:32 - 00001220 _____ () C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job
2014-04-03 01:32 - 2013-11-23 20:32 - 00001120 _____ () C:\Windows\Tasks\Plus-HD-2.2-enabler.job
2014-04-02 22:18 - 2014-02-24 00:05 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-02 13:53 - 2014-02-16 19:49 - 00000000 ____D () C:\Users\Eva\AppData\Local\Akamai
2014-04-01 22:46 - 2014-04-01 18:24 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-01 22:13 - 2014-02-24 00:05 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-01 22:13 - 2014-02-24 00:05 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 19:38 - 2012-11-17 03:38 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-04-01 19:38 - 2012-11-17 03:38 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-04-01 19:38 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 19:36 - 2013-11-23 20:31 - 00000948 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-04-01 19:34 - 2013-12-17 22:49 - 00000000 ____D () C:\Users\Eva\AppData\Local\CrashDumps
2014-04-01 19:31 - 2013-11-23 20:32 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-2.2
2014-04-01 19:30 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-01 19:29 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-01 18:39 - 2014-04-01 18:38 - 05192353 _____ (Swearware) C:\Users\Eva\Downloads\ComboFix.exe
2014-04-01 18:24 - 2014-04-01 18:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-01 18:18 - 2014-04-01 18:17 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Eva\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-28 15:07 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-22 16:26 - 2013-12-28 18:26 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\vlc
2014-03-21 21:05 - 2014-03-11 01:50 - 00000000 ____D () C:\Users\Eva\Documents\Bewerbung
2014-03-21 20:59 - 2014-03-21 20:59 - 00000000 ____D () C:\Users\Eva\AppData\Local\Skype
2014-03-21 20:58 - 2014-03-21 20:58 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-21 20:58 - 2013-06-23 21:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-21 20:58 - 2013-06-23 21:26 - 00000000 ____D () C:\ProgramData\Skype
2014-03-16 12:33 - 2014-03-16 12:33 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\dvdcss
2014-03-15 19:20 - 2014-02-24 00:07 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 23:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-03-13 11:03 - 2013-12-06 22:46 - 00000000 ___RD () C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-13 11:03 - 2013-12-06 22:46 - 00000000 ___RD () C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-13 11:03 - 2013-12-06 22:13 - 00000000 ____D () C:\Users\Eva
2014-03-13 08:18 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-03-13 08:18 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 08:18 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 08:18 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-13 08:18 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-11 20:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-11 19:39 - 2013-06-27 00:46 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 01:53 - 2014-01-08 01:09 - 00160256 ___SH () C:\Users\Eva\Documents\Thumbs.db
2014-03-08 00:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-03-05 00:52 - 2014-03-08 00:35 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-05 00:52 - 2014-03-08 00:35 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\Eva\AppData\Local\Temp\avgnt.exe
C:\Users\Markus\AppData\Local\Temp\avgnt.exe
C:\Users\Markus\AppData\Local\Temp\nsj323F.exe
C:\Users\Markus\AppData\Local\Temp\nso7A48.exe
C:\Users\Markus\AppData\Local\Temp\nso7FC5.exe
C:\Users\Markus\AppData\Local\Temp\nsz3952.exe
C:\Users\Markus\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Markus\AppData\Local\Temp\uttD466.tmp.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-28 15:18
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Eva at 2014-04-03 14:28:47
Running from C:\Users\Eva\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.42.61513 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.42.61513 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.20821 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{7BABDF85-566A-FCC6-E6FE-12DCFF3F9FEB}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2012.0821.2159.37544 - Ihr Firmenname) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0821.2158.37544 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0821.2159.37544 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTION
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Grand Fantasia (HKLM-x32\...\Grand Fantasia) (Version: - )
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Inbetween Land (x32 Version: 3.0.2.59 - WildTangent) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Living Legends: Ice Rose Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Night Mysteries: The Amphora Prisoner (x32 Version: 3.0.2.59 - WildTangent) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plus-HD-2.2 (HKLM-x32\...\Plus-HD-2.2) (Version: 1.31.153.0 - Plus HD) <==== ATTENTION
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.02 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SaveSense (remove only) (HKLM-x32\...\SaveSense) (Version: 5.3.0.6 - SaveSense) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.8.11.9 - Conduit) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spielkanäle (x32 Version: 7.1.0.17 - WildTangent, Inc.) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Restore Points =========================
12-03-2014 13:31:23 Windows Update
22-03-2014 07:56:20 Geplanter Prüfpunkt
31-03-2014 22:56:36 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0CAD298B-3EEF-431A-9393-0C6E006E90BC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1B0694A2-0BC7-40B6-9F42-58FB3A7C23BD} - System32\Tasks\Plus-HD-2.2-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe <==== ATTENTION
Task: {1C7E3447-EC2F-40C6-A161-C9AE38B54723} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {42A1F2BD-3244-439D-9496-5FD8A8D900F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-24] (Google Inc.)
Task: {5B46D234-51C8-4A35-93AC-0C4091CCE49D} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {67399D38-3778-4EC6-962C-CC59FE1B903D} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {81DB2E35-769A-4AA6-9DDC-FE0BCC3555F1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {886F5320-0E3C-4EF6-8A21-6DA58DEF0C22} - System32\Tasks\Plus-HD-2.2-codedownloader => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe <==== ATTENTION
Task: {8D6583B1-4C5C-41BF-8F83-46C87B96A323} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {9000B426-DE68-4925-8110-4E705A7E5667} - System32\Tasks\Plus-HD-2.2-firefoxinstaller => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe <==== ATTENTION
Task: {98630434-19E8-42EB-A37F-DC6E31D26543} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-24] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B59218BE-E57E-4D29-96AE-D8E7D0BE8BC1} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {C4597549-4D65-41A2-BF88-8EFE0EB3C7CD} - System32\Tasks\Plus-HD-2.2-enabler => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-enabler.exe <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D33BCFA0-C109-448A-B9F0-0E06ECE8E904} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {D5B57553-D6EA-4DB4-B24D-2B6D5A3A16B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {E87C50DC-68D1-45F5-BDE9-9D2877CF61BC} - System32\Tasks\SaveSense => C:\Users\Markus\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F93DEA02-B3EB-46B5-A576-D0C24CE4F08E} - System32\Tasks\Plus-HD-2.2-updater => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-enabler.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-updater.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Markus\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-07-26 09:58 - 2012-07-26 09:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-10-13 11:30 - 2013-09-30 11:01 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2014-03-15 19:20 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 19:20 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 19:20 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 19:20 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 19:20 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 19:20 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-15 19:20 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/03/2014 02:18:05 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi
Error: (04/03/2014 02:08:07 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (04/03/2014 02:04:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PNOTEBOOK)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (04/03/2014 10:18:05 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi
Error: (04/03/2014 04:20:07 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi
Error: (04/03/2014 02:18:08 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi
Error: (04/03/2014 01:18:01 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi
Error: (04/03/2014 00:18:01 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi
Error: (04/02/2014 11:18:03 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi
Error: (04/02/2014 10:18:08 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi
System errors:
=============
Error: (04/01/2014 07:36:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sicherheitscenter" wurde mit folgendem Fehler beendet:
%%16389
Error: (04/01/2014 07:35:56 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: 1068upnphostNicht verfügbar{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (04/01/2014 07:35:56 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x8007042c
Error: (04/01/2014 07:35:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070
Error: (04/01/2014 07:35:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SSDP-Suche" wurde nicht richtig gestartet.
Error: (04/01/2014 07:34:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SaveSenseLive Service (savesenselive)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (04/03/2014 02:18:05 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/03/2014 02:08:07 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (04/03/2014 02:04:14 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PNOTEBOOK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147023174
Error: (04/03/2014 10:18:05 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/03/2014 04:20:07 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/03/2014 02:18:08 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/03/2014 01:18:01 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/03/2014 00:18:01 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/02/2014 11:18:03 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/02/2014 10:18:08 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\SaveSenseLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
==================== Memory info ===========================
Percentage of memory in use: 87%
Total physical RAM: 1738.25 MB
Available physical RAM: 211.56 MB
Total Pagefile: 3914.25 MB
Available Pagefile: 1183.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:282.94 GB) (Free:242.19 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 6C1B40A6)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Lesestoff:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
