Liste der Anhänge anzeigen (Anzahl: 1) Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-01 12:40:34
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000039 ST9500325AS rev.0001SDM1 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Acer\AppData\Local\Temp\fwloypow.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\Windows\system32\ntoskrnl.exe!KiCpuId + 988 fffff802aced83dc 1 byte [31]
---- User code sections - GMER 2.1 ----
.text C:\windows\system32\mfevtps.exe[1804] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306 000007fefd79177a 4 bytes [79, FD, FE, 07]
.text C:\windows\system32\mfevtps.exe[1804] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314 000007fefd791782 4 bytes [79, FD, FE, 07]
.text C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2476] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fefd79177a 4 bytes [79, FD, FE, 07]
.text C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2476] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fefd791782 4 bytes [79, FD, FE, 07]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4388] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fefd79177a 4 bytes [79, FD, FE, 07]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4388] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fefd791782 4 bytes [79, FD, FE, 07]
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW 000007feffcc259c 8 bytes JMP 000007fffd1a0340
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW 000007feffcc6b00 9 bytes JMP 000007fffd1a0298
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation 000007feffd45908 7 bytes JMP 000007fffd1a0260
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW 000007feffd61610 7 bytes JMP 000007fffd1a02d0
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW 000007feffd749a4 7 bytes JMP 000007fffd1a0228
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx 000007feffd74a38 8 bytes JMP 000007fffd1a01f0
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA 000007feffd75074 8 bytes JMP 000007fffd1a0308
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd1b1f70 7 bytes JMP 000007fffd1a00d8
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd1b1ff0 5 bytes JMP 000007fffd1a0180
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd1b5880 5 bytes JMP 000007fffd1a0110
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd1b8650 6 bytes JMP 000007fffd1a0148
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameExW 000007fefd1e0510 5 bytes JMP 000007fffd1a01b8
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\USER32.dll!CreateWindowExW 000007feffb5c5b0 7 bytes JMP 000007fffd1a0420
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo 000007feffb631f0 1 byte JMP 000007fffd1a0378
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2 000007feffb631f2 7 bytes {JMP 0xfffffffffd63d188}
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW 000007feffb633e0 5 bytes JMP 000007fffd1a03e8
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA 000007feffb67160 5 bytes JMP 000007fffd1a03b0
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefde71070 8 bytes JMP 000007fffd1a0490
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefde90bd0 8 bytes JMP 000007fffd1a0458
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\dxgi.dll!CreateDXGIFactory1 000007fefb596d10 5 bytes JMP 000007fffb580110
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\system32\dxgi.dll!CreateDXGIFactory 000007fefb59d060 5 bytes JMP 000007fffb5800d8
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\dwm.exe[1072] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\rundll32.exe[6760] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\rundll32.exe[6760] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\rundll32.exe[6760] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[3300] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[3300] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[3300] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[1688] C:\Windows\system32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[1688] C:\Windows\system32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[1688] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[1688] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fefd79177a 4 bytes [79, FD, FE, 07]
.text C:\Windows\system32\nvvsvc.exe[1688] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fefd791782 4 bytes [79, FD, FE, 07]
.text C:\Windows\system32\taskhostex.exe[5200] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\taskhostex.exe[5200] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\taskhostex.exe[5200] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\Explorer.EXE[5412] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007fef4121b32 4 bytes [12, F4, FE, 07]
.text C:\Windows\Explorer.EXE[5412] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007fef4121b3a 4 bytes [12, F4, FE, 07]
.text C:\Windows\Explorer.EXE[5412] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\Explorer.EXE[5412] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\Explorer.EXE[5412] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\Explorer.EXE[5412] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306 000007fefd79177a 4 bytes [79, FD, FE, 07]
.text C:\Windows\Explorer.EXE[5412] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314 000007fefd791782 4 bytes [79, FD, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1284] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1284] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[1284] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\System32\igfxtray.exe[5848] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\System32\igfxtray.exe[5848] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\System32\igfxtray.exe[5848] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\System32\hkcmd.exe[5392] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\System32\hkcmd.exe[5392] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\System32\hkcmd.exe[5392] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\System32\igfxpers.exe[7080] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fefd79177a 4 bytes [79, FD, FE, 07]
.text C:\Windows\System32\igfxpers.exe[7080] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fefd791782 4 bytes [79, FD, FE, 07]
.text C:\Windows\System32\igfxpers.exe[7080] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\System32\igfxpers.exe[7080] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\System32\igfxpers.exe[7080] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Elantech\ETDCtrl.exe[4420] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Elantech\ETDCtrl.exe[4420] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Elantech\ETDCtrl.exe[4420] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4176] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4176] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Elantech\ETDCtrlHelper.exe[4176] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Logitech Gaming Software\LCore.exe[4224] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306 000007fefd79177a 4 bytes [79, FD, FE, 07]
.text C:\Program Files\Logitech Gaming Software\LCore.exe[4224] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314 000007fefd791782 4 bytes [79, FD, FE, 07]
.text C:\Program Files\Logitech Gaming Software\LCore.exe[4224] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Logitech Gaming Software\LCore.exe[4224] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Logitech Gaming Software\LCore.exe[4224] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\wbem\unsecapp.exe[6348] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\wbem\unsecapp.exe[6348] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\wbem\unsecapp.exe[6348] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\igfxext.exe[6780] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\igfxext.exe[6780] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\igfxext.exe[6780] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\igfxsrvc.exe[5464] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\igfxsrvc.exe[5464] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\igfxsrvc.exe[5464] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[4784] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[4784] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe[4784] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\McAfee\MAT\McPvTray.exe[3296] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Program Files\McAfee\MAT\McPvTray.exe[3296] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\McAfee\MAT\McPvTray.exe[3296] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[3464] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306 000007fefd79177a 4 bytes [79, FD, FE, 07]
.text C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[3464] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314 000007fefd791782 4 bytes [79, FD, FE, 07]
.text C:\Program Files\mcafee\VirusScan\mcods.exe[4132] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fefd79177a 4 bytes [79, FD, FE, 07]
.text C:\Program Files\mcafee\VirusScan\mcods.exe[4132] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fefd791782 4 bytes [79, FD, FE, 07]
.text C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[1188] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306 000007fefd79177a 4 bytes [79, FD, FE, 07]
.text C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe[1188] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314 000007fefd791782 4 bytes [79, FD, FE, 07]
.text C:\Windows\system32\taskhost.exe[2344] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\taskhost.exe[2344] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\taskhost.exe[2344] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\conhost.exe[2532] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fef9521532 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\conhost.exe[2532] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fef952153a 4 bytes [52, F9, FE, 07]
.text C:\Windows\system32\conhost.exe[2532] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fef952165a 4 bytes [52, F9, FE, 07]
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2716:1728] 000007feed040b2c
Thread C:\Windows\system32\csrss.exe [6124:4044] fffff9600092e5e8
Thread C:\Windows\system32\csrss.exe [6124:1068] fffff9600092e5e8
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Gemacht (Siehe Anhang).
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by Acer (administrator) on SIBTOP on 01-08-2014 12:54:27
Running from C:\Users\Acer\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(McAfee, Inc.) C:\Program Files\mcafee\MAT\McPvTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skillbrains) C:\Users\Acer\AppData\Local\Skillbrains\lightshot\5.1.4.6\Lightshot.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-10-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2012-11-28] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-06-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2013-10-23] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [831192 2014-07-03] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3123453034-4028823714-348128312-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-16] (Valve Corporation)
HKU\S-1-5-21-3123453034-4028823714-348128312-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3123453034-4028823714-348128312-1002\...\Run: [Spotify Web Helper] => C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-10] (Spotify Ltd)
HKU\S-1-5-21-3123453034-4028823714-348128312-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-17] (Electronic Arts)
HKU\S-1-5-21-3123453034-4028823714-348128312-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Acer\AppData\Local\Akamai\netsession_win.exe [4672920 2014-03-06] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3123453034-4028823714-348128312-1002\...\Run: [LightShot] => C:\Users\Acer\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-07-01] ()
HKU\S-1-5-21-3123453034-4028823714-348128312-1002\...\Policies\Explorer: [DisallowRun] 1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll => "c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll" File Not Found
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=AC71809B20543175&affID=121845&tt=180613_ndt6&tsp=4921
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM - DefaultScope {CAB5592E-CC92-436E-A6E9-54E071E9E406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {CAB5592E-CC92-436E-A6E9-54E071E9E406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {CAB5592E-CC92-436E-A6E9-54E071E9E406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {CAB5592E-CC92-436E-A6E9-54E071E9E406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {BC49B688-265C-45BD-8A3F-F778A308CB32} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=AC71809B20543175&affID=121845&tt=180613_ndt6&tsp=4921
SearchScopes: HKCU - {96EA97C4-52BE-4710-AFB4-4BBF5F9ED96E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKCU - {B05A6E20-A422-4BF3-A46F-0AADB29EBCC3} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=973AD222-32B8-4BEC-81D3-D600A21B23F7&apn_sauid=69B4F2A5-350D-48AC-A85C-0EBF5EA44F4B
SearchScopes: HKCU - {BC49B688-265C-45BD-8A3F-F778A308CB32} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms}
SearchScopes: HKCU - {CAB5592E-CC92-436E-A6E9-54E071E9E406} URL =
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO-x32: Plus-HD-2.3 -> {11111111-1111-1111-1111-110311341126} -> C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD)
BHO-x32: PriceGong - Price Comparison -> {1631550F-191D-4826-B069-D9439253D926} -> C:\Program Files (x86)\PriceGong\2.6.11\PriceGongIE.dll (PriceGong)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.11.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-10-25]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-10-25]
FF HKCU\...\Firefox\Extensions: [{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] - C:\Program Files (x86)\PriceGong\2.6.11\FF
FF Extension: PriceGong - C:\Program Files (x86)\PriceGong\2.6.11\FF [2013-09-25]
Chrome:
=======
CHR HomePage: chrome://newtab
CHR StartupUrls: "hxxp://youtube.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Google Docs) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-27]
CHR Extension: (Google Drive) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-27]
CHR Extension: (YouTube) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-27]
CHR Extension: (Google-Suche) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-27]
CHR Extension: (SiteAdvisor) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-06-30]
CHR Extension: (AdBlock) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-13]
CHR Extension: (Twitch Live) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2014-03-08]
CHR Extension: (Google Wallet) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (365Scores - Live-Spielstände, Neuigkeiten) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpppefjehmjbiplimkfjeamnohldmko [2014-03-08]
CHR Extension: (Google Mail) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-27]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Acer\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-06-27]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.11\pricegong.crx [2013-03-04]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Acer\AppData\Roaming\BabSolution\CR\Delta.crx [2013-06-22]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Acer\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-04-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [405208 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
S4 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [4113400 2013-02-04] (devolo AG)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
S4 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-10-19] (ELAN Microelectronics Corp.)
S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-06-13] (Freemake) [File not signed]
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-11] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S4 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2012-11-28] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-07-03] (BlueStack Systems)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-07-03] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-11] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-11] (Intel Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2012-09-07] (CACE Technologies)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-11-28] (Dritek System Inc.)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 athr; \SystemRoot\system32\DRIVERS\athrx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
U3 fwloypow; \??\C:\Users\Acer\AppData\Local\Temp\fwloypow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-01 12:54 - 2014-08-01 12:54 - 00032171 _____ () C:\Users\Acer\Downloads\FRST.txt
2014-08-01 12:54 - 2014-08-01 12:54 - 00000000 ____D () C:\FRST
2014-08-01 12:47 - 2014-08-01 12:47 - 00000000 ____D () C:\Users\Acer\Documents\Lightshot
2014-08-01 12:46 - 2014-08-01 12:50 - 00000400 _____ () C:\Windows\Tasks\update-S-1-5-21-3123453034-4028823714-348128312-1002.job
2014-08-01 12:46 - 2014-08-01 12:46 - 02273984 _____ (Skillbrains ) C:\Users\Acer\Downloads\setup-lightshot.exe
2014-08-01 12:46 - 2014-08-01 12:46 - 00003270 _____ () C:\Windows\System32\Tasks\update-sys
2014-08-01 12:46 - 2014-08-01 12:46 - 00003246 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-3123453034-4028823714-348128312-1002
2014-08-01 12:46 - 2014-08-01 12:46 - 00000434 _____ () C:\Users\Acer\AppData\Local\UserProducts.xml
2014-08-01 12:46 - 2014-08-01 12:46 - 00000400 _____ () C:\Windows\Tasks\update-sys.job
2014-08-01 12:46 - 2014-08-01 12:46 - 00000003 _____ () C:\Users\Acer\AppData\Local\updater.log
2014-08-01 12:46 - 2014-08-01 12:46 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-08-01 12:46 - 2014-08-01 12:46 - 00000000 ____D () C:\Users\Acer\AppData\Local\Skillbrains
2014-08-01 12:46 - 2014-08-01 12:46 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-08-01 12:40 - 2014-08-01 12:40 - 00019968 _____ () C:\Users\Acer\Desktop\gmer.txt
2014-08-01 12:16 - 2014-08-01 12:16 - 00380416 _____ () C:\Users\Acer\Downloads\Gmer-19357.exe
2014-08-01 12:15 - 2014-08-01 12:15 - 00050477 _____ () C:\Users\Acer\Desktop\Defogger.exe
2014-08-01 12:15 - 2014-08-01 12:15 - 00000470 _____ () C:\Users\Acer\Desktop\defogger_disable.log
2014-08-01 12:15 - 2014-08-01 12:15 - 00000000 _____ () C:\Users\Acer\defogger_reenable
2014-08-01 12:08 - 2014-08-01 12:08 - 02094080 _____ (Farbar) C:\Users\Acer\Downloads\FRST64.exe
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-07-31 15:59 - 2014-07-31 15:59 - 187850512 _____ () C:\Users\Acer\Desktop\LP2.mp4
2014-07-31 12:21 - 2014-07-31 12:22 - 374774656 _____ () C:\Users\Acer\Desktop\csgo 2014-07-31 12-21-48-30.avi
2014-07-30 16:38 - 2014-07-30 16:38 - 119320085 _____ () C:\Users\Acer\Desktop\Untitled.mp4
2014-07-30 15:58 - 2014-07-30 15:58 - 00027591 _____ () C:\Users\Acer\AppData\Local\recently-used.xbel
2014-07-29 18:31 - 2014-07-29 18:31 - 00000000 ____D () C:\Users\Acer\Desktop\Foto-Bestellung
2014-07-29 17:09 - 2014-07-29 17:09 - 182460392 _____ () C:\Users\Acer\Desktop\lp1.mp4
2014-07-29 15:58 - 2014-07-29 15:59 - 130299481 _____ () C:\Users\Acer\Desktop\CC.mp4
2014-07-28 19:24 - 2014-07-30 15:58 - 00000000 ____D () C:\Users\Acer\Desktop\Clash
2014-07-28 17:23 - 2014-07-28 17:23 - 00001860 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-07-28 17:23 - 2014-07-28 17:23 - 00001811 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-07-28 17:22 - 2014-07-28 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-07-28 17:22 - 2014-07-28 17:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-07-28 17:22 - 2014-07-28 17:22 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-07-28 17:21 - 2014-07-28 17:21 - 00000000 ____D () C:\Users\Acer\AppData\Local\Bluestacks
2014-07-28 17:15 - 2014-07-28 18:12 - 00003852 _____ () C:\Windows\windefendam.log
2014-07-28 17:15 - 2014-07-28 18:12 - 00000020 _____ () C:\Windows\capsys184523.log
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Mirillis
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\Users\Acer\AppData\Local\Mirillis
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\ProgramData\Mirillis
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\Action!
2014-07-27 17:58 - 2014-07-27 17:58 - 00000295 _____ () C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb (3).lnk
2014-07-26 19:08 - 2014-07-26 19:09 - 00000000 ____D () C:\Users\Acer\AppData\Local\QQSM
2014-07-26 19:07 - 2014-07-26 19:07 - 00001035 _____ () C:\Users\Public\Desktop\Hazard Ops.lnk
2014-07-26 19:07 - 2014-07-26 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hazard Ops
2014-07-26 18:56 - 2014-07-26 19:07 - 00000000 ____D () C:\Program Files (x86)\Hazard Ops
2014-07-26 16:21 - 2014-07-26 19:08 - 00000000 ____D () C:\ProgramData\Solid State Networks
2014-07-26 16:21 - 2014-07-26 18:55 - 00000000 ____D () C:\Users\Acer\Desktop\Hazard Ops Download
2014-07-23 18:39 - 2014-07-23 18:39 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\java
2014-07-23 18:35 - 2014-07-23 18:34 - 00321448 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-23 18:06 - 2014-07-30 18:21 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\.minecraft
2014-07-23 18:03 - 2014-07-23 18:03 - 00675988 _____ () C:\Users\Acer\Desktop\Minecraft.exe
2014-07-02 14:40 - 2014-07-28 17:43 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-01 12:55 - 2013-06-27 13:27 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-01 12:55 - 2013-06-27 13:27 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-01 12:54 - 2014-08-01 12:54 - 00032171 _____ () C:\Users\Acer\Downloads\FRST.txt
2014-08-01 12:54 - 2014-08-01 12:54 - 00000000 ____D () C:\FRST
2014-08-01 12:50 - 2014-08-01 12:46 - 00000400 _____ () C:\Windows\Tasks\update-S-1-5-21-3123453034-4028823714-348128312-1002.job
2014-08-01 12:47 - 2014-08-01 12:47 - 00000000 ____D () C:\Users\Acer\Documents\Lightshot
2014-08-01 12:47 - 2013-06-08 15:46 - 05718016 ___SH () C:\Users\Acer\Desktop\Thumbs.db
2014-08-01 12:46 - 2014-08-01 12:46 - 02273984 _____ (Skillbrains ) C:\Users\Acer\Downloads\setup-lightshot.exe
2014-08-01 12:46 - 2014-08-01 12:46 - 00003270 _____ () C:\Windows\System32\Tasks\update-sys
2014-08-01 12:46 - 2014-08-01 12:46 - 00003246 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-3123453034-4028823714-348128312-1002
2014-08-01 12:46 - 2014-08-01 12:46 - 00000434 _____ () C:\Users\Acer\AppData\Local\UserProducts.xml
2014-08-01 12:46 - 2014-08-01 12:46 - 00000400 _____ () C:\Windows\Tasks\update-sys.job
2014-08-01 12:46 - 2014-08-01 12:46 - 00000003 _____ () C:\Users\Acer\AppData\Local\updater.log
2014-08-01 12:46 - 2014-08-01 12:46 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-08-01 12:46 - 2014-08-01 12:46 - 00000000 ____D () C:\Users\Acer\AppData\Local\Skillbrains
2014-08-01 12:46 - 2014-08-01 12:46 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-08-01 12:40 - 2014-08-01 12:40 - 00019968 _____ () C:\Users\Acer\Desktop\gmer.txt
2014-08-01 12:16 - 2014-08-01 12:16 - 00380416 _____ () C:\Users\Acer\Downloads\Gmer-19357.exe
2014-08-01 12:16 - 2013-06-22 18:16 - 00001210 _____ () C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2014-08-01 12:16 - 2013-06-22 18:16 - 00001206 _____ () C:\Windows\Tasks\Plus-HD-2.3-updater.job
2014-08-01 12:16 - 2013-06-22 18:16 - 00001110 _____ () C:\Windows\Tasks\Plus-HD-2.3-enabler.job
2014-08-01 12:15 - 2014-08-01 12:15 - 00050477 _____ () C:\Users\Acer\Desktop\Defogger.exe
2014-08-01 12:15 - 2014-08-01 12:15 - 00000470 _____ () C:\Users\Acer\Desktop\defogger_disable.log
2014-08-01 12:15 - 2014-08-01 12:15 - 00000000 _____ () C:\Users\Acer\defogger_reenable
2014-08-01 12:15 - 2013-06-02 18:12 - 00000000 ____D () C:\Users\Acer
2014-08-01 12:08 - 2014-08-01 12:08 - 02094080 _____ (Farbar) C:\Users\Acer\Downloads\FRST64.exe
2014-08-01 12:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-01 11:35 - 2014-08-01 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-01 11:35 - 2013-08-07 15:27 - 00001848 _____ () C:\Users\Public\Desktop\McAfee Total Protection.lnk
2014-08-01 11:32 - 2013-10-08 13:15 - 00000000 __RSD () C:\Users\Acer\Documents\McAfee-Tresore
2014-08-01 11:26 - 2014-03-18 17:28 - 05036472 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-01 11:26 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-01 11:26 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-01 10:42 - 2013-06-05 18:48 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Skype
2014-08-01 10:39 - 2013-06-22 13:06 - 00000000 ____D () C:\Users\Acer\AppData\Local\Adobe
2014-07-31 19:56 - 2013-06-06 15:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-31 15:59 - 2014-07-31 15:59 - 187850512 _____ () C:\Users\Acer\Desktop\LP2.mp4
2014-07-31 15:56 - 2013-06-02 18:37 - 00000000 ____D () C:\Users\Acer\AppData\Local\CrashDumps
2014-07-31 12:22 - 2014-07-31 12:21 - 374774656 _____ () C:\Users\Acer\Desktop\csgo 2014-07-31 12-21-48-30.avi
2014-07-30 18:21 - 2014-07-23 18:06 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\.minecraft
2014-07-30 16:38 - 2014-07-30 16:38 - 119320085 _____ () C:\Users\Acer\Desktop\Untitled.mp4
2014-07-30 16:00 - 2013-08-27 12:09 - 00000000 ____D () C:\Users\Acer\.gimp-2.8
2014-07-30 15:58 - 2014-07-30 15:58 - 00027591 _____ () C:\Users\Acer\AppData\Local\recently-used.xbel
2014-07-30 15:58 - 2014-07-28 19:24 - 00000000 ____D () C:\Users\Acer\Desktop\Clash
2014-07-30 15:58 - 2013-08-28 10:55 - 00000000 ____D () C:\Users\Acer\AppData\Local\gtk-2.0
2014-07-29 19:54 - 2012-11-29 07:27 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-07-29 19:54 - 2012-11-29 07:27 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-07-29 19:54 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-29 18:32 - 2012-07-26 09:21 - 00054262 _____ () C:\Windows\setupact.log
2014-07-29 18:31 - 2014-07-29 18:31 - 00000000 ____D () C:\Users\Acer\Desktop\Foto-Bestellung
2014-07-29 17:09 - 2014-07-29 17:09 - 182460392 _____ () C:\Users\Acer\Desktop\lp1.mp4
2014-07-29 15:59 - 2014-07-29 15:58 - 130299481 _____ () C:\Users\Acer\Desktop\CC.mp4
2014-07-28 18:12 - 2014-07-28 17:15 - 00003852 _____ () C:\Windows\windefendam.log
2014-07-28 18:12 - 2014-07-28 17:15 - 00000020 _____ () C:\Windows\capsys184523.log
2014-07-28 17:43 - 2014-07-02 14:40 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-07-28 17:23 - 2014-07-28 17:23 - 00001860 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-07-28 17:23 - 2014-07-28 17:23 - 00001811 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-07-28 17:23 - 2012-07-26 10:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-28 17:22 - 2014-07-28 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-07-28 17:22 - 2014-07-28 17:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-07-28 17:22 - 2014-07-28 17:22 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-07-28 17:21 - 2014-07-28 17:21 - 00000000 ____D () C:\Users\Acer\AppData\Local\Bluestacks
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Mirillis
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\Users\Acer\AppData\Local\Mirillis
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\ProgramData\Mirillis
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-07-28 17:15 - 2014-07-28 17:15 - 00000000 ____D () C:\Action!
2014-07-28 15:34 - 2012-10-25 06:28 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-07-28 15:33 - 2012-10-25 05:55 - 00175786 _____ () C:\Windows\PFRO.log
2014-07-27 19:05 - 2013-06-02 18:20 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3123453034-4028823714-348128312-1002
2014-07-27 17:58 - 2014-07-27 17:58 - 00000295 _____ () C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb (3).lnk
2014-07-27 17:46 - 2014-05-16 19:47 - 00000000 ____D () C:\Users\Acer\Desktop\YoutubeDownload
2014-07-27 15:25 - 2014-05-17 16:37 - 00000000 ____D () C:\Users\Acer\Desktop\Videos - ungerendert
2014-07-27 15:00 - 2013-06-08 15:32 - 00000000 ____D () C:\Fraps
2014-07-27 12:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-26 19:09 - 2014-07-26 19:08 - 00000000 ____D () C:\Users\Acer\AppData\Local\QQSM
2014-07-26 19:08 - 2014-07-26 16:21 - 00000000 ____D () C:\ProgramData\Solid State Networks
2014-07-26 19:07 - 2014-07-26 19:07 - 00001035 _____ () C:\Users\Public\Desktop\Hazard Ops.lnk
2014-07-26 19:07 - 2014-07-26 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hazard Ops
2014-07-26 19:07 - 2014-07-26 18:56 - 00000000 ____D () C:\Program Files (x86)\Hazard Ops
2014-07-26 18:55 - 2014-07-26 16:21 - 00000000 ____D () C:\Users\Acer\Desktop\Hazard Ops Download
2014-07-26 15:13 - 2013-06-08 16:05 - 00000000 ____D () C:\Users\Acer\AppData\Local\Windows Live
2014-07-26 15:11 - 2012-10-25 06:32 - 00000000 ____D () C:\Program Files (x86)\EgisTec MyWinLocker
2014-07-26 15:07 - 2012-10-25 06:32 - 00000000 ____D () C:\ProgramData\EgisTec IPS
2014-07-26 15:05 - 2012-10-25 06:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-25 11:05 - 2013-11-09 15:59 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Spotify
2014-07-25 10:38 - 2012-10-25 06:29 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-07-25 10:37 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-23 18:39 - 2014-07-23 18:39 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\java
2014-07-23 18:37 - 2013-11-09 15:59 - 00000000 ____D () C:\Users\Acer\AppData\Local\Spotify
2014-07-23 18:34 - 2014-07-23 18:35 - 00321448 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-23 18:34 - 2014-05-16 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-07-23 18:34 - 2014-04-22 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-23 18:34 - 2013-06-07 18:01 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-23 18:34 - 2013-06-07 18:01 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-23 18:34 - 2013-06-07 18:01 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-23 18:34 - 2013-06-07 18:00 - 00000000 ____D () C:\Program Files\Java
2014-07-23 18:03 - 2014-07-23 18:03 - 00675988 _____ () C:\Users\Acer\Desktop\Minecraft.exe
2014-07-10 13:17 - 2013-09-22 19:44 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\TS3Client
2014-07-08 17:04 - 2012-07-26 07:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
Files to move or delete:
====================
C:\Users\Acer\jagex_cl_runescape_LIVE.dat
C:\Users\Acer\random.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
safeboot: ==> The system is configured to boot to Safe Mode <===== ATTENTION!
LastRegBack: 2014-07-22 19:43
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02
Ran by Acer at 2014-08-01 12:55:20
Running from C:\Users\Acer\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
Ace of Spades (HKLM-x32\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.19.2 - Mirillis)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.0.0.181 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Any Video Converter 5.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arctic Combat (HKLM-x32\...\Steam App 212370) (Version: - Battery Studio)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audacity Bundle by Fileparade.com (HKLM-x32\...\Audacity Bundle by Fileparade.com) (Version: 1.0.0.0 - SweetPacks LTD) <==== ATTENTION
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{1AFACC2A-9A60-43EF-ABDB-2CEECA5EA77F}) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
BrowserDefender (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - Bit89 Inc) <==== ATTENTION
Build and Shoot Launcher 1.1 (HKLM-x32\...\Build and Shoot Launcher) (Version: 1.1 - Buld Then Snip, LLC)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version: - Visual Tools) <==== ATTENTION
Delta toolbar (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta) <==== ATTENTION
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.0.0.0 - devolo AG)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
ETDWare PS/2-X64 11.6.13.004_WHQL (HKLM\...\Elantech) (Version: 11.6.13.004 - ELAN Microelectronic Corp.)
Euro Truck Simulator 2 Demo (HKLM-x32\...\Steam App 231120) (Version: - SCS Software)
FileZilla Client 3.7.1.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.1.1 - Tim Kosse)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Video Converter V 3.1 (HKLM-x32\...\Free Video Converter_is1) (Version: 3.1.0.0 - Koyote Soft)
Free Video to Flash Converter version 5.0.25.610 (HKLM-x32\...\Free Video to Flash Converter_is1) (Version: 5.0.25.610 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.25.610 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.25.610 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.8.717 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.8.717 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.3.610 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.3.610 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.0.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version: - )
HandBrake 0.9.9 (HKLM-x32\...\HandBrake) (Version: 0.9.9 - )
Hazard Ops (HKLM-x32\...\{F70DE052-CFFD-4DCB-8DA3-3ECAAFBB7D15}}_is1) (Version: 0.2.0.2042 - Infernum Productions AG)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.11.12 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 55 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.7 - Acer Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lightshot-5.1.4.6 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.6 - Skillbrains)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.0.6.2000 - Maxthon International Limited)
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
MotoGP™13 Demo (HKLM-x32\...\Steam App 243820) (Version: - Milestone S.r.l.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version: - No More Room in Hell Team)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.2 - Notepad++ Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3200 - Acer)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plus-HD-2.3 (HKLM-x32\...\Plus-HD-2.3) (Version: 1.27.153.5 - Plus HD) <==== ATTENTION
Pokemon Online 2.3.0 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version: - Dreambelievers)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PriceGong 2.6.11 (HKLM-x32\...\PriceGong) (Version: 2.6.11 - PriceGong) <==== ATTENTION
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH)
ROCCAT Power-Grid Version 0.459 (HKLM-x32\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.459 - ROCCAT GmbH)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TI-Nspire(TM) CAS Student Software (HKLM-x32\...\{E8CC9064-8382-4D5C-9E55-F88D9541FFC0}) (Version: 3.2.0.1219 - Texas Instruments Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.17 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
XSplit Broadcaster (HKLM-x32\...\{4BC33FAB-4249-44D7-88A3-22682C577EE3}) (Version: 1.3.1310.1103 - SplitMediaLabs)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
10-07-2014 11:30:49 Geplanter Prüfpunkt
22-07-2014 17:47:10 Geplanter Prüfpunkt
26-07-2014 13:02:21 Konfiguriert MediaEspresso
27-07-2014 15:43:05 Removed BlueStacks Notification Center
01-08-2014 10:07:57 Removed Camtasia Studio 8
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05CD3BEF-3BFF-4B1D-A23F-940590DFAA65} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert
Task: {0904E6E4-9C2B-4F4C-B68E-4C980588F693} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {1374B489-39EC-4BA9-BE12-9DCFBE284FF5} - System32\Tasks\{7DB51D54-7340-4D9C-B8C2-98EC221A65CF} => c:\program files (x86)\maxthon\bin\maxthon.exe [2013-05-06] (Maxthon International ltd.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BB228C1-5DAD-465B-9C57-78681F1880D3} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {1C56FD5E-D85C-41E5-9224-C897114D1757} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {260E584D-B1F8-4579-84CF-F51FC00AA7E6} - System32\Tasks\{C59678A3-9AB9-496D-865B-6F398E1DEC86} => c:\program files (x86)\maxthon\bin\maxthon.exe [2013-05-06] (Maxthon International ltd.)
Task: {26F72A6D-3F73-49B0-8B99-5E273B515A50} - System32\Tasks\{1D234A3F-0A38-4D93-83F8-F950A7A977AD} => c:\program files (x86)\maxthon\bin\maxthon.exe [2013-05-06] (Maxthon International ltd.)
Task: {2BBDF949-171E-47C1-A55C-A8292D1AE47A} - System32\Tasks\{68F5A7AF-B70A-4DE7-85B1-21BCE0133032} => c:\program files (x86)\maxthon\bin\maxthon.exe [2013-05-06] (Maxthon International ltd.)
Task: {2CBEF043-7831-47A1-8D78-E9702901CD6B} - System32\Tasks\Plus-HD-2.3-enabler => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-12-26] (Plus HD)
Task: {3B8F4F3C-D5C5-42B2-89F2-D7E85D273F52} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-22] (Microsoft Corporation)
Task: {44A55202-E24E-402B-B96C-9F2B7C906C9B} - System32\Tasks\update-S-1-5-21-3123453034-4028823714-348128312-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {52EF4DF8-76E9-4CC4-AA1D-F6AE1AB61497} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {7F6C71C4-B065-4130-9449-170A55255CC5} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-06-03] (Maxthon International ltd.)
Task: {813F38FD-4DA1-4E63-8833-BFA0A546670C} - System32\Tasks\EPUpdater => C:\Users\Acer\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
Task: {93347DF4-5F18-4248-AEE6-D871894B8294} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {99D45DB4-7AA0-4999-AE64-0E0503D384A6} - System32\Tasks\Plus-HD-2.3-codedownloader => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-06-22] (Plus HD)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A9B3D63B-DE1C-4886-917E-D58A3BA32ADB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-27] (Google Inc.)
Task: {AB8F1880-B29A-4B00-9084-D011A02C97A7} - System32\Tasks\Plus-HD-2.3-updater => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-06-22] (Plus HD)
Task: {AF9CD05D-B25C-4EC7-B86D-8C27BAAC3146} - System32\Tasks\AdobeAAMUpdater-1.0-SibTop-Acer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {B1D35763-18E8-4151-8F73-7626C0DBD09D} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {B8E9693A-7C3B-46D6-8BD2-3C064F6F956C} - System32\Tasks\{D56270AE-F972-4A9B-AC8D-607AF94A4925} => c:\program files (x86)\maxthon\bin\maxthon.exe [2013-05-06] (Maxthon International ltd.)
Task: {C53BD627-907F-46DC-8AC1-12B1F018D8DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-27] (Google Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EACCC4AB-96B2-42EA-8EEE-1335F0E399BC} - System32\Tasks\{FEFAFBD3-E9E9-442A-BF1C-1A8745FEB34C} => c:\program files (x86)\maxthon\bin\maxthon.exe [2013-05-06] (Maxthon International ltd.)
Task: {EBB5E046-98AD-4CAE-ACD7-CF3AC4482B1E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FBA71317-EB0D-4719-A075-715EE0EA0F86} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\update-S-1-5-21-3123453034-4028823714-348128312-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) =============
2014-04-22 17:10 - 2014-03-04 16:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-22 17:19 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-06-11 23:58 - 2013-06-11 23:58 - 03316080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-07-26 09:58 - 2012-07-26 09:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-10-29 07:33 - 2012-10-23 20:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-11 20:21 - 2014-02-11 20:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-02-11 20:21 - 2014-02-11 20:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-06-11 23:58 - 2013-06-11 23:58 - 04513648 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-11-28 22:42 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-06-13 22:11 - 2013-06-13 22:11 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 13:42 - 2013-06-05 14:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-03-26 17:27 - 2012-06-23 15:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2013-06-11 23:57 - 2013-06-11 23:57 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll
2013-06-27 22:12 - 2013-06-27 22:12 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-04-22 17:10 - 2014-03-04 16:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-07-22 14:57 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-22 14:57 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-22 14:57 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-22 14:57 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-22 14:57 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-22 14:57 - 2014-07-15 11:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Acer\AppData\Local\Temporary Internet Files:BQvlh9x4TJm7wCjTHxVXKY3j
AlternateDataStreams: C:\Users\Acer\AppData\Local\Temporary Internet Files:Sqy0f8GJCFuB9poCX4gmtpk7NDcbYX
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BrcmCardReader => 2
MSCONFIG\Services: DevoloNetworkService => 2
MSCONFIG\Services: DsiWMIService => 2
MSCONFIG\Services: EgisTec Ticket Service => 3
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: Freemake Improver => 2
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: RfButtonDriverService => 2
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKCU\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "EADM"
HKCU\...\StartupApproved\Run: => "Akamai NetSession Interface"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/01/2014 11:30:31 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to launch stream service as user [87]
Error: (07/31/2014 03:56:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HD-Frontend.exe, Version: 0.8.12.3119, Zeitstempel: 0x53b58743
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xc0020001
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x2f8
Startzeit der fehlerhaften Anwendung: 0xHD-Frontend.exe0
Pfad der fehlerhaften Anwendung: HD-Frontend.exe1
Pfad des fehlerhaften Moduls: HD-Frontend.exe2
Berichtskennung: HD-Frontend.exe3
Vollständiger Name des fehlerhaften Pakets: HD-Frontend.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HD-Frontend.exe5
Error: (07/31/2014 03:48:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HD-Frontend.exe, Version: 0.8.12.3119, Zeitstempel: 0x53b58743
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xc0020001
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x1df8
Startzeit der fehlerhaften Anwendung: 0xHD-Frontend.exe0
Pfad der fehlerhaften Anwendung: HD-Frontend.exe1
Pfad des fehlerhaften Moduls: HD-Frontend.exe2
Berichtskennung: HD-Frontend.exe3
Vollständiger Name des fehlerhaften Pakets: HD-Frontend.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HD-Frontend.exe5
Error: (07/31/2014 03:03:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm HD-Frontend.exe, Version 0.8.12.3119 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f2c
Startzeit: 01cfacbfc4baf785
Endzeit: 12
Anwendungspfad: C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
Berichts-ID: 0d675112-18b3-11e4-beb7-b888e3da3fac
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/31/2014 11:23:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HD-Frontend.exe, Version: 0.8.12.3119, Zeitstempel: 0x53b58743
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xc0020001
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x12dc
Startzeit der fehlerhaften Anwendung: 0xHD-Frontend.exe0
Pfad der fehlerhaften Anwendung: HD-Frontend.exe1
Pfad des fehlerhaften Moduls: HD-Frontend.exe2
Berichtskennung: HD-Frontend.exe3
Vollständiger Name des fehlerhaften Pakets: HD-Frontend.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HD-Frontend.exe5
Error: (07/31/2014 10:11:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_wcncsvc, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a4e
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16579, Zeitstempel: 0x51637f77
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005af58
ID des fehlerhaften Prozesses: 0x1818
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_wcncsvc0
Pfad der fehlerhaften Anwendung: svchost.exe_wcncsvc1
Pfad des fehlerhaften Moduls: svchost.exe_wcncsvc2
Berichtskennung: svchost.exe_wcncsvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_wcncsvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_wcncsvc5
Error: (07/30/2014 04:27:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HD-Frontend.exe, Version: 0.8.12.3119, Zeitstempel: 0x53b58743
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xc0020001
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x1914
Startzeit der fehlerhaften Anwendung: 0xHD-Frontend.exe0
Pfad der fehlerhaften Anwendung: HD-Frontend.exe1
Pfad des fehlerhaften Moduls: HD-Frontend.exe2
Berichtskennung: HD-Frontend.exe3
Vollständiger Name des fehlerhaften Pakets: HD-Frontend.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HD-Frontend.exe5
Error: (07/29/2014 05:09:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gimp-2.8.exe, Version 2.8.6.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1100
Startzeit: 01cfab3f1294a66a
Endzeit: 2
Anwendungspfad: C:\Program Files\GIMP 2\bin\gimp-2.8.exe
Berichts-ID: 5d2f4374-1732-11e4-beb7-b888e3da3fac
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/29/2014 05:09:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gimp-2.8.exe, Version 2.8.6.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17bc
Startzeit: 01cfab3ecd1d7d0a
Endzeit: 25
Anwendungspfad: C:\Program Files\GIMP 2\bin\gimp-2.8.exe
Berichts-ID: 46cf0ec0-1732-11e4-beb7-b888e3da3fac
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/29/2014 05:07:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gimp-2.8.exe, Version 2.8.6.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11dc
Startzeit: 01cfab3ea1a9bacb
Endzeit: 24
Anwendungspfad: C:\Program Files\GIMP 2\bin\gimp-2.8.exe
Berichts-ID: 05be1b7c-1732-11e4-beb7-b888e3da3fac
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
System errors:
=============
Error: (08/01/2014 11:26:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 01.08.2014 um 10:36:27 unerwartet heruntergefahren.
Error: (07/31/2014 10:11:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Sofortverbindung - Konfigurationsregistrierungsstelle" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/31/2014 10:11:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/31/2014 10:11:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Zeitbroker" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/31/2014 10:11:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "SSDP-Suche" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/31/2014 10:11:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Sensorüberwachungsdienst" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (07/31/2014 10:11:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/30/2014 08:27:45 PM) (Source: DCOM) (EventID: 10010) (User: SibTop)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/30/2014 08:27:45 PM) (Source: DCOM) (EventID: 10010) (User: SibTop)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (07/30/2014 00:47:55 PM) (Source: DCOM) (EventID: 10010) (User: SibTop)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Microsoft Office Sessions:
=========================
Error: (08/01/2014 11:30:31 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to launch stream service as user [87]
Error: (07/31/2014 03:56:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HD-Frontend.exe0.8.12.311953b58743KERNELBASE.dll6.2.9200.16864531d2be6c002000100010f222f801cfacc7102de848C:\Program Files (x86)\BlueStacks\HD-Frontend.exeC:\Windows\SYSTEM32\KERNELBASE.dll82d7ee31-18ba-11e4-beb7-b888e3da3fac
Error: (07/31/2014 03:48:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HD-Frontend.exe0.8.12.311953b58743KERNELBASE.dll6.2.9200.16864531d2be6c002000100010f221df801cfacc5f2995ad2C:\Program Files (x86)\BlueStacks\HD-Frontend.exeC:\Windows\SYSTEM32\KERNELBASE.dll698e8686-18b9-11e4-beb7-b888e3da3fac
Error: (07/31/2014 03:03:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: HD-Frontend.exe0.8.12.3119f2c01cfacbfc4baf78512C:\Program Files (x86)\BlueStacks\HD-Frontend.exe0d675112-18b3-11e4-beb7-b888e3da3fac
Error: (07/31/2014 11:23:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HD-Frontend.exe0.8.12.311953b58743KERNELBASE.dll6.2.9200.16864531d2be6c002000100010f2212dc01cfaca02eb1cc16C:\Program Files (x86)\BlueStacks\HD-Frontend.exeC:\Windows\SYSTEM32\KERNELBASE.dll53b2f45d-1894-11e4-beb7-b888e3da3fac
Error: (07/31/2014 10:11:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_wcncsvc6.2.9200.16420505a9a4entdll.dll6.2.9200.1657951637f77c0000005000000000005af58181801cfab09ca39d86dC:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll34d7e11b-188a-11e4-beb7-b888e3da3fac
Error: (07/30/2014 04:27:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HD-Frontend.exe0.8.12.311953b58743KERNELBASE.dll6.2.9200.16864531d2be6c002000100010f22191401cfac00ac7bbe35C:\Program Files (x86)\BlueStacks\HD-Frontend.exeC:\Windows\SYSTEM32\KERNELBASE.dll9704f30c-17f5-11e4-beb7-b888e3da3fac
Error: (07/29/2014 05:09:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gimp-2.8.exe2.8.6.0110001cfab3f1294a66a2C:\Program Files\GIMP 2\bin\gimp-2.8.exe5d2f4374-1732-11e4-beb7-b888e3da3fac
Error: (07/29/2014 05:09:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gimp-2.8.exe2.8.6.017bc01cfab3ecd1d7d0a25C:\Program Files\GIMP 2\bin\gimp-2.8.exe46cf0ec0-1732-11e4-beb7-b888e3da3fac
Error: (07/29/2014 05:07:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gimp-2.8.exe2.8.6.011dc01cfab3ea1a9bacb24C:\Program Files\GIMP 2\bin\gimp-2.8.exe05be1b7c-1732-11e4-beb7-b888e3da3fac
==================== Memory info ===========================
Percentage of memory in use: 49%
Total physical RAM: 8007.27 MB
Available physical RAM: 4049.94 MB
Total Pagefile: 9223.27 MB
Available Pagefile: 5088.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.19 GB) (Free:251.8 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 28EF967C)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
So funktioniert es:
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und:
und 
und speichere die Logdatei auf Deinem Desktop.