Kaffeekeks | 11.02.2015 16:07 | FRST-Logfile Vielen Dank für die Anleitung. Hier die Logfiles:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 01
Ran by Ulrike (administrator) on ULRIKE-PC on 11-02-2015 15:40:12
Running from C:\Users\Ulrike\Desktop\Downloads
Loaded Profiles: Ulrike (Available profiles: Ulrike)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Security Stronghold) C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Failed to access process -> dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2886416 2012-03-02] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [InstantUpdate] => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-06] ()
HKLM\...\Run: [ALU] => C:\Program Files\Acer\Acer Updater\ALU.exe [2337144 2012-02-07] (Acer Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-24] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-10] (AVAST Software)
HKLM-x32\...\Run: [Stronghold AntiMalware] => C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe [6495144 2014-09-03] (Security Stronghold)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1743539947-420959901-682190308-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)
HKU\S-1-5-21-1743539947-420959901-682190308-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1088424 2012-10-13] (Nokia)
HKU\S-1-5-21-1743539947-420959901-682190308-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung)
HKU\S-1-5-21-1743539947-420959901-682190308-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-05-22] (Samsung Electronics)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1743539947-420959901-682190308-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-1743539947-420959901-682190308-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1743539947-420959901-682190308-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
URLSearchHook: HKU\S-1-5-21-1743539947-420959901-682190308-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1743539947-420959901-682190308-1001 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1743539947-420959901-682190308-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B46C83E8-595E-4643-B333-000B0EDB2F0D}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\gcpdoiam.default-1382716454299
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\gcpdoiam.default-1382716454299\searchplugins\avira-safesearch.xml
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-03-28]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-03-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-21]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-21]
CHR Extension: (Google Docs) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-21]
CHR Extension: (Google Drive) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-21]
CHR Extension: (YouTube) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-21]
CHR Extension: (Google-Suche) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-21]
CHR Extension: (Google Tabellen) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-21]
CHR Extension: (SiteAdvisor) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-09-21]
CHR Extension: (Avast Online Security) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-21]
CHR Extension: (Google Wallet) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-21]
CHR Extension: (Google Mail) - C:\Users\Ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2012-11-07]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-29]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-29] (AVAST Software)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-16] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [76960 2012-02-27] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-29] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-29] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S0 mfewfpk; system32\drivers\mfewfpk.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-11 15:29 - 2015-02-11 15:29 - 00000000 ___RD () C:\Users\Ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-02-10 17:30 - 2015-02-10 17:30 - 00000000 ____D () C:\Users\Ulrike\AppData\Roaming\Dropbox
2015-02-10 17:10 - 2015-02-10 17:10 - 00355424 _____ (Dropbox, Inc.) C:\Users\Public\Desktop\DropboxInstallerAvast.exe
2015-02-10 17:09 - 2014-12-29 09:26 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-10 16:47 - 2015-02-10 16:47 - 00270432 _____ () C:\Windows\Minidump\021015-56815-01.dmp
2015-02-10 16:47 - 2015-02-10 16:47 - 00000000 ____D () C:\Windows\Minidump
2015-02-10 16:46 - 2015-02-10 16:46 - 239243358 _____ () C:\Windows\MEMORY.DMP
2015-02-09 16:34 - 2015-02-11 15:40 - 00000000 ____D () C:\FRST
2015-02-09 16:30 - 2015-02-09 16:30 - 00000000 _____ () C:\Users\Ulrike\defogger_reenable
2015-02-05 16:08 - 2015-02-05 16:08 - 00000000 ____D () C:\Users\Ulrike\Documents\Bluetooth Folder
2015-02-05 16:08 - 2015-02-05 16:08 - 00000000 ____D () C:\Users\Ulrike\AppData\Local\BMExplorer
2015-01-29 09:40 - 2015-01-29 09:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-24 16:00 - 2015-01-29 11:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-01-23 12:34 - 2015-01-23 12:34 - 00000000 __SHD () C:\Users\Ulrike\AppData\Local\EmieUserList
2015-01-23 12:34 - 2015-01-23 12:34 - 00000000 __SHD () C:\Users\Ulrike\AppData\Local\EmieSiteList
2015-01-23 11:55 - 2015-01-23 11:55 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2015-01-23 11:48 - 2015-01-23 12:49 - 00000000 ____D () C:\Users\Ulrike\Documents\Vorsorge
2015-01-23 11:47 - 2014-10-13 06:57 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-01-23 11:47 - 2014-10-13 06:57 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-01-20 18:40 - 2015-02-10 17:12 - 00001968 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-14 15:24 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:24 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:24 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:24 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:24 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 15:24 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 15:23 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:23 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 15:23 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 15:23 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 15:23 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 15:23 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 15:23 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-11 15:38 - 2012-05-11 13:21 - 01784411 _____ () C:\Windows\WindowsUpdate.log
2015-02-11 15:32 - 2009-07-14 05:45 - 00031248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-11 15:32 - 2009-07-14 05:45 - 00031248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-11 15:31 - 2014-09-21 15:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-11 15:29 - 2014-09-21 15:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-11 15:29 - 2012-05-11 13:25 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-02-11 15:25 - 2013-07-15 16:32 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-02-11 15:24 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-11 15:24 - 2009-07-14 05:51 - 00090576 _____ () C:\Windows\setupact.log
2015-02-11 01:45 - 2014-09-21 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-11 01:45 - 2014-01-21 12:00 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-11 01:45 - 2012-11-20 13:45 - 00000000 ____D () C:\Users\Ulrike\AppData\Roaming\SoftGrid Client
2015-02-11 01:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-10 17:53 - 2014-09-22 21:40 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware
2015-02-10 17:38 - 2014-09-21 15:37 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-10 17:18 - 2012-11-21 18:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-10 17:14 - 2010-11-21 04:47 - 00404880 _____ () C:\Windows\PFRO.log
2015-02-10 17:13 - 2014-09-21 15:37 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-10 17:13 - 2014-09-21 15:37 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-10 17:11 - 2014-09-21 15:36 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-10 16:56 - 2014-12-29 09:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-10 16:48 - 2012-11-07 16:25 - 00000000 ____D () C:\Users\Ulrike
2015-02-06 16:09 - 2014-01-09 13:29 - 00000000 ____D () C:\Users\Ulrike\Documents\Persönliches
2015-02-05 16:08 - 2012-11-13 17:13 - 00000000 ____D () C:\Users\Ulrike\AppData\Local\CrashDumps
2015-02-05 16:08 - 2012-05-11 13:33 - 00000000 ____D () C:\ProgramData\Atheros
2015-02-05 16:07 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-05 16:06 - 2012-05-11 13:25 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-02-05 11:25 - 2014-01-21 12:14 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2015-02-05 11:25 - 2012-05-11 13:25 - 00003492 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-02-05 11:25 - 2012-05-11 13:25 - 00003188 _____ () C:\Windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-02-04 15:08 - 2014-09-21 15:39 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-29 14:40 - 2012-11-07 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-29 10:06 - 2014-10-08 15:01 - 00000000 ____D () C:\Users\Ulrike\Documents\Blog
2015-01-29 09:45 - 2014-10-28 16:57 - 00000000 ____D () C:\Users\Ulrike\Documents\Schnittmuster
2015-01-26 16:45 - 2012-11-07 17:52 - 00000000 ____D () C:\Users\Ulrike\AppData\Local\Adobe
2015-01-23 12:22 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-23 11:55 - 2013-03-25 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-01-23 11:48 - 2013-07-15 16:21 - 00002006 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2015-01-16 14:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-15 16:43 - 2013-11-07 16:33 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 16:20 - 2013-11-07 16:33 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2012-05-11 13:39 - 2012-05-11 13:42 - 0002454 _____ () C:\ProgramData\clear.fiSDK20.log
2012-05-11 13:41 - 2012-05-11 13:41 - 0000032 _____ () C:\ProgramData\PS.log
Some content of TEMP:
====================
C:\Users\Ulrike\AppData\Local\Temp\avgnt.exe
C:\Users\Ulrike\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Ulrike\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Ulrike\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Ulrike\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Ulrike\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Ulrike\AppData\Local\Temp\TUUUninstallHelper.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-31 17:28
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-02-2015 01
Ran by Ulrike at 2015-02-11 15:44:11
Running from C:\Users\Ulrike\Desktop\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi SDK - MVP 2 (x32 Version: 2.0.1505 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.0.1502 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2624.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2624.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Instant Update Service (HKLM\...\{36674AE9-6D3D-48D6-BC7B-209F556D65EE}) (Version: 1.00.3004 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.1107.1418 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.00.3004 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3004 - Acer Incorporated)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.1.2 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotosizer 1.38 (HKLM-x32\...\Fotosizer) (Version: 1.38 - Fotosizer.com)
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotogràfica (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 2.1.5 - Kobo Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Acer Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-1743539947-420959901-682190308-1001\...\MyFreeCodec) (Version: - )
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{0906982B-A432-4C06-8F01-C01BE1143779}) (Version: 7.1.92.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.6.36.0 - Nokia)
Nokia Suite (x32 Version: 3.6.36.0 - Nokia) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9006 - NTI Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}) (Version: 12.0.48.0 - Nokia)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.2.0 - Synaptics Incorporated)
System Checkup 3.4 (HKLM-x32\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.4.5.9 - iolo technologies, LLC)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3505.0912 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
10-12-2014 16:00:46 Windows Update
16-12-2014 08:43:09 Windows Update
29-12-2014 09:20:21 avast! antivirus system restore point
29-12-2014 09:26:41 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
15-01-2015 16:17:47 Windows Update
20-01-2015 18:35:06 avast! antivirus system restore point
23-01-2015 13:07:07 Windows Update
31-01-2015 17:38:23 Geplanter Prüfpunkt
06-02-2015 15:03:53 TuneUp Utilities 2014 wird entfernt
06-02-2015 15:08:02 TuneUp Utilities 2014 (de-DE) wird entfernt
10-02-2015 16:48:07 avast! antivirus system restore point
10-02-2015 17:06:52 avast! antivirus system restore point
10-02-2015 17:10:12 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {014E5D65-F4E0-471F-B39C-CA47268E46AE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {160C8765-1414-4853-937F-8A86BE06C25A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-29] (Adobe Systems Incorporated)
Task: {49B444E9-DFC2-4646-B3E3-5680CD644EEC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {520B24AB-7688-4C47-A7D0-A6C9897D7133} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {6A01F78C-4CEA-4963-90B0-A5417359DFC1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {7B7B297D-37A1-4C40-BCAD-72F89583014E} - System32\Tasks\{F270D8D8-7BC7-4E53-8521-471F863A7381} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {91EB16D7-ACE3-4AB8-9671-69E85B535E47} - System32\Tasks\Google Updater and Installer => C:\Users\Ulrike\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {92A564E9-31E1-491B-B63A-E3F0431B51B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-21] (Google Inc.)
Task: {97A0242F-3CD9-44E0-87D9-EA6F17FED2B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-21] (Google Inc.)
Task: {AE011286-A95E-4457-A5DA-34BB8D54561C} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2012-01-18] (Acer)
Task: {B0B8B670-F5C1-40E3-AF4C-66217C33CF39} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
Task: {C41B243A-2C71-4967-8BE9-2C710E079E8A} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {C5542BC6-ADDB-4841-9F11-F9FA7896485B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-29] (AVAST Software)
Task: {FE1FEEB4-CBE4-48B1-B10F-E46919678833} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {FEDC90DC-CFEC-42F5-A6CB-B5E79F6FB7D6} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (whitelisted) ==============
2012-05-11 13:25 - 2012-03-16 12:48 - 00127320 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2012-05-11 22:45 - 2012-03-27 02:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-04-06 19:29 - 2012-04-06 19:29 - 00040552 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-04-06 19:29 - 2012-04-06 19:29 - 00022120 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2015-02-10 17:00 - 2015-02-10 17:00 - 02912768 _____ () C:\Program Files\AVAST Software\Avast\defs\15021000\algo.dll
2015-02-11 15:27 - 2015-02-11 15:27 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15021100\algo.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-05-11 13:25 - 2012-03-07 15:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 08506792 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 02353576 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 01013672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 00363944 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 02480552 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 01346472 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 00205736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 02652584 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 00032680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 00035240 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 00206760 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 11166120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 00276392 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2012-10-13 01:31 - 2012-10-13 01:31 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2012-10-13 01:31 - 2012-10-13 01:31 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2012-10-13 01:54 - 2012-10-13 01:54 - 00437672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 00445864 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 00520104 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 00720296 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2012-10-13 01:53 - 2012-10-13 01:53 - 00605608 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2012-10-13 01:55 - 2012-10-13 01:55 - 00092584 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2012-10-13 01:30 - 2012-10-13 01:30 - 00110080 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
2014-12-29 09:25 - 2014-12-29 09:25 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-29 09:40 - 2015-01-29 09:41 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1743539947-420959901-682190308-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ulrike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-1743539947-420959901-682190308-500 - Administrator - Disabled)
Gast (S-1-5-21-1743539947-420959901-682190308-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1743539947-420959901-682190308-1002 - Limited - Enabled)
Ulrike (S-1-5-21-1743539947-420959901-682190308-1001 - Administrator - Enabled) => C:\Users\Ulrike
==================== Faulty Device Manager Devices =============
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (02/10/2015 05:36:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm StrongholdAntiMalware.exe, Version 1.0.0.9 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 16dc
Startzeit: 01d0454cf3b451d2
Endzeit: 41
Anwendungspfad: C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
Berichts-ID: f11adadb-b142-11e4-8c81-e006e61763d0
Error: (02/06/2015 04:39:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm StrongholdAntiMalware.exe, Version 1.0.0.9 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 15e8
Startzeit: 01d042203f419795
Endzeit: 8
Anwendungspfad: C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
Berichts-ID: 4d3cdb55-ae16-11e4-a35d-e006e61763d0
Error: (02/05/2015 04:29:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm StrongholdAntiMalware.exe, Version 1.0.0.9 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1798
Startzeit: 01d0415599020912
Endzeit: 15
Anwendungspfad: C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
Berichts-ID: 9272c4c1-ad4b-11e4-89a3-e006e61763d0
Error: (02/05/2015 04:08:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ePowerTray.exe, Version: 6.0.3010.0, Zeitstempel: 0x4f30f0a8
Name des fehlerhaften Moduls: ePowerTray.exe, Version: 6.0.3010.0, Zeitstempel: 0x4f30f0a8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000012049
ID des fehlerhaften Prozesses: 0x1114
Startzeit der fehlerhaften Anwendung: 0xePowerTray.exe0
Pfad der fehlerhaften Anwendung: ePowerTray.exe1
Pfad des fehlerhaften Moduls: ePowerTray.exe2
Berichtskennung: ePowerTray.exe3
Error: (02/05/2015 11:04:40 AM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antiviren, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen.
Error: (01/29/2015 02:41:50 PM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antiviren, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen.
Error: (01/23/2015 00:56:54 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07
Error: (01/23/2015 00:56:53 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07
Error: (01/21/2015 02:59:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm StrongholdAntiMalware.exe, Version 1.0.0.9 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1328
Startzeit: 01d0357f741fb7cb
Endzeit: 8
Anwendungspfad: C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
Berichts-ID: c48c9961-a175-11e4-a050-e006e61763d0
Error: (01/16/2015 01:43:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 39.0.2171.95 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: fc8
Startzeit: 01d03189e4f0ec95
Endzeit: 5
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 2efdfb2c-9d7d-11e4-b2f0-e006e61763d0
System errors:
=============
Error: (02/11/2015 03:26:15 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (02/11/2015 03:25:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mfewfpk
Error: (02/10/2015 05:45:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (02/10/2015 05:39:26 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (02/10/2015 05:39:26 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (02/10/2015 05:38:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mfewfpk
Error: (02/10/2015 05:22:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (02/10/2015 05:16:17 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (02/10/2015 05:15:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mfewfpk
Error: (02/10/2015 05:13:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.191.4500.0)
Microsoft Office Sessions:
=========================
Error: (02/10/2015 05:36:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: StrongholdAntiMalware.exe1.0.0.916dc01d0454cf3b451d241C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exef11adadb-b142-11e4-8c81-e006e61763d0
Error: (02/06/2015 04:39:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: StrongholdAntiMalware.exe1.0.0.915e801d042203f4197958C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe4d3cdb55-ae16-11e4-a35d-e006e61763d0
Error: (02/05/2015 04:29:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: StrongholdAntiMalware.exe1.0.0.9179801d041559902091215C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe9272c4c1-ad4b-11e4-89a3-e006e61763d0
Error: (02/05/2015 04:08:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ePowerTray.exe6.0.3010.04f30f0a8ePowerTray.exe6.0.3010.04f30f0a8c00000050000000000012049111401d041557f3f8634C:\Program Files\Acer\Acer ePower Management\ePowerTray.exeC:\Program Files\Acer\Acer ePower Management\ePowerTray.exec5b6ae7e-ad48-11e4-89a3-e006e61763d0
Error: (02/05/2015 11:04:40 AM) (Source: SecurityCenter) (EventID: 3) (User: )
Description:
Error: (01/29/2015 02:41:50 PM) (Source: SecurityCenter) (EventID: 3) (User: )
Description:
Error: (01/23/2015 00:56:54 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07
C:\Program Files (x86)\Samsung\Kies\Kies.exe
Error: (01/23/2015 00:56:53 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07
C:\Program Files (x86)\Samsung\Kies\Kies.exe
Error: (01/21/2015 02:59:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: StrongholdAntiMalware.exe1.0.0.9132801d0357f741fb7cb8C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exec48c9961-a175-11e4-a050-e006e61763d0
Error: (01/16/2015 01:43:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe39.0.2171.95fc801d03189e4f0ec955C:\Program Files (x86)\Google\Chrome\Application\chrome.exe2efdfb2c-9d7d-11e4-b2f0-e006e61763d0
CodeIntegrity Errors:
===================================
Date: 2013-03-25 16:40:53.525
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-25 16:40:53.476
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-25 16:40:50.800
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-25 16:40:50.751
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-25 16:40:47.461
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-25 16:40:47.413
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-25 16:40:44.959
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-25 16:40:44.909
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-25 16:40:42.053
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-25 16:40:42.004
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 967 @ 1.30GHz
Percentage of memory in use: 57%
Total physical RAM: 3889.6 MB
Available physical RAM: 1666.46 MB
Total Pagefile: 7777.39 MB
Available Pagefile: 5031.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:281.88 GB) (Free:220.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 88496A42)
Partition 1: (Not Active) - (Size=16.1 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=281.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |