Marcus-84

Member
  • Content Count

    2
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Marcus-84

  • Rank
    New Member
  1. Emsisoft Anti-Malware - Version 8.1 Letztes Update: 27.01.2014 16:58:47 Benutzerkonto: MARCUS\bühner Scan Einstellungen: Scan Methode: Detail Scan Objekte: Rootkits, Speicher, Traces, C:\, D:\ PUPs-Erkennung: An Archiv Scan: An ADS Scan: An Dateitypen-Filter: Aus Erweitertes Caching: An Direkter Festplattenzugriff: Aus Scan Beginn: 27.01.2014 17:43:44 C:\Windows\TEMP\APN-Stub gefunden: Application.Win32.WebToolbar (A) C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\[email protected] gefunden: Application.Win32.InstallExt (A) C:\ProgramData\apn gefunden: Application.Win32.WebToolbar (A) C:\Users\bühner\AppData\Local\Searchprotect gefunden: Application.Win32.WebToolbar (A) C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\searchplugins\iminent.xml gefunden: Application.Win32.WSearch (A) Key: HKEY_USERS\S-1-5-21-2956242898-1035771169-1370563355-1002\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} gefunden: Application.Win32.InstallAd (A) Key: HKEY_USERS\S-1-5-21-2956242898-1035771169-1370563355-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{1146AC44-2F03-4431-B4FD-889BC837521F} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{01994268-3C10-4044-A1EA-7A9C1B739A11} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{09C554C3-109B-483C-A06B-F14172F1A947} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\ESCORT.DLL gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\ESCORTAPP.DLL gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\ESCORTENG.DLL gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\ESCORTLBR.DLL gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\ESRV.EXE gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\I gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C58D664A-3DBC-4925-AE74-0382007DF113} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\PROD.CAP gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{5563BEFE-3B03-43B1-8041-64A9745DAA56} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{8E9F2D02-6B06-4EBA-92C2-68438EADED28} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} gefunden: Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{208D4124-3895-4974-B293-A159BD306078} gefunden: Application.Win32.InstallExt (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} gefunden: Application.Win32.InstallExt (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBOOSTERARP gefunden: Application.Win32.InstallExt (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SEARCHPROTECT gefunden: Application.Win32.InstallExt (A) Gescannt 406468 Gefunden 37 Scan Ende: 27.01.2014 18:34:44 Scan Zeit: 0:51:00 Key: HKEY_USERS\S-1-5-21-2956242898-1035771169-1370563355-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{1146AC44-2F03-4431-B4FD-889BC837521F} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{01994268-3C10-4044-A1EA-7A9C1B739A11} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{09C554C3-109B-483C-A06B-F14172F1A947} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\ESCORT.DLL Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\ESCORTAPP.DLL Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\ESCORTENG.DLL Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\ESCORTLBR.DLL Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\ESRV.EXE Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1} Quarantäne Application.Win32.WSearch (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55} Quarantäne Application.Win32.WSearch (A) Quarantäne 18 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02 Ran by bühner (administrator) on MARCUS on 28-01-2014 17:05:52 Running from C:\Users\bühner\Downloads Windows 8 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc.) C:\Program Files\mcafee\AppStats\MfeASUM.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (COMPANYVERS_NAME) C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\AppIntegrator64.exe (Tobit.Software) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe () C:\Users\bühner\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor) HKLM\...\Run: [btPreLoad] - "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" HKLM\...\Run: [VideoDownloadConverter Home Page Guard 64 bit] - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\AppIntegrator64.exe [548936 2013-10-05] () HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.) HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [LManager] - [x] HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-09-14] (RealNetworks, Inc.) HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [emsisoft anti-malware] - c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [btvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications)) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation) HKCU\...\Run: [rfxsrvtray] - C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software) HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\bühner\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] () HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-14] (Google Inc.) HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated) HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated) AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => File Not Found AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation) AppInit_DLLs: c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => File Not Found ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.) URLSearchHook: HKCU - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark) SearchScopes: HKLM - {4B6AF535-CC05-4DF9-8907-279233961CA3} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - {4B6AF535-CC05-4DF9-8907-279233961CA3} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://start.iminent.com/?appId=E7B63D07-7BB6-4467-9D9F-594C57570ECC&ref=toolbox&q={searchTerms} SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B4C220689D6FC274&affID=119357&tl=gcn61193&tsp=5010 SearchScopes: HKCU - {4B6AF535-CC05-4DF9-8907-279233961CA3} URL = BHO: DiscountLoucator - {37627CEA-9F0B-408F-238E-288294DCD2F8} - C:\ProgramData\DiscountLoucator\8_2_xVR.x64.dll No File BHO: Ask Toolbar - {4F524A2D-5637-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Passport_x64.dll (APN LLC.) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll No File BHO: SMaRutCompAre - {A82720FA-6303-A56B-C09F-D0EDCBC394CA} - C:\ProgramData\SMaRutCompAre\LUpD.x64.dll No File BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark) BHO-x32: Ask Toolbar - {4F524A2D-5637-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll (APN LLC.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Passport_x64.dll (APN LLC.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll (APN LLC.) Toolbar: HKLM-x32 - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) Winsock: Catalog5 08 C:\Windows\SysWOW64\wlidNSP.dll [46592] (Microsoft Corporation) Winsock: Catalog5 09 C:\Windows\SysWOW64\wlidNSP.dll [46592] (Microsoft Corporation) Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [71168] (Microsoft Corporation) Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [71168] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default FF user.js: detected! => C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\user.js FF DefaultSearchEngine: Ask Web Search FF SelectedSearchEngine: Ask Web Search FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark) FF Plugin-x32: @VideoDownloadConverter_ScriptHelper.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter\npVDCPlugin.dll (Mindspark) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll () FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\bühner\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF SearchPlugin: C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\searchplugins\ask-web-search.xml FF SearchPlugin: C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\searchplugins\iminent.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: VideoDownloadConverter - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\[email protected]_4z.com [2013-12-07] FF Extension: Delta Toolbar - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\[email protected] [2013-09-19] FF Extension: Iminent Toolbar - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\[email protected] [2014-01-23] FF Extension: SMaRutCompAre - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\[email protected] [2013-12-23] FF Extension: DiscountLoucator - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\[email protected] [2013-12-23] FF Extension: HTLiveSight - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\{469b7d40-de9a-11e0-9572-0800200c9a66} [2014-01-11] FF Extension: FoxTrick - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba} [2014-01-27] FF Extension: Iminent - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\[email protected] [2014-01-23] FF Extension: PsicoTSI - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}.xpi [2013-06-20] FF Extension: Gutscheinaffe - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2014-01-11] FF Extension: Adblock Plus - C:\Users\bühner\AppData\Roaming\Mozilla\Firefox\Profiles\1p8kxima.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-21] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-09-03] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\ FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\ [] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\ FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\ [] FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [] FF HKLM-x32\...\Firefox\Extensions: [[email protected]_4z.com] - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin FF Extension: VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin [2013-10-05] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-14] FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-09-03] Chrome: ======= CHR DefaultSearchKeyword: delta-search.com CHR DefaultSearchProvider: Delta Search CHR DefaultSearchURL: http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B4C220689D6FC274&affID=119357&tl=gcn61193&tsp=5010 CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll No File CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File CHR Extension: (Google Docs) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-19] CHR Extension: (Google Drive) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-19] CHR Extension: (YouTube) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-19] CHR Extension: (Freemake Video Downloader) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-09-19] CHR Extension: (Google Search) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-19] CHR Extension: (Freemake Youtube Download Button) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-09-19] CHR Extension: (Delta Toolbar) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-09-19] CHR Extension: (SiteAdvisor) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-07-14] CHR Extension: (RealDownloader) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-19] CHR Extension: (Freemake Video Converter) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-07-22] CHR Extension: (Wajam) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2013-09-19] CHR Extension: (Chrome In-App Payments service) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-19] CHR Extension: (SMaRutCompAre) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdblghdojilpfoflhmlmojmjipbeadib [2013-12-23] CHR Extension: (Gmail) - C:\Users\bühner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-19] CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-07-22] CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-07-22] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-01-09] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-07-22] CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\bühner\AppData\Local\Wajam\Chrome\wajam.crx [2013-05-02] CHR HKLM-x32\...\Chrome\Extension: [ojcgaoafcmbadjkfdippkdddgkeaipbn] - C:\Program Files (x86)\DealPly\DealPly.crx [2013-05-02] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= U2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH) U2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-01-11] (APN LLC.) U2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) U2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated) U2 CLKMSVC10_96E434EB; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [243728 2012-07-24] (CyberLink) U3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated) U3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated) U2 ETDService; C:\Program Files\Elantech\ETDService.exe [28560 2012-08-30] (ELAN Microelectronics Corp.) U2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2013-07-19] (Ellora Assets Corp.) U2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent) U2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) U2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) U2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) U2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.) U3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.) U3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.) U2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) U2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) U3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) U4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) U2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) U2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) U2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-11] (McAfee, Inc.) U2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.) U2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-05] (McAfee, Inc.) U2 mfevtp; C:\windows\system32\mfevtps.exe [184800 2013-12-05] (McAfee, Inc.) U2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) U2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation) U2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] () U2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () U2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-12] (Dritek System INC.) U2 VideoDownloadConverter_4zService; C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe [42504 2013-10-05] (COMPANYVERS_NAME) U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) U2 70e6ca8c; "C:\Windows\system32\rundll32.exe" "c:\progra~2\optimi~1\OptProCrashSvc.dll",ServiceMain ==================== Drivers (Whitelisted) ==================== U3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH) U1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH) U1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH) U1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH) U3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros) U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) U3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-12-05] (McAfee, Inc.) U3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH) U3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) U2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-12-05] (McAfee, Inc.) U1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-11] (McAfee, Inc.) U2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-12-05] (McAfee, Inc.) U0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-12-05] (McAfee, Inc.) U3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-12-05] (McAfee, Inc.) U2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782616 2013-12-05] (McAfee, Inc.) U3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.) U3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.) U2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-12-05] (McAfee, Inc.) U2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) U3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-12] (Dritek System Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-28 17:05 - 2014-01-28 17:06 - 00035144 _____ C:\Users\bühner\Downloads\FRST.txt 2014-01-28 17:05 - 2014-01-28 17:05 - 02079232 _____ (Farbar) C:\Users\bühner\Downloads\FRST64.exe 2014-01-28 17:05 - 2014-01-28 17:05 - 00000000 ____D C:\FRST 2014-01-25 16:09 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys 2014-01-24 23:50 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-01-24 23:50 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-24 23:50 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-01-24 23:50 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-01-24 23:50 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2014-01-24 23:50 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2014-01-24 23:50 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2014-01-24 23:50 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2014-01-24 23:50 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2014-01-24 23:50 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2014-01-24 23:50 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2014-01-24 23:50 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-01-24 23:50 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-01-24 23:50 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-01-24 23:50 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2014-01-24 18:48 - 2014-01-24 18:48 - 00001099 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-01-24 18:47 - 2014-01-28 16:54 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware 2014-01-24 18:47 - 2014-01-24 18:47 - 00000000 ____D C:\Users\bühner\Documents\Anti-Malware 2014-01-24 18:46 - 2014-01-24 18:46 - 238782168 _____ (Emsisoft GmbH ) C:\Users\bühner\Downloads\EmsisoftAntiMalwareSetup.exe 2014-01-22 20:08 - 2014-01-22 22:00 - 00000000 ____D C:\Users\bühner\Desktop\video1001 2014-01-18 12:59 - 2014-01-18 12:59 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-08 20:33 - 2014-01-08 20:33 - 00000000 ____D C:\Users\bühner\AppData\Roaming\Malwarebytes 2014-01-08 20:33 - 2014-01-08 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes ==================== One Month Modified Files and Folders ======= 2014-01-28 17:06 - 2014-01-28 17:05 - 00035144 _____ C:\Users\bühner\Downloads\FRST.txt 2014-01-28 17:05 - 2014-01-28 17:05 - 02079232 _____ (Farbar) C:\Users\bühner\Downloads\FRST64.exe 2014-01-28 17:05 - 2014-01-28 17:05 - 00000000 ____D C:\FRST 2014-01-28 17:05 - 2013-07-02 15:53 - 00001848 _____ C:\Users\Public\Desktop\McAfee Total Protection.lnk 2014-01-28 17:02 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru 2014-01-28 17:01 - 2012-10-12 19:41 - 00753134 _____ C:\Windows\system32\perfh007.dat 2014-01-28 17:01 - 2012-10-12 19:41 - 00155826 _____ C:\Windows\system32\perfc007.dat 2014-01-28 17:01 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-28 16:54 - 2014-01-24 18:47 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware 2014-01-28 16:54 - 2013-06-20 18:26 - 00000000 ____D C:\Program Files (x86)\Steam 2014-01-28 16:53 - 2013-12-11 21:40 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef6b140b97e3f.job 2014-01-28 16:53 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-27 20:44 - 2013-06-20 04:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-25 22:42 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM 2014-01-25 22:41 - 2012-09-03 07:45 - 00000000 ____D C:\Program Files (x86)\McAfee 2014-01-25 21:59 - 2013-09-26 19:12 - 00000000 ____D C:\Users\bühner\Documents\VirtualDJ 2014-01-25 20:26 - 2013-04-03 23:55 - 02070210 _____ C:\Windows\WindowsUpdate.log 2014-01-25 17:01 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2014-01-25 16:59 - 2012-09-03 07:24 - 00293436 _____ C:\Windows\PFRO.log 2014-01-25 16:21 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore 2014-01-25 16:03 - 2012-09-03 07:45 - 00000000 ____D C:\Program Files\Common Files\mcafee 2014-01-25 16:03 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP 2014-01-25 15:59 - 2013-08-14 17:42 - 00000000 ____D C:\Windows\system32\MRT 2014-01-25 15:59 - 2013-05-06 20:39 - 00000000 ____D C:\ProgramData\Microsoft Help 2014-01-25 15:57 - 2013-06-23 12:26 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-25 15:56 - 2013-04-04 00:04 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2956242898-1035771169-1370563355-1002 2014-01-25 15:16 - 2013-09-12 21:24 - 00000000 ___RD C:\Users\bühner\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App 2014-01-24 23:48 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent 2014-01-24 18:48 - 2014-01-24 18:48 - 00001099 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-01-24 18:47 - 2014-01-24 18:47 - 00000000 ____D C:\Users\bühner\Documents\Anti-Malware 2014-01-24 18:46 - 2014-01-24 18:46 - 238782168 _____ (Emsisoft GmbH ) C:\Users\bühner\Downloads\EmsisoftAntiMalwareSetup.exe 2014-01-24 18:43 - 2013-06-19 18:38 - 00000000 ____D C:\Users\bühner\Desktop\Bahn 2014-01-24 18:42 - 2013-05-11 20:10 - 00000000 ____D C:\Users\bühner\AppData\Local\Deployment 2014-01-24 18:08 - 2013-08-21 21:19 - 00000000 ____D C:\Users\bühner\AppData\Roaming\TS3Client 2014-01-22 22:00 - 2014-01-22 20:08 - 00000000 ____D C:\Users\bühner\Desktop\video1001 2014-01-18 12:59 - 2014-01-18 12:59 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-18 12:59 - 2013-10-19 13:19 - 00000000 ____D C:\ProgramData\Oracle 2014-01-18 12:59 - 2013-08-13 16:46 - 00000000 ____D C:\Program Files (x86)\Java 2014-01-18 12:54 - 2013-06-20 04:01 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-01-18 12:54 - 2013-06-20 04:01 - 00000000 ____D C:\Users\bühner\AppData\Local\Adobe 2014-01-09 09:02 - 2013-11-17 15:01 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-09 09:02 - 2013-11-17 15:01 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-08 21:33 - 2013-12-23 20:13 - 00000000 ____D C:\ProgramData\SMaRutCompAre 2014-01-08 21:33 - 2013-12-23 20:13 - 00000000 ____D C:\ProgramData\DiscountLoucator 2014-01-08 21:33 - 2013-09-19 17:35 - 00000000 ____D C:\ProgramData\DSearchLink 2014-01-08 20:33 - 2014-01-08 20:33 - 00000000 ____D C:\Users\bühner\AppData\Roaming\Malwarebytes 2014-01-08 20:33 - 2014-01-08 20:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-05 16:58 - 2013-12-21 16:57 - 00000056 _____ C:\Users\bühner\AppData\Roaming\WB.CFG Some content of TEMP: ==================== C:\Users\bühner\AppData\Local\Temp\VIS_DE-2013-12-13.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-27 17:55 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014 02 Ran by bühner at 2014-01-28 17:06:40 Running from C:\Users\bühner\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden Acer Backup Manager (x32 Version: 4.0.0.0059 - NTI Corporation) Acer Device Fast-lane (Version: 1.00.3007 - Acer Incorporated) Acer Instant Update Service (Version: 1.00.3013 - Acer Incorporated) Acer Power Management (Version: 7.00.3006 - Acer Incorporated) Acer Recovery Management (Version: 6.00.3011 - Acer Incorporated) AcerCloud (x32 Version: 2.01.3115 - Acer Incorporated) AcerCloud Docs (x32 Version: 1.00.3201 - Acer Incorporated) Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden Airline Tycoon 2 - Gold Edition Version 1.0 (x32 Version: 1.0 - Kalypso Media) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18 - Amazon Services LLC) Ask Toolbar (x32 Version: 12.10.0.18 - APN, LLC) <==== ATTENTION Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.4 - Atheros Communications Inc.) Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden clear.fi Media (x32 Version: 2.01.3108 - Acer Incorporated) clear.fi Photo (x32 Version: 2.01.3108 - Acer Incorporated) Creative Audio-Systemsteuerung (x32 Version: 3.00 - Creative Technology Limited) CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819 - CyberLink Corp.) CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819 - CyberLink Corp.) Hidden Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden DMUninstaller (x32 Version: - ) Dolby Home Theater v4 (x32 Version: 7.2.8000.16 - Dolby Laboratories Inc) eBay Worldwide (x32 Version: 2.3.0630 - OEM) Emsisoft Anti-Malware (x32 Version: 8.1 - Emsisoft GmbH) ETDWare PS/2-X64 11.6.8.001_WHQL (Version: 11.6.8.001 - ELAN Microelectronic Corp.) Freemake Video Converter Version 4.0.2 (x32 Version: 4.0.2 - Ellora Assets Corporation) Freemake Video Downloader (x32 Version: 3.5.2 - Ellora Assets Corporation) Fritz8 (x32 Version: - ) Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.) Google Earth (x32 Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.) Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Host OpenAL (x32 Version: 2.02 - Creative Technology Limited) Identity Card (x32 Version: 2.00.3004 - Acer Incorporated) Iminent (x32 Version: 6.41.1.1 - Iminent) <==== ATTENTION Iminent Toolbar on IE and Chrome (x32 Version: 1.8.28.3 - IminentToolbar) <==== ATTENTION Intel® Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation) Intel® Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation) Intel® Rapid Storage Technology (x32 Version: 11.5.0.1207 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle) Java 7 Update 51 (x32 Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden JFileManager (x32 Version: v1.10 - TUGUU SL) John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Launch Manager (x32 Version: 7.0.4 - Acer Inc.) Live Updater (x32 Version: 2.00.3004 - Acer Incorporated) Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.) McAfee Total Protection (x32 Version: 12.8.908 - McAfee, Inc.) Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla) Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (x32 Version: 8.0.50727.42 - The Firebird Project) MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden NVIDIA Grafiktreiber 306.97 (Version: 306.97 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613 - NVIDIA Corporation) NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden Office Addin (x32 Version: 2.01.3200 - Acer) Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.220 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (x32 Version: 11.41 - Qualcomm Atheros) Radio.fx (x32 Version: - Tobit.Software) RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (x32 Version: 16.0.3 - RealNetworks) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (x32 Version: 6.2.8400.28123 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden SAM Broadcaster 2013 (x32 Version: 2013 - Spacial Audio Solutions, LLC) Shared C Run-time for x64 (Version: 10.0.0 - McAfee) Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Steam (x32 Version: 1.0.0.0 - Valve Corporation) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden TeamSpeak 3 Client (x32 Version: 3.0.13.1 - TeamSpeak Systems GmbH) TeamViewer 6 (x32 Version: 6.0.17222 - TeamViewer GmbH) Train Simulator 2013 (x32 Version: - RailSimulator.com) Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VideoDownloadConverter Firefox Toolbar (x32 Version: - Mindspark Interactive Network) <==== ATTENTION VideoDownloadConverter Internet Explorer Toolbar (x32 Version: - Mindspark Interactive Network) <==== ATTENTION VirtualDJ PRO Full (x32 Version: 7.0.5 - Atomix Productions) Visual Studio 2005 Tools for Office Second Edition Runtime (x32 Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1 - Microsoft Corporation) WildTangent Games (x32 Version: 1.0.3.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.10.17 - WildTangent) Hidden Winamp (x32 Version: 5.65 - Nullsoft, Inc) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc) WinFF 1.5 (Codename EMMA) (x32 Version: - WinFF.org) WinPcap 4.1.2 (x32 Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.00 (64-bit) (Version: 5.00.0 - win.rar GmbH) Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Restore Points ========================= 04-01-2014 23:05:50 Geplanter Prüfpunkt 18-01-2014 11:59:19 Installed Java 7 Update 51 25-01-2014 14:57:18 Windows Update ==================== Hosts content: ========================== 2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {057DFDC2-25A0-431C-BA10-4927CB93DBA4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2956242898-1035771169-1370563355-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {14238981-97D8-48A3-A470-248B76FCC63A} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2111341C-362F-4BF7-9BDF-BE9893265CCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18] (Adobe Systems Incorporated) Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {27BEFF61-DCB1-4D68-A324-F294B5D9FAEB} - System32\Tasks\GoogleUpdateTaskMachineUA1cecc49e8636691 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-19] (Google Inc.) Task: {2A5FC1F1-0921-44C0-B14F-98AC6F4C6D66} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] () Task: {3B82E95E-D45C-461F-90FE-165DD06D6B7F} - System32\Tasks\DealPly => C:\Users\BHNER~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {40D67B88-5D86-4F96-AFBF-DFCA33FF303B} - System32\Tasks\GoogleUpdateTaskMachineUA1cef6b140d3f375 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-19] (Google Inc.) Task: {446DCAE7-347F-458F-83BC-0112B0E51013} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] () Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - \Microsoft\Windows\Live\Roaming\SynchronizeWithStorage No Task File Task: {4F39BA94-C961-48F1-9BDE-30E10DE80C9E} - System32\Tasks\GoogleUpdateTaskMachineCore1cef6b140b97e3f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-19] (Google Inc.) Task: {663C69D9-37B0-4ACA-82AB-5E6E7023FCAB} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {70A243E6-F387-4BBE-B728-8E45A72C4FAC} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION Task: {7F3747FF-4F3F-43E1-8966-0F972453AD6C} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] () Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {A800277E-E202-4492-AD38-3312641CBC04} - \Microsoft\Windows\Live\Roaming\MaintenanceTask No Task File Task: {AB1C8E92-B61A-42C7-AAB4-4597706BE1AD} - System32\Tasks\DealPlyUpdate => C:\Program Task: {B3890542-A20C-4D47-869B-01CB58978CE3} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2956242898-1035771169-1370563355-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {B75AE49F-3F94-45E5-9D3B-D12B4A24E397} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink) Task: {C16CE109-A12E-4F9F-B882-83B66CF64A0C} - System32\Tasks\EPUpdater => C:\Users\BHNER~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {D2F6DCFD-8A44-45F5-8537-2399B536DCBC} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] () Task: {DC94852B-1F86-44A6-B006-5B8E95D8D0A7} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef6b140b97e3f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef6b140d3f375.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-05 11:49 - 2013-10-05 11:49 - 00292424 _____ () C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\AppIntegratorStub64.dll 2013-01-28 13:45 - 2013-01-28 13:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-01-28 13:42 - 2013-01-28 13:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2012-09-03 08:18 - 2012-08-07 15:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-10-05 11:49 - 2013-10-05 11:49 - 00442952 _____ () C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\HPG64.DLL 2012-08-23 07:26 - 2012-08-23 07:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2012-08-23 07:25 - 2012-08-23 07:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2012-08-23 07:26 - 2012-08-23 07:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll 2012-08-23 07:25 - 2012-08-23 07:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll 2012-08-23 07:25 - 2012-08-23 07:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2012-08-23 07:25 - 2012-08-23 07:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll 2012-08-23 07:26 - 2012-08-23 07:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll 2013-07-24 15:51 - 2013-06-03 12:06 - 09907712 _____ () C:\Program Files (x86)\Tobit Radio.fx\Client\TOBITCLT.dll 2013-07-24 15:51 - 2013-05-16 13:28 - 00242688 _____ () C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client$.ger 2014-01-08 17:57 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll 2014-01-08 17:57 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll 2013-05-06 16:05 - 2014-01-11 00:33 - 00717312 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2013-06-06 13:06 - 2014-01-27 20:02 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2013-03-26 15:16 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2012-12-11 08:51 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll 2012-12-11 08:51 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll 2012-12-11 08:51 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll 2012-10-12 10:03 - 2012-07-31 17:02 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2013-12-20 21:29 - 2013-12-20 21:29 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2012-10-12 10:01 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Could not start eventlog service, could not read events. Der angeforderte Dienst wurde bereits gestartet. Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben. ==================== Memory info =========================== Percentage of memory in use: 19% Total physical RAM: 16202.27 MB Available physical RAM: 13052.28 MB Total Pagefile: 18506.27 MB Available Pagefile: 15216.14 MB Total Virtual: 8192 MB Available Virtual: 8191.75 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:110.83 GB) (Free:30.43 GB) NTFS Drive d: (DATA) (Fixed) (Total:914.51 GB) (Free:914.13 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 112 GB) (Disk ID: 60813425) Partition: GPT Partition Type ======================================================== Disk: 1 (Size: 932 GB) (Disk ID: 60813436) Partition: GPT Partition Type ==================== End Of Log ============================ Hoffe, das passt so, habe nicht gefunden, wie ich die Datei einfach anhängen kann. Gruß Marcus Bühner
  2. Nach den letzten Suchläufen hat mein Emisoft Anti-Malware Störenfriede entdeckt, die sich größtenteils problemlos entfernen ließen. 37 Funde lassen sich nicht entfernen. Was kann ich tun, um diese Funde zu entfernen? Denn diese Malware, die sich nicht entfernen lassen, lässt bei mir auf Seiten, die normalerweise werbefrei sind, immer wieder Werbung anzeigen und selbst mein Werbeblocker kann nicht verhindern, dass die Werbung auftaucht. Wie kann ich diesen Fund entfernen, wenn er sich nicht in die Quarantäne verschieben lässt? Jeder Fund wird mit keinem Risiko angezeigt.