Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014 Ran by christian at 2014-11-05 20:25:17 Running from C:\Users\christian\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: G Data InternetSecurity 2014 (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AS: G Data InternetSecurity 2014 (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.58 - NewTech Infosystems) Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.1.4 - Liteon) Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3000 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3006 - Acer Incorporated) Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0105.2010 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated) Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated) Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media) Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.36191 - Ask.com) <==== ATTENTION ATI Catalyst Install Manager (HKLM\...\{11F38253-8940-FFDA-D131-B14120C357E4}) (Version: 3.0.754.0 - ATI Technologies, Inc.) Backup Manager Basic (x32 Version: 2.0.0.58 - NewTech Infosystems) Hidden Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.01 - Broadcom Corporation) Brother MFL-Pro Suite DCP-585CW (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.) ccc-core-static (x32 Version: 2009.1209.2335.42329 - Ihr Firmenname) Hidden Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media) Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma) CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2529.50 - CyberLink Corp.) Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media) Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media) eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FaceFilter Studio Brother Edition (HKLM-x32\...\{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}) (Version: 1.0 - ) Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media) FLV Player (HKCU\...\FLV Player) (Version: - ) Foxtab (HKLM-x32\...\foxtab) (Version: - FoxTab) <==== ATTENTION G Data InternetSecurity 2014 (HKLM-x32\...\{7765322A-8601-47D3-AC60-B66677450D7B}) (Version: 24.0.3.2 - G Data Software AG) GameXN GO (HKCU\...\Game Organizer) (Version: - GameXN AS) Google Earth Plug-in (HKLM-x32\...\{79361740-EAE3-11E2-9911-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media) Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.2 - Acer Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.236 - LogMeIn, Inc.) Hidden Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.) Nero 7 Lite (HKLM-x32\...\Nero7Lite_is1) (Version: 7.11.10.0 - UpdatePack.nl) NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.616 - NewTech Infosystems) NTI Backup Now Standard (x32 Version: 5.1.2.616 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6509 - NewTech Infosystems) NTI Media Maker 8 (x32 Version: 8.0.2.6509 - NewTech Infosystems) Hidden PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.) Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version: - PopCap Games) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6015 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30110 - Realtek Semiconductor Corp.) ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH) Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3012 - Acer Incorporated) Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. ) Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 11-09-2014 18:04:58 Removed AVG 2014 11-09-2014 18:07:36 Removed AVG 2014 11-09-2014 18:19:50 TuneUp Utilities 2014 wird entfernt 11-09-2014 18:21:07 TuneUp Utilities 2014 (de-DE) wird entfernt 11-09-2014 19:25:19 Windows Defender Checkpoint 23-09-2014 12:26:12 Windows Update 23-09-2014 12:52:52 Windows Update 20-10-2014 17:37:59 Windows Update 21-10-2014 16:11:22 Windows Update 21-10-2014 18:15:38 Windows Update 04-11-2014 21:13:44 Windows Update 04-11-2014 21:27:58 Before uninstalling AVG Nation toolbar 04-11-2014 21:30:14 Before uninstalling Acrobat.com 04-11-2014 21:30:32 Removed Acrobat.com 04-11-2014 21:32:04 Before uninstalling Adobe AIR 04-11-2014 21:33:54 Before uninstalling Ask Toolbar 04-11-2014 21:35:50 Before uninstalling Amazon Browser Bar 04-11-2014 21:37:17 Before uninstalling Amazon Browser Settings 04-11-2014 21:38:27 Before uninstalling BatBrowse 1.0.0 04-11-2014 21:40:01 Before uninstalling Bonanza Deals (remove only) 04-11-2014 21:42:01 Before uninstalling Google Toolbar for Internet Explorer 05-11-2014 18:19:35 eBay Worldwide wird entfernt 05-11-2014 18:21:01 Removed Java(TM) 6 Update 20 (64-bit) 05-11-2014 18:22:36 Removed Java(TM) 6 Update 37 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0979B91B-B21C-43F6-9377-82C66438F66D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1596025664-2351154750-1043554243-1000UA => C:\Users\christian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-08] (Facebook Inc.) Task: {09DBD183-C0FB-4AEF-84B3-CADC8B28D427} - System32\Tasks\{A0008377-2DDA-486E-B76A-1A07418BD5ED} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {23079F2A-CD72-4DE0-AD37-066B55F40692} - System32\Tasks\{B092DE58-978F-4099-900D-C0F17145033B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {2F64498C-F95B-4603-81BE-2E956A5603F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-04] (Google Inc.) Task: {34A95E4C-C66C-411F-93C7-5C41664B9981} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1596025664-2351154750-1043554243-1003UA => C:\Users\MAX\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-21] (Facebook Inc.) Task: {3ED37F01-991E-44CD-ABEA-AD10D83E0AFB} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe Task: {5266400D-17B4-4909-B35E-2BF27A06D706} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-04] (Google Inc.) Task: {56B568AC-2294-4422-A9F8-DAFA4E7D3C24} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.) Task: {65405F6B-C7D3-4200-B985-DBA89D09629F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1596025664-2351154750-1043554243-1000Core => C:\Users\christian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-08] (Facebook Inc.) Task: {702D033F-6670-4491-B475-D136B62B2767} - System32\Tasks\{9F0E4A2C-D788-4696-8601-0F2C65FD4357} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {7F34CB8C-B41A-43DE-B0B3-A057D160BF0D} - System32\Tasks\Egis technology-Online-Aktualisierungsprogramm => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04] (Egis Technology Inc.) Task: {8EB186E6-2CC2-4F32-8D98-D1B947DDFBA9} - System32\Tasks\{93AA7DBF-13A0-4C84-8CD4-5F45B07E7656} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {8FECDB6F-02C6-4D85-AC2B-E419E4F4048C} - System32\Tasks\{091108D9-ECE7-45E5-8518-5C22C69BA83F} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {A63EE3A4-995B-45D0-93A6-280FB475D81F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A81BD248-82CE-4DB6-B2EC-4D7D99962B75} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated) Task: {AD4F492D-7E7F-4513-BE5C-0663BE3ECBDB} - System32\Tasks\{9AACFA23-9F1B-480C-913A-213DEF67B29B} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {B29C86C8-2B07-46E6-9D51-1065DE7903F7} - System32\Tasks\{D53F5F2A-AD34-4514-B816-4F4D1EA05963} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {BB7209A6-D481-4674-9148-AC4BA8291B82} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-18] (Adobe Systems Incorporated) Task: {C32EEA22-3F7E-42A1-84D8-A53D80942CBC} - System32\Tasks\{13DFBD5D-3AB1-422F-A48C-8E5E998B91CC} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {C43D744F-197B-43A9-BDBD-974E51D89FBD} - System32\Tasks\{49306936-8C24-42C8-93F6-930BEFB3B54B} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {D98AB7B5-5EC3-43B7-A261-5200B38F4272} - System32\Tasks\{5080894F-525C-40A3-B9CC-FB0990611930} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {E872A843-2CD0-428B-9733-2DBD9AB4DF1B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1596025664-2351154750-1043554243-1003Core => C:\Users\MAX\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-21] (Facebook Inc.) Task: {F3B0AF9C-AB44-4358-856E-99E46D301979} - System32\Tasks\{57B08DF5-87A0-4DE1-9A6F-7D25F7451383} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1596025664-2351154750-1043554243-1000Core.job => C:\Users\christian\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1596025664-2351154750-1043554243-1000UA.job => C:\Users\christian\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1596025664-2351154750-1043554243-1003Core.job => C:\Users\MAX\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1596025664-2351154750-1043554243-1003UA.job => C:\Users\MAX\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-06-13 14:06 - 2005-04-22 12:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll 2013-08-14 09:31 - 2013-08-14 09:31 - 00335312 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2010-01-07 02:46 - 2010-01-07 02:46 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll 2010-01-07 02:43 - 2010-01-07 02:43 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll 2010-01-16 04:27 - 2009-12-24 02:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-1596025664-2351154750-1043554243-500 - Administrator - Disabled) christian (S-1-5-21-1596025664-2351154750-1043554243-1000 - Administrator - Enabled) => C:\Users\christian Gast (S-1-5-21-1596025664-2351154750-1043554243-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1596025664-2351154750-1043554243-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/05/2014 08:14:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avkcks.exe, Version: 1.0.0.1, Zeitstempel: 0x46c04a9c Name des fehlerhaften Moduls: avkcks.exe, Version: 1.0.0.1, Zeitstempel: 0x46c04a9c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00001674 ID des fehlerhaften Prozesses: 0x51c Startzeit der fehlerhaften Anwendung: 0xavkcks.exe0 Pfad der fehlerhaften Anwendung: avkcks.exe1 Pfad des fehlerhaften Moduls: avkcks.exe2 Berichtskennung: avkcks.exe3 Error: (11/05/2014 08:01:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avkcks.exe, Version: 1.0.0.1, Zeitstempel: 0x46c04a9c Name des fehlerhaften Moduls: avkcks.exe, Version: 1.0.0.1, Zeitstempel: 0x46c04a9c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00001674 ID des fehlerhaften Prozesses: 0x2ac Startzeit der fehlerhaften Anwendung: 0xavkcks.exe0 Pfad der fehlerhaften Anwendung: avkcks.exe1 Pfad des fehlerhaften Moduls: avkcks.exe2 Berichtskennung: avkcks.exe3 Error: (11/05/2014 07:40:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avkcks.exe, Version: 1.0.0.1, Zeitstempel: 0x46c04a9c Name des fehlerhaften Moduls: avkcks.exe, Version: 1.0.0.1, Zeitstempel: 0x46c04a9c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00001674 ID des fehlerhaften Prozesses: 0x398 Startzeit der fehlerhaften Anwendung: 0xavkcks.exe0 Pfad der fehlerhaften Anwendung: avkcks.exe1 Pfad des fehlerhaften Moduls: avkcks.exe2 Berichtskennung: avkcks.exe3 Error: (11/04/2014 09:10:54 PM) (Source: Google Update) (EventID: 20) (User: christian-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7 Error: (10/18/2014 10:59:06 AM) (Source: Google Update) (EventID: 20) (User: christian-PC) Description: Network Request Error. Error: 0x80072ee2. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80042194. Http status code 404. Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80042194. Http status code 404. Error: (10/18/2014 09:55:19 AM) (Source: Google Update) (EventID: 20) (User: christian-PC) Description: Network Request Error. Error: 0x80072ee2. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee2 Error: (10/18/2014 09:45:18 AM) (Source: Google Update) (EventID: 20) (User: christian-PC) Description: Network Request Error. Error: 0x80072ee2. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072efd. Http status code 0. trying WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee2 Error: (10/18/2014 08:18:39 AM) (Source: Google Update) (EventID: 20) (User: christian-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7 Error: (10/18/2014 08:13:06 AM) (Source: Google Update) (EventID: 20) (User: christian-PC) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7 Error: (09/23/2014 01:34:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: GDScan.exe, Version: 1.4.13234.198, Zeitstempel: 0x521566c8 Name des fehlerhaften Moduls: GDScan.exe, Version: 1.4.13234.198, Zeitstempel: 0x521566c8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00060ec6 ID des fehlerhaften Prozesses: 0x3c0 Startzeit der fehlerhaften Anwendung: 0xGDScan.exe0 Pfad der fehlerhaften Anwendung: GDScan.exe1 Pfad des fehlerhaften Moduls: GDScan.exe2 Berichtskennung: GDScan.exe3 System errors: ============= Error: (11/05/2014 08:20:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "BonanzaDealsLive-Dienst (bonanzadealslive)" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/05/2014 08:18:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "vToolbarUpdater18.1.0" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/05/2014 08:15:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/05/2014 08:14:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/05/2014 08:14:17 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/05/2014 08:14:17 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (11/05/2014 08:14:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/05/2014 08:14:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/05/2014 08:14:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/05/2014 08:14:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz Percentage of memory in use: 46% Total physical RAM: 3958.78 MB Available physical RAM: 2107.54 MB Total Pagefile: 7915.73 MB Available Pagefile: 5972.68 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:453.66 GB) (Free:338.83 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8F874A8B) Partition 1: (Not Active) - (Size=12 GB) - (Type=27) Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=453.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================