notebook wird immer langsamer

cauchemar · 11.07.2014, 22:06

hallo

mein notebook wird immer langsamer

die kleine blaue lampe die immer leuchtet wenn das gerät irgendwie arbeitet leuchtet bei mir dauerhaft und das teil arbeitet mega langsam....

hab da antivire drüberlaufen lassen und jetzt auch nochmal kaspersky aber keines der programme findet was

könnt ihr mir bite helfen

danke

Bootsektor · 11.07.2014, 23:32

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
Poste die Logfiles direkt in deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:

Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Lass uns mal schauen, was man da so sieht

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

cauchemar · 12.07.2014, 00:15

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by cevin (administrator) on CEVIN-PC on 12-07-2014 01:02:35
Running from C:\Users\cevin\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2298607320-3797335160-988972994-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask Partner Network | APN - Ask Toolbar Download
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9E1AA96A9BC2CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE370
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKCU - {FFAE837E-CC0E-4F47-B799-6A7AD46217C2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DDR&o=16621&src=kw&q={searchTerms}&locale=&apn_ptnrs=^1Q&apn_dtid=^YYYYYY^YY^DE&apn_uid=3CEFE740-F3F1-41E3-9E5B-591F2196971A&apn_sauid=89118461-A5EA-4F84-A0C1-C5C6F1BBA900
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF Homepage: hxxp://www.gayromeo.com/
FF NetworkProxy: "ftp", "46.38.63.77"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "46.38.63.77"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "46.38.63.77"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "46.38.63.77"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\cevin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF SearchPlugin: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\NJuNeXaeLAqLGUfGTsla
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Block site - C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-12-12]
FF Extension: Adblock Plus - C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-20]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-05]
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-12-28]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-07-01]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-07-01]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-07-01]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2014-07-01] (Kaspersky Lab ZAO)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [796192 2009-08-18] (Acer Incorporated)
R2 IGBASVC; c:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-08-06] (Egis Technology Inc.) [File not signed]
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [615936 2010-06-14] (Nokia) [File not signed]
R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [247152 2010-04-27] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-04-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [6656 2009-07-21] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-07-01] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-07-01] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-07-01] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-07-01] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-07-01] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-07-01] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-07-01] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-04-03] ()
S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [24272 2010-11-19] (DiBcom S.A.)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2010-02-26] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [19456 2010-02-26] (Nokia)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [25088 2009-07-21] (Nuvoton Technology Corporation)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [9216 2010-02-26] (Nokia)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [146928 2009-08-04] (CyberLink Corp.)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 mod7700; system32\DRIVERS\mod7700.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-12 01:02 - 2014-07-12 01:02 - 00017995 _____ () C:\Users\cevin\Downloads\FRST.txt
2014-07-12 01:01 - 2014-07-12 01:01 - 02084864 _____ (Farbar) C:\Users\cevin\Downloads\FRST64.exe
2014-07-11 22:42 - 2014-07-11 22:42 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C35B9E6F-7759-4FAD-B04B-1AABA1E3814E}
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E9028EED-1296-412D-A703-508033734006}
2014-07-10 21:22 - 2014-07-10 21:22 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B3910F8C-22FC-4C4F-A53D-AA7D0435B49C}
2014-07-09 11:42 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 11:42 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 11:42 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 11:42 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 11:42 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 11:42 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 11:41 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 11:40 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 11:40 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 11:40 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 11:40 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 11:40 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 11:40 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 11:40 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 11:40 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 11:40 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 11:40 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 11:40 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 11:40 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 11:40 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 11:40 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 11:40 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 11:40 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 11:40 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 11:40 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 11:40 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 11:40 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 11:40 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 11:40 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 11:40 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 11:40 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 11:40 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 11:40 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 11:40 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 11:40 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 11:40 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 11:40 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 11:40 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 11:40 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 11:40 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 11:40 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 11:40 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 11:40 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 11:40 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 11:40 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 11:40 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 11:40 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 11:40 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 11:40 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 11:40 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 11:40 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 11:40 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 11:40 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 11:40 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 11:40 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 11:40 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 11:40 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 11:40 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 11:40 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 11:40 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 11:40 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 11:40 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 11:40 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 11:39 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 11:39 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 11:39 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 09:51 - 2014-07-09 09:51 - 00000000 ____D () C:\Users\cevin\AppData\Local\{013AD591-86F6-4EE2-9012-CBA5C62C8879}
2014-07-06 21:45 - 2014-07-06 21:46 - 00000000 ____D () C:\Users\cevin\AppData\Local\{3C4EE774-96CB-45F5-B110-E408E0A37022}
2014-07-06 09:44 - 2014-07-06 09:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B2F0EAA2-E69E-46FD-9F4E-5815FF8801A5}
2014-07-04 15:53 - 2014-07-04 15:53 - 00000000 ____D () C:\Users\cevin\AppData\Local\{50A79613-225C-40C8-BDBE-F0CF6915E518}
2014-07-02 16:47 - 2014-07-02 16:47 - 00000000 ____D () C:\Users\cevin\AppData\Local\{07DD5A38-1376-4124-B1FF-FC864792DF37}
2014-07-01 17:20 - 2014-07-01 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-07-01 17:20 - 2014-07-01 17:19 - 00001053 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-07-01 17:19 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-07-01 17:15 - 2014-07-12 01:02 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-07-01 17:14 - 2014-07-01 17:43 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-07-01 17:14 - 2014-07-01 17:43 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-07-01 16:58 - 2014-07-01 17:01 - 235628672 _____ () C:\Users\cevin\Downloads\kav14.0.0.4651de-de.exe
2014-07-01 16:09 - 2014-07-01 16:09 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B0959EA8-683E-4E37-8769-5D161E49BE17}
2014-06-30 13:27 - 2014-06-30 13:27 - 00000000 ____D () C:\Users\cevin\AppData\Local\{237D482E-7E34-401E-8F17-0BA27F0262C4}
2014-06-28 22:39 - 2014-07-11 22:37 - 00000728 _____ () C:\Windows\setupact.log
2014-06-28 22:39 - 2014-07-10 21:11 - 00337312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-28 22:39 - 2014-07-02 16:09 - 00001142 _____ () C:\Windows\PFRO.log
2014-06-28 22:39 - 2014-06-28 22:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-27 23:21 - 2014-06-27 23:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{42FBE03B-0244-461C-91B1-785F48845D38}
2014-06-27 19:48 - 2014-06-27 19:48 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchApp
2014-06-27 17:46 - 2014-06-27 17:46 - 00076776 _____ () C:\Users\cevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-27 17:26 - 2014-06-27 17:26 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-27 17:26 - 2014-06-27 17:26 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-27 17:25 - 2014-06-27 17:25 - 04812672 _____ (Piriform Ltd) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager [1].exe
2014-06-27 17:24 - 2014-06-27 17:24 - 00788832 _____ ( ) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager.exe
2014-06-27 11:21 - 2014-06-27 11:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{6972D8A5-A219-443E-A357-89C155BDDA7D}
2014-06-26 10:45 - 2014-06-26 10:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E70B6A60-F2E8-448D-9E0D-5E4A9BC626D0}
2014-06-25 21:25 - 2014-06-25 21:25 - 00000000 ____D () C:\Users\cevin\AppData\Local\{96794EEB-D1F6-489F-818D-47B3C9CD3A0F}
2014-06-24 22:46 - 2014-06-24 22:46 - 00000000 ____D () C:\Users\cevin\AppData\Local\{93E3B89A-5BF8-4712-B6C1-98709B53CE8C}
2014-06-24 09:35 - 2014-06-24 09:35 - 00000000 ____D () C:\Users\cevin\AppData\Local\{BA391E80-3556-46D6-B103-2A3C18176909}
2014-06-23 22:58 - 2014-06-23 22:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{249218FD-5D6A-4E8A-B766-85CA18465D77}
2014-06-22 22:45 - 2014-06-22 22:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{2D8FB200-76DE-4EBF-99D1-F998CD7462BD}
2014-06-22 10:44 - 2014-06-22 10:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{CC0DC116-9230-4337-9A80-0B157742DCBD}
2014-06-21 21:58 - 2014-06-21 21:59 - 00000000 ____D () C:\Users\cevin\AppData\Local\{F751A3DB-714D-4A90-828C-B7048371B2CA}
2014-06-21 09:58 - 2014-06-21 09:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{8192B066-D83E-4FCF-BE07-D97D837C12F0}
2014-06-20 10:46 - 2014-06-20 10:51 - 00103267 _____ () C:\Users\cevin\Downloads\DriverView_v1.45.zip
2014-06-20 10:41 - 2014-06-20 10:42 - 00511782 _____ () C:\Users\cevin\Downloads\Autoruns.zip
2014-06-20 10:37 - 2014-06-20 10:37 - 00000000 ____D () C:\Users\cevin\AppData\Local\{89AB4BC8-06E9-460D-8204-722BEC691B51}
2014-06-18 22:55 - 2014-06-18 22:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4BCD0956-D6CD-43B1-87F9-4BA71B703826}
2014-06-18 11:55 - 2014-06-18 11:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\Adobe
2014-06-18 10:54 - 2014-06-18 10:54 - 00000000 ____D () C:\Users\cevin\AppData\Local\{951B063B-5B4E-4294-AD34-35FCBF7713F0}
2014-06-17 22:50 - 2014-06-17 22:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{A19CB636-F822-494D-9BA2-2E122C628559}
2014-06-17 13:51 - 2014-06-17 10:52 - 00000030 _____ () C:\AVScanner.ini
2014-06-17 10:50 - 2014-06-17 10:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4215C0E0-4780-4FE7-BDE3-CBDDFCB730CD}
2014-06-16 15:34 - 2014-06-16 15:34 - 00000000 ____D () C:\Users\cevin\AppData\Local\{747CE725-538F-4A0E-B1BF-EE25F0E97D2A}
2014-06-15 23:23 - 2014-06-15 23:23 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E2CAFAA9-D7FB-4376-8608-9B76F953B728}
2014-06-15 11:22 - 2014-06-15 11:23 - 00000000 ____D () C:\Users\cevin\AppData\Local\{1532C955-EDCD-4170-AF08-FC2C7F015AF4}
2014-06-14 23:21 - 2014-06-14 23:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C0769387-4EE7-463B-B692-5D5A23DD2843}
2014-06-14 11:20 - 2014-06-14 11:20 - 00000000 ____D () C:\Users\cevin\AppData\Local\{85002793-CEEA-4392-8FD6-EF295FB7ABFF}
2014-06-13 13:37 - 2014-06-13 13:38 - 00000000 ____D () C:\Users\cevin\AppData\Local\{AE363E96-F3C2-4F9D-B86A-375F07FEEC16}
2014-06-12 18:16 - 2014-06-12 18:17 - 00000000 ____D () C:\Users\cevin\AppData\Local\{0B36347F-177F-4F69-891F-204847733406}

==================== One Month Modified Files and Folders =======

2014-07-12 01:09 - 2014-07-12 01:02 - 00017995 _____ () C:\Users\cevin\Downloads\FRST.txt
2014-07-12 01:02 - 2014-07-01 17:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-12 01:02 - 2013-12-15 12:10 - 00000000 ____D () C:\FRST
2014-07-12 01:01 - 2014-07-12 01:01 - 02084864 _____ (Farbar) C:\Users\cevin\Downloads\FRST64.exe
2014-07-12 00:59 - 2013-07-05 09:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-12 00:58 - 2013-06-28 23:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-11 23:01 - 2010-01-26 17:30 - 01121686 _____ () C:\Windows\WindowsUpdate.log
2014-07-11 22:54 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-11 22:54 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-11 22:42 - 2014-07-11 22:42 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C35B9E6F-7759-4FAD-B04B-1AABA1E3814E}
2014-07-11 22:37 - 2014-06-28 22:39 - 00000728 _____ () C:\Windows\setupact.log
2014-07-11 22:37 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-11 22:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E9028EED-1296-412D-A703-508033734006}
2014-07-10 21:22 - 2014-07-10 21:22 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B3910F8C-22FC-4C4F-A53D-AA7D0435B49C}
2014-07-10 21:11 - 2014-06-28 22:39 - 00337312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 00:03 - 2009-08-22 08:06 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 00:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 00:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 23:25 - 2013-08-15 10:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 23:19 - 2010-05-23 11:48 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 19:03 - 2014-05-03 19:03 - 00000326 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2014-07-09 18:59 - 2013-06-28 23:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 18:59 - 2013-05-05 20:44 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 18:59 - 2013-05-05 20:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 18:52 - 2014-05-03 18:52 - 00000330 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job
2014-07-09 16:34 - 2010-01-27 02:23 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-07-09 16:34 - 2010-01-27 02:23 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-07-09 16:34 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-09 15:01 - 2014-05-03 18:52 - 00000322 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job
2014-07-09 09:51 - 2014-07-09 09:51 - 00000000 ____D () C:\Users\cevin\AppData\Local\{013AD591-86F6-4EE2-9012-CBA5C62C8879}
2014-07-06 21:46 - 2014-07-06 21:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{3C4EE774-96CB-45F5-B110-E408E0A37022}
2014-07-06 09:44 - 2014-07-06 09:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B2F0EAA2-E69E-46FD-9F4E-5815FF8801A5}
2014-07-05 23:24 - 2012-05-26 21:25 - 00000000 ____D () C:\Users\cevin\AppData\Roaming\vlc
2014-07-04 15:55 - 2013-12-19 13:51 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-04 15:53 - 2014-07-04 15:53 - 00000000 ____D () C:\Users\cevin\AppData\Local\{50A79613-225C-40C8-BDBE-F0CF6915E518}
2014-07-02 16:47 - 2014-07-02 16:47 - 00000000 ____D () C:\Users\cevin\AppData\Local\{07DD5A38-1376-4124-B1FF-FC864792DF37}
2014-07-02 16:09 - 2014-06-28 22:39 - 00001142 _____ () C:\Windows\PFRO.log
2014-07-01 17:43 - 2014-07-01 17:14 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-07-01 17:43 - 2014-07-01 17:14 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-07-01 17:43 - 2013-06-10 12:27 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2014-07-01 17:43 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-07-01 17:43 - 2013-05-06 09:22 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-07-01 17:43 - 2013-05-05 22:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2014-07-01 17:43 - 2013-05-05 22:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-07-01 17:20 - 2014-07-01 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-07-01 17:19 - 2014-07-01 17:20 - 00001053 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-07-01 17:01 - 2014-07-01 16:58 - 235628672 _____ () C:\Users\cevin\Downloads\kav14.0.0.4651de-de.exe
2014-07-01 16:09 - 2014-07-01 16:09 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B0959EA8-683E-4E37-8769-5D161E49BE17}
2014-06-30 13:27 - 2014-06-30 13:27 - 00000000 ____D () C:\Users\cevin\AppData\Local\{237D482E-7E34-401E-8F17-0BA27F0262C4}
2014-06-28 22:39 - 2014-06-28 22:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-27 23:21 - 2014-06-27 23:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{42FBE03B-0244-461C-91B1-785F48845D38}
2014-06-27 19:48 - 2014-06-27 19:48 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchApp
2014-06-27 19:46 - 2010-03-08 14:50 - 00000000 ____D () C:\Windows\pss
2014-06-27 17:48 - 2010-08-10 14:59 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-06-27 17:46 - 2014-06-27 17:46 - 00076776 _____ () C:\Users\cevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-27 17:34 - 2012-01-24 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cultures - Die Entdeckung Vinlands
2014-06-27 17:34 - 2009-08-22 07:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2014-06-27 17:34 - 2009-07-27 22:41 - 00000000 ____D () C:\Windows\Panther
2014-06-27 17:33 - 2010-03-20 12:00 - 00000000 ____D () C:\Windows\Minidump
2014-06-27 17:26 - 2014-06-27 17:26 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-27 17:26 - 2014-06-27 17:26 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-27 17:25 - 2014-06-27 17:25 - 04812672 _____ (Piriform Ltd) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager [1].exe
2014-06-27 17:24 - 2014-06-27 17:24 - 00788832 _____ ( ) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager.exe
2014-06-27 11:21 - 2014-06-27 11:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{6972D8A5-A219-443E-A357-89C155BDDA7D}
2014-06-26 10:45 - 2014-06-26 10:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E70B6A60-F2E8-448D-9E0D-5E4A9BC626D0}
2014-06-25 21:25 - 2014-06-25 21:25 - 00000000 ____D () C:\Users\cevin\AppData\Local\{96794EEB-D1F6-489F-818D-47B3C9CD3A0F}
2014-06-24 22:46 - 2014-06-24 22:46 - 00000000 ____D () C:\Users\cevin\AppData\Local\{93E3B89A-5BF8-4712-B6C1-98709B53CE8C}
2014-06-24 09:35 - 2014-06-24 09:35 - 00000000 ____D () C:\Users\cevin\AppData\Local\{BA391E80-3556-46D6-B103-2A3C18176909}
2014-06-23 22:58 - 2014-06-23 22:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{249218FD-5D6A-4E8A-B766-85CA18465D77}
2014-06-22 22:45 - 2014-06-22 22:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{2D8FB200-76DE-4EBF-99D1-F998CD7462BD}
2014-06-22 10:44 - 2014-06-22 10:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{CC0DC116-9230-4337-9A80-0B157742DCBD}
2014-06-21 21:59 - 2014-06-21 21:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{F751A3DB-714D-4A90-828C-B7048371B2CA}
2014-06-21 09:58 - 2014-06-21 09:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{8192B066-D83E-4FCF-BE07-D97D837C12F0}
2014-06-20 22:14 - 2014-07-09 11:40 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 11:40 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 10:51 - 2014-06-20 10:46 - 00103267 _____ () C:\Users\cevin\Downloads\DriverView_v1.45.zip
2014-06-20 10:42 - 2014-06-20 10:41 - 00511782 _____ () C:\Users\cevin\Downloads\Autoruns.zip
2014-06-20 10:37 - 2014-06-20 10:37 - 00000000 ____D () C:\Users\cevin\AppData\Local\{89AB4BC8-06E9-460D-8204-722BEC691B51}
2014-06-19 03:39 - 2014-07-09 11:40 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 11:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 11:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 11:40 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 11:40 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-09 11:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-09 11:40 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-09 11:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-09 11:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 11:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 11:40 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 11:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 11:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-09 11:40 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 11:40 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 11:40 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 11:40 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 11:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 11:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 11:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 11:40 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 11:40 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 11:40 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 11:40 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 11:40 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 11:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 11:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 11:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 11:40 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 11:40 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 11:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 11:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 11:40 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 11:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 11:40 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 11:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 11:40 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 11:40 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 11:40 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 11:40 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 11:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 11:40 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 11:40 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 11:40 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 11:40 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 11:40 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 11:40 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 11:40 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 11:40 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 11:40 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 11:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 11:40 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 11:40 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 11:40 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 22:55 - 2014-06-18 22:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4BCD0956-D6CD-43B1-87F9-4BA71B703826}
2014-06-18 11:55 - 2014-06-18 11:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\Adobe
2014-06-18 10:54 - 2014-06-18 10:54 - 00000000 ____D () C:\Users\cevin\AppData\Local\{951B063B-5B4E-4294-AD34-35FCBF7713F0}
2014-06-18 04:18 - 2014-07-09 11:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-09 11:42 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-09 11:42 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 22:50 - 2014-06-17 22:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{A19CB636-F822-494D-9BA2-2E122C628559}
2014-06-17 10:52 - 2014-06-17 13:51 - 00000030 _____ () C:\AVScanner.ini
2014-06-17 10:52 - 2009-08-22 07:29 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-17 10:50 - 2014-06-17 10:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4215C0E0-4780-4FE7-BDE3-CBDDFCB730CD}
2014-06-16 15:34 - 2014-06-16 15:34 - 00000000 ____D () C:\Users\cevin\AppData\Local\{747CE725-538F-4A0E-B1BF-EE25F0E97D2A}
2014-06-16 14:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-15 23:23 - 2014-06-15 23:23 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E2CAFAA9-D7FB-4376-8608-9B76F953B728}
2014-06-15 11:23 - 2014-06-15 11:22 - 00000000 ____D () C:\Users\cevin\AppData\Local\{1532C955-EDCD-4170-AF08-FC2C7F015AF4}
2014-06-14 23:21 - 2014-06-14 23:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C0769387-4EE7-463B-B692-5D5A23DD2843}
2014-06-14 11:20 - 2014-06-14 11:20 - 00000000 ____D () C:\Users\cevin\AppData\Local\{85002793-CEEA-4392-8FD6-EF295FB7ABFF}
2014-06-13 13:38 - 2014-06-13 13:37 - 00000000 ____D () C:\Users\cevin\AppData\Local\{AE363E96-F3C2-4F9D-B86A-375F07FEEC16}
2014-06-12 18:22 - 2014-05-06 23:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 18:17 - 2014-06-12 18:16 - 00000000 ____D () C:\Users\cevin\AppData\Local\{0B36347F-177F-4F69-891F-204847733406}

Some content of TEMP:
====================
C:\Users\cevin\AppData\Local\Temp\avgnt.exe
C:\Users\cevin\AppData\Local\Temp\CloudBackup8495.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 16:50

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014
Ran by cevin at 2014-07-12 01:12:37
Running from C:\Users\cevin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7025 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7025 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.19.0 - Acer) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems)
Acer Bio Protection (HKLM-x32\...\InstallShield_{565A39D6-4FB0-4F35-A2AC-0DC66ACC3520}) (Version: 6.1.48 - Egis Technology Inc.)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.06.3004 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.3.0715 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric)
AmIcoSingLun (HKLM-x32\...\InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}) (Version: 1.2.117.2 - Alcor Micro Co., Ltd.)
AmIcoSingLun (x32 Version: 1.2.117.2 - Alcor Micro Co., Ltd.) Hidden
Any Video Converter 3.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.4.6714 - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DIE SIEDLER - Aufstieg eines Königreichs (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.6.1 - DivX, Inc.)
Fingerprint Solution (x32 Version: 6.1.48.0 - Egis Technology Inc.) Hidden
Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - ZTE Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 2.0.01 - Acer Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.97 - LSI Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.300.05.11.52 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{F1FDAA01-988C-423F-AC12-0D8F333943FD}) (Version: 7.1.31.0 - Nokia)
Nokia Photos (HKLM-x32\...\{0EABFEF6-6D10-4C12-8667-3029C481D355}) (Version: 1.6.434 - Nokia)
Nokia_Multimedia_Common_Components_2_5 (HKLM-x32\...\{70B31335-50EE-4834-8431-27412CDE62BD}) (Version: 2.6.86 - Nokia)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
Nuvoton EC Generic HID Driver (HKLM-x32\...\{92975DF9-EA36-4F36-A9AC-D412BC1D709E}) (Version: 8.80.1001 - Nuvoton Technology Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM-x32\...\{2217B0B4-35CB-48C6-B640-864DF2F30F99}) (Version: 3.2.9483 - OpenOffice.org)
PC Connectivity Solution (HKLM-x32\...\{29F563F4-8807-4496-8463-441EAA0E96AB}) (Version: 10.26.0.0 - Nokia)
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.8 - Frank Heindörfer, Philip Chinery)
Pinnacle TVCenter Pro (HKLM-x32\...\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}) (Version:  - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
VideoReDo/Plus Version 2.5.6.512 (HKLM-x32\...\VideoReDo-Plus_is1) (Version:  - DRD Systems, Inc.)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Restore Points  =========================

01-07-2014 14:15:58 Windows Update
08-07-2014 15:30:05 Windows Update
09-07-2014 21:03:59 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-05-21 16:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {008B9D5E-DEE6-4B8B-B94B-91AF27D0360A} - System32\Tasks\{2510881A-C286-46B6-BB47-A1FEBF49B2B3} => D:\INSTALL.EXE
Task: {0334744C-302B-4BA6-AF98-50F662BC759D} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {13D55BF7-D903-43D1-AEBC-A582AFCC80E6} - System32\Tasks\{7C174289-AC54-4204-8401-664D840DC567} => D:\INSTALL.EXE
Task: {18ECFAFA-CBAB-4D7F-81EA-67DD0E5A23CC} - System32\Tasks\{15323A13-A924-4530-8713-D820FB21075F} => D:\INSTALL.EXE
Task: {1F4AD571-E842-47E3-9243-CAFCA597CC91} - System32\Tasks\{0F048639-CC5D-495E-B4BE-B84A1D4B6D4F} => D:\INSTALL.EXE
Task: {2C136FE6-1DF7-46BF-B47A-84DC92A3C3F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {33E11AB0-63A0-463A-BF2F-6618141143FF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2298607320-3797335160-988972994-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {3EB19243-2643-4925-8975-D1BD38005617} - System32\Tasks\{422FB0DF-7756-4065-AA0B-6CBE5C96733C} => D:\INSTALL.EXE
Task: {42D0ACF0-275D-456E-BD36-AAB9197E8D5D} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {5C3BB401-7A75-43D1-9BA1-2611EC33304B} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {5D42D24C-BBA2-42B5-9C3B-F342AA2BD192} - System32\Tasks\{A5279D94-B035-4F07-937F-FE40747EE84A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {624C5F52-381A-4960-A86C-A6CB944C91C2} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {65467A25-92A6-4757-B65C-5F28FF779581} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {67A527CA-D1D9-43A4-9DAB-23A8FA47BA26} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {77191CE1-6199-42B5-A004-17FDF64BF60A} - System32\Tasks\{6181DBC4-7575-45B2-8D47-3A80C9740BB8} => D:\INSTALL.EXE
Task: {82131DB3-AC29-4EF0-A229-EF2B250CE381} - System32\Tasks\SuperEasy Registry Cleaner_DEFAULT => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {82629502-80A4-4A89-B2C7-51D81BD275F1} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2298607320-3797335160-988972994-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {9B62A9B0-5210-4952-9905-CB3E2E112DBA} - System32\Tasks\{694DDE43-8754-45E9-BA8A-EED6A32AE7BE} => D:\INSTALL.EXE
Task: {9F0908A4-E17D-4462-925B-9D67D49F9632} - System32\Tasks\{21848FB2-70EB-4A2C-A367-3EA59F79EA6C} => D:\INSTALL.EXE
Task: {A0396206-0E8D-41A7-9BD4-105B8D2E20A1} - System32\Tasks\{2D24C3A8-3212-48E2-AF95-274562393698} => D:\INSTALL.EXE
Task: {A2FA4844-739D-4DBD-B9D5-168DE982AF78} - System32\Tasks\{C6CC65AA-B36A-45F6-BFE7-C17FA245CF86} => D:\INSTALL.EXE
Task: {A7BFB0C2-50FD-4AAD-9809-EBD2F7E4C7E5} - System32\Tasks\{C603D80B-52BB-4B40-8F03-1D612ABD3A5E} => D:\INSTALL.EXE
Task: {ACD66DD1-B6B0-47BF-9D9F-BAAAC015C91B} - System32\Tasks\{249CBBB6-A244-4FE9-AA61-5D2353E86459} => D:\INSTALL.EXE
Task: {B8D196A4-EE83-4E23-95DB-ECDE9430B049} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe
Task: {CAEFFC5C-9595-4D99-8E51-34DF30000D6C} - System32\Tasks\{8748D3EC-E8F3-4E6F-A427-81BB80C247D9} => D:\INSTALL.EXE
Task: {CD7193B8-BCA0-4EDB-AD98-4FF6EA3A294A} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-06-30] (RealNetworks, Inc.)
Task: {E24F9C2F-94BB-4F33-AD5A-1701ED0879F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {E76ADE9E-1E3D-4C31-831E-146138A2426E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {E7D4701C-F07F-48A4-A5D3-C78B34925EC8} - System32\Tasks\SuperEasy Registry Cleaner_UPDATES => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {F4162098-0D82-4BC4-BE06-C41A7BA5E21B} - System32\Tasks\{A99EA8E8-B99C-420D-BCD4-23DC298AE4A3} => D:\INSTALL.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe

==================== Loaded Modules (whitelisted) =============

2010-08-10 14:59 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-07-19 10:38 - 2010-04-27 16:57 - 00247152 _____ () C:\Program Files (x86)\Join Air\AssistantServices.exe
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2013-07-05 09:50 - 2014-07-12 00:59 - 03844720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0888F409
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\Users\cevin\Documents\emaeillll.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk => C:\Windows\pss\Acer VCM.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^cevin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^cevin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^cevin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TimePanic.lnk => C:\Windows\pss\TimePanic.lnk.Startup
MSCONFIG\startupfolder: C:^Users^cevin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Yahoo! Widgets.lnk => C:\Windows\pss\Yahoo! Widgets.lnk.Startup
MSCONFIG\startupreg: Acer ePower Management => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart /min
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe"
MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: lxdxmon.exe => "C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaMusic FastStart => "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
MSCONFIG\startupreg: PMCLoader => C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Join Air\UIExec.exe"
MSCONFIG\startupreg: VitaKeyPdtWzd => "c:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2014 11:00:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5301, Zeitstempel: 0x53bb608d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5301, Zeitstempel: 0x53bb2fdc
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xdac
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/11/2014 11:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5301 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 91c

Startzeit: 01cf9d485aeae71c

Endzeit: 1350

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 59bf46eb-093e-11e4-af7a-001f16c28cd6

Error: (07/01/2014 05:47:05 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Anti-Virus - Update "Kaspersky Internet Security 2014 (Patch f)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\MSId389a.LOG enthalten.

Error: (07/01/2014 05:47:05 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Programm: Kaspersky Anti-Virus -- Interner Fehler 2761.

Error: (07/01/2014 05:45:39 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Fehler beim Starten einer Windows Installer-Transaktion: {6F6873E3-5C92-4049-B511-231A138DD090}. Fehler 1618 beim Starten der Transaktion.

Error: (07/01/2014 05:45:39 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Fehler beim Starten einer Windows Installer-Transaktion: {6F6873E3-5C92-4049-B511-231A138DD090}. Fehler 1618 beim Starten der Transaktion.

Error: (06/20/2014 10:50:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DriverView.exe, Version 1.4.5.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13e4

Startzeit: 01cf8c644d132f3e

Endzeit: 0

Anwendungspfad: C:\Users\cevin\AppData\Local\Temp\Rar$EX00.066\DriverView.exe

Berichts-ID: 95380794-f857-11e3-8d70-001f16c28cd6

Error: (06/11/2014 08:15:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 14.0.4.632 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 664

Startzeit: 01cf859f95a69a53

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 1bf03247-f194-11e3-89cb-001f16c28cd6

Error: (06/11/2014 08:07:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 14.0.4.632 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 664

Startzeit: 01cf859f95a69a53

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 08c3cc6e-f193-11e3-89cb-001f16c28cd6

Error: (06/03/2014 08:34:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0x8e8
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3


System errors:
=============
Error: (07/11/2014 10:44:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (07/11/2014 11:00:56 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/11/2014 00:05:47 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/09/2014 09:53:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (07/08/2014 11:57:36 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/07/2014 10:36:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%16405

Error: (07/07/2014 10:35:50 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/07/2014 10:35:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}

Error: (07/07/2014 00:19:29 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/06/2014 09:44:21 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================
Error: (07/11/2014 11:00:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.530153bb608dmozalloc.dll31.0.0.530153bb2fdc800000030000141bdac01cf9d48a0f2ba54C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll626d43e2-093e-11e4-af7a-001f16c28cd6

Error: (07/11/2014 11:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.530191c01cf9d485aeae71c1350C:\Program Files (x86)\Mozilla Firefox\firefox.exe59bf46eb-093e-11e4-af7a-001f16c28cd6

Error: (07/01/2014 05:47:05 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Kaspersky Anti-VirusKaspersky Internet Security 2014 (Patch f)1603C:\Windows\TEMP\MSId389a.LOG(NULL)(NULL)

Error: (07/01/2014 05:47:05 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Programm: Kaspersky Anti-Virus -- Interner Fehler 2761. (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/01/2014 05:45:39 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {6F6873E3-5C92-4049-B511-231A138DD090}1618(NULL)(NULL)(NULL)(NULL)

Error: (07/01/2014 05:45:39 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {6F6873E3-5C92-4049-B511-231A138DD090}1618(NULL)(NULL)(NULL)(NULL)

Error: (06/20/2014 10:50:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: DriverView.exe1.4.5.1313e401cf8c644d132f3e0C:\Users\cevin\AppData\Local\Temp\Rar$EX00.066\DriverView.exe95380794-f857-11e3-8d70-001f16c28cd6

Error: (06/11/2014 08:15:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe14.0.4.63266401cf859f95a69a5360000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe1bf03247-f194-11e3-89cb-001f16c28cd6

Error: (06/11/2014 08:07:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe14.0.4.63266401cf859f95a69a5360000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe08c3cc6e-f193-11e3-89cb-001f16c28cd6

Error: (06/03/2014 08:34:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000037400000000000c41028e801cf7f0bcd8dc2a0C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllc0327f46-eb4d-11e3-b8c8-001f16c28cd6


CodeIntegrity Errors:
===================================
  Date: 2013-06-15 11:19:49.168
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-15 11:03:04.263
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-23 16:57:16.552
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-23 16:55:28.330
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-05 00:58:34.593
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-10 08:55:59.629
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-11-14 21:26:31.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-23 19:11:51.791
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-12 10:07:16.550
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-23 16:52:49.272
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 89%
Total physical RAM: 4090.93 MB
Available physical RAM: 428.44 MB
Total Pagefile: 8180.04 MB
Available Pagefile: 3741.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:438.18 GB) (Free:159.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 740B4E56)
Partition 1: (Not Active) - (Size=23 GB) - (Type=27)
Partition 2: (Not Active) - (Size=5 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=438 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

Bootsektor · 12.07.2014, 22:08

Hallo cauchemar,

Fragen
normalerweise hast du aber nur ein Antivirenprogramm auf dem Rechner?
Bitte deinstalliere eines. Ich würd dir zur Deinstallation von Avira raten

Wieso sind soviele Einträge im Startup deaktiviert?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

AlternateDataStreams: C:\ProgramData\Temp:0888F409
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
cmd: dir C:\Users\cevin\AppData\Local\{747CE725-538F-4A0E-B1BF-EE25F0E97D2A} /s
cmd: dir C:\Users\cevin\AppData\Local\{89AB4BC8-06E9-460D-8204-722BEC691B51} /s

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Starte noch einmal FRST.

Setze den Haken bei addition.txt und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

[/list]

cauchemar · 13.07.2014, 08:23

also

ja hab nur ein virenprogramm hab kaspersky erst neu und nur erst einmal die testversion

im startprogramm is so viel abgeschalten weil ich das gemacht hab (dachte ich brauch das alles nicht) es startet egentlich nur mein virenprogramm und mein touchpade

schritt 1 hab ich ausgeführt wie gewünscht hab die datei auf dem desktop gespeichert aber wenn ich dann auf fix drück kommt

no fixlist.txt found
the fixlist.txt should be in the same folder directory the tool is located

was soll ich jetzt tun

Bootsektor · 13.07.2014, 09:52

Das liegt dadran, dass du FRST aus deinem Downloadordner ausführst. Verschieb die FRST bitte auf dem Desktop, und probiere es dann nochmal.

cauchemar · 13.07.2014, 10:41

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-07-2014
Ran by cevin at 2014-07-13 11:27:01 Run:1
Running from C:\Users\cevin\Downloads\nicht wegwerfen\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AlternateDataStreams: C:\ProgramData\Temp:0888F409
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
cmd: dir C:\Users\cevin\AppData\Local\{747CE725-538F-4A0E-B1BF-EE25F0E97D2A} /s
cmd: dir C:\Users\cevin\AppData\Local\{89AB4BC8-06E9-460D-8204-722BEC691B51} /s

*****************

C:\ProgramData\Temp => ":0888F409" ADS removed successfully.
C:\ProgramData\Temp => ":4CF61E54" ADS removed successfully.

========= dir C:\Users\cevin\AppData\Local\{747CE725-538F-4A0E-B1BF-EE25F0E97D2A} /s =========

Datentr�ger in Laufwerk C: ist ACER
Volumeseriennummer: E8FE-7DC4

Verzeichnis von C:\Users\cevin\AppData\Local\{747CE725-538F-4A0E-B1BF-EE25F0E97D2A}

16.06.2014 15:34 <DIR> .
16.06.2014 15:34 <DIR> ..
0 Datei(en), 0 Bytes

Anzahl der angezeigten Dateien:
0 Datei(en), 0 Bytes
2 Verzeichnis(se), 169.631.117.312 Bytes frei

========= End of CMD: =========

========= dir C:\Users\cevin\AppData\Local\{89AB4BC8-06E9-460D-8204-722BEC691B51} /s =========

Datentr�ger in Laufwerk C: ist ACER
Volumeseriennummer: E8FE-7DC4

Verzeichnis von C:\Users\cevin\AppData\Local\{89AB4BC8-06E9-460D-8204-722BEC691B51}

20.06.2014 10:37 <DIR> .
20.06.2014 10:37 <DIR> ..
0 Datei(en), 0 Bytes

Anzahl der angezeigten Dateien:
0 Datei(en), 0 Bytes
2 Verzeichnis(se), 169.631.117.312 Bytes frei

========= End of CMD: =========

==== End of Fixlog ====

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.215 - Bericht erstellt am 13/07/2014 um 11:29:28
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : cevin - CEVIN-PC
# Gestartet von : C:\Users\cevin\Downloads\adwcleaner_3.215.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\Askcom.xml
Datei Gefunden : C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\user.js
Datei Gefunden : C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\user.js
Datei Gefunden : C:\Windows\System32\Tasks\LaunchApp
Ordner Gefunden : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gefunden : C:\Program Files\002
Ordner Gefunden : C:\Program Files\RrFilter
Ordner Gefunden : C:\Users\cevin\Documents\PC Speed Maximizer

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Rr Savings
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\RrSavings

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\prefs.js ]


[ Datei : C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\prefs.js ]


*************************

AdwCleaner[R0].txt - [2375 octets] - [16/12/2013 23:51:10]
AdwCleaner[R1].txt - [920 octets] - [16/12/2013 23:57:40]
AdwCleaner[R2].txt - [2657 octets] - [13/07/2014 11:29:28]
AdwCleaner[S0].txt - [2440 octets] - [16/12/2013 23:53:39]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2777 octets] ##########

--- --- ---

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by cevin (administrator) on CEVIN-PC on 13-07-2014 11:32:02
Running from C:\Users\cevin\Downloads\nicht wegwerfen\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
() C:\Users\cevin\Downloads\adwcleaner_3.215.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2298607320-3797335160-988972994-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask Partner Network | APN - Ask Toolbar Download
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9E1AA96A9BC2CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE370
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKCU - {FFAE837E-CC0E-4F47-B799-6A7AD46217C2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DDR&o=16621&src=kw&q={searchTerms}&locale=&apn_ptnrs=^1Q&apn_dtid=^YYYYYY^YY^DE&apn_uid=3CEFE740-F3F1-41E3-9E5B-591F2196971A&apn_sauid=89118461-A5EA-4F84-A0C1-C5C6F1BBA900
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF Homepage: hxxp://www.gayromeo.com/
FF NetworkProxy: "ftp", "46.38.63.77"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "46.38.63.77"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "46.38.63.77"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "46.38.63.77"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\cevin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF SearchPlugin: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\NJuNeXaeLAqLGUfGTsla
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Block site - C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-12-12]
FF Extension: Adblock Plus - C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-20]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-05]
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-12-28]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-07-01]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-07-01]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-07-01]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2014-07-01] (Kaspersky Lab ZAO)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [796192 2009-08-18] (Acer Incorporated)
R2 IGBASVC; c:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-08-06] (Egis Technology Inc.) [File not signed]
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [615936 2010-06-14] (Nokia) [File not signed]
R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [247152 2010-04-27] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-04-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [6656 2009-07-21] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-07-01] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-07-01] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-07-01] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-07-01] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-07-01] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-07-01] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-07-01] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-04-03] ()
S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [24272 2010-11-19] (DiBcom S.A.)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2010-02-26] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [19456 2010-02-26] (Nokia)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [25088 2009-07-21] (Nuvoton Technology Corporation)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [9216 2010-02-26] (Nokia)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [146928 2009-08-04] (CyberLink Corp.)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 mod7700; system32\DRIVERS\mod7700.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-13 11:28 - 2014-07-13 11:28 - 01348263 _____ () C:\Users\cevin\Downloads\adwcleaner_3.215.exe
2014-07-13 11:24 - 2014-07-13 11:24 - 00000000 ____D () C:\Users\cevin\Downloads\FRST-OlderVersion
2014-07-13 10:44 - 2014-07-13 10:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{CFFDC617-47B9-4396-931D-A9BED6C4E098}
2014-07-12 22:43 - 2014-07-12 22:43 - 00000000 ____D () C:\Users\cevin\AppData\Local\{ABFA9B3A-41E4-42A6-8DAA-A792DC2B3396}
2014-07-12 13:25 - 2014-07-12 13:25 - 00019202 _____ () C:\Users\cevin\Documents\000000000000regiobus.odt
2014-07-12 10:43 - 2014-07-12 10:43 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C0770B71-8471-4A42-A586-A42660621108}
2014-07-12 01:12 - 2014-07-12 01:14 - 00037380 _____ () C:\Users\cevin\Downloads\Addition.txt
2014-07-12 01:02 - 2014-07-12 01:14 - 00051812 _____ () C:\Users\cevin\Downloads\FRST.txt
2014-07-11 22:42 - 2014-07-11 22:42 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C35B9E6F-7759-4FAD-B04B-1AABA1E3814E}
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E9028EED-1296-412D-A703-508033734006}
2014-07-10 21:22 - 2014-07-10 21:22 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B3910F8C-22FC-4C4F-A53D-AA7D0435B49C}
2014-07-09 11:42 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 11:42 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 11:42 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 11:42 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 11:42 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 11:42 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 11:41 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 11:40 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 11:40 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 11:40 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 11:40 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 11:40 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 11:40 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 11:40 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 11:40 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 11:40 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 11:40 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 11:40 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 11:40 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 11:40 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 11:40 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 11:40 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 11:40 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 11:40 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 11:40 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 11:40 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 11:40 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 11:40 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 11:40 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 11:40 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 11:40 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 11:40 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 11:40 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 11:40 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 11:40 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 11:40 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 11:40 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 11:40 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 11:40 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 11:40 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 11:40 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 11:40 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 11:40 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 11:40 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 11:40 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 11:40 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 11:40 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 11:40 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 11:40 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 11:40 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 11:40 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 11:40 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 11:40 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 11:40 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 11:40 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 11:40 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 11:40 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 11:40 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 11:40 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 11:40 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 11:40 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 11:40 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 11:40 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 11:39 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 11:39 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 11:39 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 09:51 - 2014-07-09 09:51 - 00000000 ____D () C:\Users\cevin\AppData\Local\{013AD591-86F6-4EE2-9012-CBA5C62C8879}
2014-07-06 21:45 - 2014-07-06 21:46 - 00000000 ____D () C:\Users\cevin\AppData\Local\{3C4EE774-96CB-45F5-B110-E408E0A37022}
2014-07-06 09:44 - 2014-07-06 09:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B2F0EAA2-E69E-46FD-9F4E-5815FF8801A5}
2014-07-04 15:53 - 2014-07-04 15:53 - 00000000 ____D () C:\Users\cevin\AppData\Local\{50A79613-225C-40C8-BDBE-F0CF6915E518}
2014-07-02 16:47 - 2014-07-02 16:47 - 00000000 ____D () C:\Users\cevin\AppData\Local\{07DD5A38-1376-4124-B1FF-FC864792DF37}
2014-07-01 17:20 - 2014-07-01 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-07-01 17:20 - 2014-07-01 17:19 - 00001053 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-07-01 17:19 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-07-01 17:15 - 2014-07-13 11:20 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-07-01 17:14 - 2014-07-01 17:43 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-07-01 17:14 - 2014-07-01 17:43 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-07-01 16:58 - 2014-07-01 17:01 - 235628672 _____ () C:\Users\cevin\Downloads\kav14.0.0.4651de-de.exe
2014-07-01 16:09 - 2014-07-01 16:09 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B0959EA8-683E-4E37-8769-5D161E49BE17}
2014-06-30 13:27 - 2014-06-30 13:27 - 00000000 ____D () C:\Users\cevin\AppData\Local\{237D482E-7E34-401E-8F17-0BA27F0262C4}
2014-06-28 22:39 - 2014-07-13 09:01 - 00000840 _____ () C:\Windows\setupact.log
2014-06-28 22:39 - 2014-07-10 21:11 - 00337312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-28 22:39 - 2014-07-02 16:09 - 00001142 _____ () C:\Windows\PFRO.log
2014-06-28 22:39 - 2014-06-28 22:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-27 23:21 - 2014-06-27 23:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{42FBE03B-0244-461C-91B1-785F48845D38}
2014-06-27 19:48 - 2014-06-27 19:48 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchApp
2014-06-27 17:46 - 2014-06-27 17:46 - 00076776 _____ () C:\Users\cevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-27 17:26 - 2014-06-27 17:26 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-27 17:26 - 2014-06-27 17:26 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-27 17:25 - 2014-06-27 17:25 - 04812672 _____ (Piriform Ltd) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager [1].exe
2014-06-27 17:24 - 2014-06-27 17:24 - 00788832 _____ ( ) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager.exe
2014-06-27 11:21 - 2014-06-27 11:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{6972D8A5-A219-443E-A357-89C155BDDA7D}
2014-06-26 10:45 - 2014-06-26 10:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E70B6A60-F2E8-448D-9E0D-5E4A9BC626D0}
2014-06-25 21:25 - 2014-06-25 21:25 - 00000000 ____D () C:\Users\cevin\AppData\Local\{96794EEB-D1F6-489F-818D-47B3C9CD3A0F}
2014-06-24 22:46 - 2014-06-24 22:46 - 00000000 ____D () C:\Users\cevin\AppData\Local\{93E3B89A-5BF8-4712-B6C1-98709B53CE8C}
2014-06-24 09:35 - 2014-06-24 09:35 - 00000000 ____D () C:\Users\cevin\AppData\Local\{BA391E80-3556-46D6-B103-2A3C18176909}
2014-06-23 22:58 - 2014-06-23 22:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{249218FD-5D6A-4E8A-B766-85CA18465D77}
2014-06-22 22:45 - 2014-06-22 22:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{2D8FB200-76DE-4EBF-99D1-F998CD7462BD}
2014-06-22 10:44 - 2014-06-22 10:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{CC0DC116-9230-4337-9A80-0B157742DCBD}
2014-06-21 21:58 - 2014-06-21 21:59 - 00000000 ____D () C:\Users\cevin\AppData\Local\{F751A3DB-714D-4A90-828C-B7048371B2CA}
2014-06-21 09:58 - 2014-06-21 09:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{8192B066-D83E-4FCF-BE07-D97D837C12F0}
2014-06-20 10:46 - 2014-06-20 10:51 - 00103267 _____ () C:\Users\cevin\Downloads\DriverView_v1.45.zip
2014-06-20 10:41 - 2014-06-20 10:42 - 00511782 _____ () C:\Users\cevin\Downloads\Autoruns.zip
2014-06-20 10:37 - 2014-06-20 10:37 - 00000000 ____D () C:\Users\cevin\AppData\Local\{89AB4BC8-06E9-460D-8204-722BEC691B51}
2014-06-18 22:55 - 2014-06-18 22:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4BCD0956-D6CD-43B1-87F9-4BA71B703826}
2014-06-18 11:55 - 2014-06-18 11:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\Adobe
2014-06-18 10:54 - 2014-06-18 10:54 - 00000000 ____D () C:\Users\cevin\AppData\Local\{951B063B-5B4E-4294-AD34-35FCBF7713F0}
2014-06-17 22:50 - 2014-06-17 22:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{A19CB636-F822-494D-9BA2-2E122C628559}
2014-06-17 13:51 - 2014-06-17 10:52 - 00000030 _____ () C:\AVScanner.ini
2014-06-17 10:50 - 2014-06-17 10:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4215C0E0-4780-4FE7-BDE3-CBDDFCB730CD}
2014-06-16 15:34 - 2014-06-16 15:34 - 00000000 ____D () C:\Users\cevin\AppData\Local\{747CE725-538F-4A0E-B1BF-EE25F0E97D2A}
2014-06-15 23:23 - 2014-06-15 23:23 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E2CAFAA9-D7FB-4376-8608-9B76F953B728}
2014-06-15 11:22 - 2014-06-15 11:23 - 00000000 ____D () C:\Users\cevin\AppData\Local\{1532C955-EDCD-4170-AF08-FC2C7F015AF4}
2014-06-14 23:21 - 2014-06-14 23:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C0769387-4EE7-463B-B692-5D5A23DD2843}
2014-06-14 11:20 - 2014-06-14 11:20 - 00000000 ____D () C:\Users\cevin\AppData\Local\{85002793-CEEA-4392-8FD6-EF295FB7ABFF}
2014-06-13 13:37 - 2014-06-13 13:38 - 00000000 ____D () C:\Users\cevin\AppData\Local\{AE363E96-F3C2-4F9D-B86A-375F07FEEC16}

==================== One Month Modified Files and Folders =======

2014-07-13 11:32 - 2013-12-15 12:10 - 00000000 ____D () C:\FRST
2014-07-13 11:30 - 2013-12-16 23:50 - 00000000 ____D () C:\AdwCleaner
2014-07-13 11:28 - 2014-07-13 11:28 - 01348263 _____ () C:\Users\cevin\Downloads\adwcleaner_3.215.exe
2014-07-13 11:24 - 2014-07-13 11:24 - 00000000 ____D () C:\Users\cevin\Downloads\FRST-OlderVersion
2014-07-13 11:20 - 2014-07-01 17:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-13 10:58 - 2013-06-28 23:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-13 10:44 - 2014-07-13 10:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{CFFDC617-47B9-4396-931D-A9BED6C4E098}
2014-07-13 09:25 - 2010-01-26 17:30 - 01167332 _____ () C:\Windows\WindowsUpdate.log
2014-07-13 09:12 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-13 09:12 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-13 09:01 - 2014-06-28 22:39 - 00000840 _____ () C:\Windows\setupact.log
2014-07-13 09:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-12 22:43 - 2014-07-12 22:43 - 00000000 ____D () C:\Users\cevin\AppData\Local\{ABFA9B3A-41E4-42A6-8DAA-A792DC2B3396}
2014-07-12 15:01 - 2014-05-03 18:52 - 00000322 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job
2014-07-12 13:25 - 2014-07-12 13:25 - 00019202 _____ () C:\Users\cevin\Documents\000000000000regiobus.odt
2014-07-12 10:43 - 2014-07-12 10:43 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C0770B71-8471-4A42-A586-A42660621108}
2014-07-12 01:14 - 2014-07-12 01:12 - 00037380 _____ () C:\Users\cevin\Downloads\Addition.txt
2014-07-12 01:14 - 2014-07-12 01:02 - 00051812 _____ () C:\Users\cevin\Downloads\FRST.txt
2014-07-12 00:59 - 2013-07-05 09:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-11 22:42 - 2014-07-11 22:42 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C35B9E6F-7759-4FAD-B04B-1AABA1E3814E}
2014-07-11 22:37 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E9028EED-1296-412D-A703-508033734006}
2014-07-10 21:22 - 2014-07-10 21:22 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B3910F8C-22FC-4C4F-A53D-AA7D0435B49C}
2014-07-10 21:11 - 2014-06-28 22:39 - 00337312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 00:03 - 2009-08-22 08:06 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 00:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 00:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 23:25 - 2013-08-15 10:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 23:19 - 2010-05-23 11:48 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 19:03 - 2014-05-03 19:03 - 00000326 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2014-07-09 18:59 - 2013-06-28 23:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 18:59 - 2013-05-05 20:44 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 18:59 - 2013-05-05 20:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 18:52 - 2014-05-03 18:52 - 00000330 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job
2014-07-09 16:34 - 2010-01-27 02:23 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-07-09 16:34 - 2010-01-27 02:23 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-07-09 16:34 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-09 09:51 - 2014-07-09 09:51 - 00000000 ____D () C:\Users\cevin\AppData\Local\{013AD591-86F6-4EE2-9012-CBA5C62C8879}
2014-07-06 21:46 - 2014-07-06 21:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{3C4EE774-96CB-45F5-B110-E408E0A37022}
2014-07-06 09:44 - 2014-07-06 09:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B2F0EAA2-E69E-46FD-9F4E-5815FF8801A5}
2014-07-05 23:24 - 2012-05-26 21:25 - 00000000 ____D () C:\Users\cevin\AppData\Roaming\vlc
2014-07-04 15:55 - 2013-12-19 13:51 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-04 15:53 - 2014-07-04 15:53 - 00000000 ____D () C:\Users\cevin\AppData\Local\{50A79613-225C-40C8-BDBE-F0CF6915E518}
2014-07-02 16:47 - 2014-07-02 16:47 - 00000000 ____D () C:\Users\cevin\AppData\Local\{07DD5A38-1376-4124-B1FF-FC864792DF37}
2014-07-02 16:09 - 2014-06-28 22:39 - 00001142 _____ () C:\Windows\PFRO.log
2014-07-01 17:43 - 2014-07-01 17:14 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-07-01 17:43 - 2014-07-01 17:14 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-07-01 17:43 - 2013-06-10 12:27 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2014-07-01 17:43 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-07-01 17:43 - 2013-05-06 09:22 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-07-01 17:43 - 2013-05-05 22:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2014-07-01 17:43 - 2013-05-05 22:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-07-01 17:20 - 2014-07-01 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-07-01 17:19 - 2014-07-01 17:20 - 00001053 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-07-01 17:01 - 2014-07-01 16:58 - 235628672 _____ () C:\Users\cevin\Downloads\kav14.0.0.4651de-de.exe
2014-07-01 16:09 - 2014-07-01 16:09 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B0959EA8-683E-4E37-8769-5D161E49BE17}
2014-06-30 13:27 - 2014-06-30 13:27 - 00000000 ____D () C:\Users\cevin\AppData\Local\{237D482E-7E34-401E-8F17-0BA27F0262C4}
2014-06-28 22:39 - 2014-06-28 22:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-27 23:21 - 2014-06-27 23:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{42FBE03B-0244-461C-91B1-785F48845D38}
2014-06-27 19:48 - 2014-06-27 19:48 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchApp
2014-06-27 19:46 - 2010-03-08 14:50 - 00000000 ____D () C:\Windows\pss
2014-06-27 17:48 - 2010-08-10 14:59 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-06-27 17:46 - 2014-06-27 17:46 - 00076776 _____ () C:\Users\cevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-27 17:34 - 2012-01-24 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cultures - Die Entdeckung Vinlands
2014-06-27 17:34 - 2009-08-22 07:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2014-06-27 17:34 - 2009-07-27 22:41 - 00000000 ____D () C:\Windows\Panther
2014-06-27 17:33 - 2010-03-20 12:00 - 00000000 ____D () C:\Windows\Minidump
2014-06-27 17:26 - 2014-06-27 17:26 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-27 17:26 - 2014-06-27 17:26 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-27 17:25 - 2014-06-27 17:25 - 04812672 _____ (Piriform Ltd) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager [1].exe
2014-06-27 17:24 - 2014-06-27 17:24 - 00788832 _____ ( ) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager.exe
2014-06-27 11:21 - 2014-06-27 11:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{6972D8A5-A219-443E-A357-89C155BDDA7D}
2014-06-26 10:45 - 2014-06-26 10:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E70B6A60-F2E8-448D-9E0D-5E4A9BC626D0}
2014-06-25 21:25 - 2014-06-25 21:25 - 00000000 ____D () C:\Users\cevin\AppData\Local\{96794EEB-D1F6-489F-818D-47B3C9CD3A0F}
2014-06-24 22:46 - 2014-06-24 22:46 - 00000000 ____D () C:\Users\cevin\AppData\Local\{93E3B89A-5BF8-4712-B6C1-98709B53CE8C}
2014-06-24 09:35 - 2014-06-24 09:35 - 00000000 ____D () C:\Users\cevin\AppData\Local\{BA391E80-3556-46D6-B103-2A3C18176909}
2014-06-23 22:58 - 2014-06-23 22:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{249218FD-5D6A-4E8A-B766-85CA18465D77}
2014-06-22 22:45 - 2014-06-22 22:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{2D8FB200-76DE-4EBF-99D1-F998CD7462BD}
2014-06-22 10:44 - 2014-06-22 10:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{CC0DC116-9230-4337-9A80-0B157742DCBD}
2014-06-21 21:59 - 2014-06-21 21:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{F751A3DB-714D-4A90-828C-B7048371B2CA}
2014-06-21 09:58 - 2014-06-21 09:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{8192B066-D83E-4FCF-BE07-D97D837C12F0}
2014-06-20 22:14 - 2014-07-09 11:40 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 11:40 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 10:51 - 2014-06-20 10:46 - 00103267 _____ () C:\Users\cevin\Downloads\DriverView_v1.45.zip
2014-06-20 10:42 - 2014-06-20 10:41 - 00511782 _____ () C:\Users\cevin\Downloads\Autoruns.zip
2014-06-20 10:37 - 2014-06-20 10:37 - 00000000 ____D () C:\Users\cevin\AppData\Local\{89AB4BC8-06E9-460D-8204-722BEC691B51}
2014-06-19 03:39 - 2014-07-09 11:40 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 11:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 11:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 11:40 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 11:40 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-09 11:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-09 11:40 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-09 11:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-09 11:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 11:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 11:40 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 11:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 11:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-09 11:40 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 11:40 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 11:40 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 11:40 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 11:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 11:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 11:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 11:40 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 11:40 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 11:40 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 11:40 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 11:40 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 11:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 11:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 11:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 11:40 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 11:40 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 11:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 11:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 11:40 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 11:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 11:40 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 11:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 11:40 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 11:40 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 11:40 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 11:40 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 11:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 11:40 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 11:40 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 11:40 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 11:40 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 11:40 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 11:40 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 11:40 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 11:40 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 11:40 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 11:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 11:40 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 11:40 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 11:40 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 22:55 - 2014-06-18 22:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4BCD0956-D6CD-43B1-87F9-4BA71B703826}
2014-06-18 11:55 - 2014-06-18 11:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\Adobe
2014-06-18 10:54 - 2014-06-18 10:54 - 00000000 ____D () C:\Users\cevin\AppData\Local\{951B063B-5B4E-4294-AD34-35FCBF7713F0}
2014-06-18 04:18 - 2014-07-09 11:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-09 11:42 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-09 11:42 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 22:50 - 2014-06-17 22:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{A19CB636-F822-494D-9BA2-2E122C628559}
2014-06-17 10:52 - 2014-06-17 13:51 - 00000030 _____ () C:\AVScanner.ini
2014-06-17 10:52 - 2009-08-22 07:29 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-17 10:50 - 2014-06-17 10:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4215C0E0-4780-4FE7-BDE3-CBDDFCB730CD}
2014-06-16 15:34 - 2014-06-16 15:34 - 00000000 ____D () C:\Users\cevin\AppData\Local\{747CE725-538F-4A0E-B1BF-EE25F0E97D2A}
2014-06-16 14:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-15 23:23 - 2014-06-15 23:23 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E2CAFAA9-D7FB-4376-8608-9B76F953B728}
2014-06-15 11:23 - 2014-06-15 11:22 - 00000000 ____D () C:\Users\cevin\AppData\Local\{1532C955-EDCD-4170-AF08-FC2C7F015AF4}
2014-06-14 23:21 - 2014-06-14 23:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C0769387-4EE7-463B-B692-5D5A23DD2843}
2014-06-14 11:20 - 2014-06-14 11:20 - 00000000 ____D () C:\Users\cevin\AppData\Local\{85002793-CEEA-4392-8FD6-EF295FB7ABFF}
2014-06-13 13:38 - 2014-06-13 13:37 - 00000000 ____D () C:\Users\cevin\AppData\Local\{AE363E96-F3C2-4F9D-B86A-375F07FEEC16}

Some content of TEMP:
====================
C:\Users\cevin\AppData\Local\Temp\avgnt.exe
C:\Users\cevin\AppData\Local\Temp\CloudBackup8495.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 16:50

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2014
Ran by cevin at 2014-07-13 11:37:25
Running from C:\Users\cevin\Downloads\nicht wegwerfen\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7025 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7025 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.19.0 - Acer) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems)
Acer Bio Protection (HKLM-x32\...\InstallShield_{565A39D6-4FB0-4F35-A2AC-0DC66ACC3520}) (Version: 6.1.48 - Egis Technology Inc.)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.06.3004 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.3.0715 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric)
AmIcoSingLun (HKLM-x32\...\InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}) (Version: 1.2.117.2 - Alcor Micro Co., Ltd.)
AmIcoSingLun (x32 Version: 1.2.117.2 - Alcor Micro Co., Ltd.) Hidden
Any Video Converter 3.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.4.6714 - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DIE SIEDLER - Aufstieg eines Königreichs (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.6.1 - DivX, Inc.)
Fingerprint Solution (x32 Version: 6.1.48.0 - Egis Technology Inc.) Hidden
Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - ZTE Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 2.0.01 - Acer Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.97 - LSI Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.300.05.11.52 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{F1FDAA01-988C-423F-AC12-0D8F333943FD}) (Version: 7.1.31.0 - Nokia)
Nokia Photos (HKLM-x32\...\{0EABFEF6-6D10-4C12-8667-3029C481D355}) (Version: 1.6.434 - Nokia)
Nokia_Multimedia_Common_Components_2_5 (HKLM-x32\...\{70B31335-50EE-4834-8431-27412CDE62BD}) (Version: 2.6.86 - Nokia)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
Nuvoton EC Generic HID Driver (HKLM-x32\...\{92975DF9-EA36-4F36-A9AC-D412BC1D709E}) (Version: 8.80.1001 - Nuvoton Technology Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM-x32\...\{2217B0B4-35CB-48C6-B640-864DF2F30F99}) (Version: 3.2.9483 - OpenOffice.org)
PC Connectivity Solution (HKLM-x32\...\{29F563F4-8807-4496-8463-441EAA0E96AB}) (Version: 10.26.0.0 - Nokia)
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.8 - Frank Heindörfer, Philip Chinery)
Pinnacle TVCenter Pro (HKLM-x32\...\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}) (Version:  - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
VideoReDo/Plus Version 2.5.6.512 (HKLM-x32\...\VideoReDo-Plus_is1) (Version:  - DRD Systems, Inc.)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Restore Points  =========================

01-07-2014 14:15:58 Windows Update
08-07-2014 15:30:05 Windows Update
09-07-2014 21:03:59 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-05-21 16:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {008B9D5E-DEE6-4B8B-B94B-91AF27D0360A} - System32\Tasks\{2510881A-C286-46B6-BB47-A1FEBF49B2B3} => D:\INSTALL.EXE
Task: {0334744C-302B-4BA6-AF98-50F662BC759D} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {13D55BF7-D903-43D1-AEBC-A582AFCC80E6} - System32\Tasks\{7C174289-AC54-4204-8401-664D840DC567} => D:\INSTALL.EXE
Task: {18ECFAFA-CBAB-4D7F-81EA-67DD0E5A23CC} - System32\Tasks\{15323A13-A924-4530-8713-D820FB21075F} => D:\INSTALL.EXE
Task: {1F4AD571-E842-47E3-9243-CAFCA597CC91} - System32\Tasks\{0F048639-CC5D-495E-B4BE-B84A1D4B6D4F} => D:\INSTALL.EXE
Task: {2C136FE6-1DF7-46BF-B47A-84DC92A3C3F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {33E11AB0-63A0-463A-BF2F-6618141143FF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2298607320-3797335160-988972994-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {3EB19243-2643-4925-8975-D1BD38005617} - System32\Tasks\{422FB0DF-7756-4065-AA0B-6CBE5C96733C} => D:\INSTALL.EXE
Task: {42D0ACF0-275D-456E-BD36-AAB9197E8D5D} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {5C3BB401-7A75-43D1-9BA1-2611EC33304B} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {5D42D24C-BBA2-42B5-9C3B-F342AA2BD192} - System32\Tasks\{A5279D94-B035-4F07-937F-FE40747EE84A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {624C5F52-381A-4960-A86C-A6CB944C91C2} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {65467A25-92A6-4757-B65C-5F28FF779581} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {67A527CA-D1D9-43A4-9DAB-23A8FA47BA26} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {77191CE1-6199-42B5-A004-17FDF64BF60A} - System32\Tasks\{6181DBC4-7575-45B2-8D47-3A80C9740BB8} => D:\INSTALL.EXE
Task: {82131DB3-AC29-4EF0-A229-EF2B250CE381} - System32\Tasks\SuperEasy Registry Cleaner_DEFAULT => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {82629502-80A4-4A89-B2C7-51D81BD275F1} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2298607320-3797335160-988972994-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {9B62A9B0-5210-4952-9905-CB3E2E112DBA} - System32\Tasks\{694DDE43-8754-45E9-BA8A-EED6A32AE7BE} => D:\INSTALL.EXE
Task: {9F0908A4-E17D-4462-925B-9D67D49F9632} - System32\Tasks\{21848FB2-70EB-4A2C-A367-3EA59F79EA6C} => D:\INSTALL.EXE
Task: {A0396206-0E8D-41A7-9BD4-105B8D2E20A1} - System32\Tasks\{2D24C3A8-3212-48E2-AF95-274562393698} => D:\INSTALL.EXE
Task: {A2FA4844-739D-4DBD-B9D5-168DE982AF78} - System32\Tasks\{C6CC65AA-B36A-45F6-BFE7-C17FA245CF86} => D:\INSTALL.EXE
Task: {A7BFB0C2-50FD-4AAD-9809-EBD2F7E4C7E5} - System32\Tasks\{C603D80B-52BB-4B40-8F03-1D612ABD3A5E} => D:\INSTALL.EXE
Task: {ACD66DD1-B6B0-47BF-9D9F-BAAAC015C91B} - System32\Tasks\{249CBBB6-A244-4FE9-AA61-5D2353E86459} => D:\INSTALL.EXE
Task: {B8D196A4-EE83-4E23-95DB-ECDE9430B049} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe
Task: {CAEFFC5C-9595-4D99-8E51-34DF30000D6C} - System32\Tasks\{8748D3EC-E8F3-4E6F-A427-81BB80C247D9} => D:\INSTALL.EXE
Task: {CD7193B8-BCA0-4EDB-AD98-4FF6EA3A294A} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files (x86)\real\realplayer\Update\realsched.exe [2012-06-30] (RealNetworks, Inc.)
Task: {E24F9C2F-94BB-4F33-AD5A-1701ED0879F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {E76ADE9E-1E3D-4C31-831E-146138A2426E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {E7D4701C-F07F-48A4-A5D3-C78B34925EC8} - System32\Tasks\SuperEasy Registry Cleaner_UPDATES => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {F4162098-0D82-4BC4-BE06-C41A7BA5E21B} - System32\Tasks\{A99EA8E8-B99C-420D-BCD4-23DC298AE4A3} => D:\INSTALL.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe

==================== Loaded Modules (whitelisted) =============

2010-08-10 14:59 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-07-19 10:38 - 2010-04-27 16:57 - 00247152 _____ () C:\Program Files (x86)\Join Air\AssistantServices.exe
2014-07-13 11:28 - 2014-07-13 11:28 - 01348263 _____ () C:\Users\cevin\Downloads\adwcleaner_3.215.exe
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2013-07-05 09:50 - 2014-07-12 00:59 - 03844720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\cevin\Documents\emaeillll.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk => C:\Windows\pss\Acer VCM.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^cevin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^cevin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^cevin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TimePanic.lnk => C:\Windows\pss\TimePanic.lnk.Startup
MSCONFIG\startupfolder: C:^Users^cevin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Yahoo! Widgets.lnk => C:\Windows\pss\Yahoo! Widgets.lnk.Startup
MSCONFIG\startupreg: Acer ePower Management => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart /min
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe"
MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: lxdxmon.exe => "C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaMusic FastStart => "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
MSCONFIG\startupreg: PMCLoader => C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Join Air\UIExec.exe"
MSCONFIG\startupreg: VitaKeyPdtWzd => "c:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2014 11:00:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5301, Zeitstempel: 0x53bb608d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5301, Zeitstempel: 0x53bb2fdc
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xdac
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/11/2014 11:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5301 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 91c

Startzeit: 01cf9d485aeae71c

Endzeit: 1350

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 59bf46eb-093e-11e4-af7a-001f16c28cd6

Error: (07/01/2014 05:47:05 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Kaspersky Anti-Virus - Update "Kaspersky Internet Security 2014 (Patch f)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\MSId389a.LOG enthalten.

Error: (07/01/2014 05:47:05 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Programm: Kaspersky Anti-Virus -- Interner Fehler 2761.

Error: (07/01/2014 05:45:39 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Fehler beim Starten einer Windows Installer-Transaktion: {6F6873E3-5C92-4049-B511-231A138DD090}. Fehler 1618 beim Starten der Transaktion.

Error: (07/01/2014 05:45:39 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT-AUTORITÄT)
Description: Fehler beim Starten einer Windows Installer-Transaktion: {6F6873E3-5C92-4049-B511-231A138DD090}. Fehler 1618 beim Starten der Transaktion.

Error: (06/20/2014 10:50:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DriverView.exe, Version 1.4.5.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13e4

Startzeit: 01cf8c644d132f3e

Endzeit: 0

Anwendungspfad: C:\Users\cevin\AppData\Local\Temp\Rar$EX00.066\DriverView.exe

Berichts-ID: 95380794-f857-11e3-8d70-001f16c28cd6

Error: (06/11/2014 08:15:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 14.0.4.632 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 664

Startzeit: 01cf859f95a69a53

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 1bf03247-f194-11e3-89cb-001f16c28cd6

Error: (06/11/2014 08:07:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 14.0.4.632 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 664

Startzeit: 01cf859f95a69a53

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 08c3cc6e-f193-11e3-89cb-001f16c28cd6

Error: (06/03/2014 08:34:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0x8e8
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3


System errors:
=============
Error: (07/13/2014 01:08:39 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/11/2014 10:44:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (07/11/2014 11:00:56 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/11/2014 00:05:47 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/09/2014 09:53:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (07/08/2014 11:57:36 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/07/2014 10:36:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%16405

Error: (07/07/2014 10:35:50 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (07/07/2014 10:35:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}

Error: (07/07/2014 00:19:29 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.


Microsoft Office Sessions:
=========================
Error: (07/11/2014 11:00:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.530153bb608dmozalloc.dll31.0.0.530153bb2fdc800000030000141bdac01cf9d48a0f2ba54C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll626d43e2-093e-11e4-af7a-001f16c28cd6

Error: (07/11/2014 11:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.530191c01cf9d485aeae71c1350C:\Program Files (x86)\Mozilla Firefox\firefox.exe59bf46eb-093e-11e4-af7a-001f16c28cd6

Error: (07/01/2014 05:47:05 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Kaspersky Anti-VirusKaspersky Internet Security 2014 (Patch f)1603C:\Windows\TEMP\MSId389a.LOG(NULL)(NULL)

Error: (07/01/2014 05:47:05 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Programm: Kaspersky Anti-Virus -- Interner Fehler 2761. (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/01/2014 05:45:39 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {6F6873E3-5C92-4049-B511-231A138DD090}1618(NULL)(NULL)(NULL)(NULL)

Error: (07/01/2014 05:45:39 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT-AUTORITÄT)
Description: {6F6873E3-5C92-4049-B511-231A138DD090}1618(NULL)(NULL)(NULL)(NULL)

Error: (06/20/2014 10:50:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: DriverView.exe1.4.5.1313e401cf8c644d132f3e0C:\Users\cevin\AppData\Local\Temp\Rar$EX00.066\DriverView.exe95380794-f857-11e3-8d70-001f16c28cd6

Error: (06/11/2014 08:15:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe14.0.4.63266401cf859f95a69a5360000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe1bf03247-f194-11e3-89cb-001f16c28cd6

Error: (06/11/2014 08:07:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe14.0.4.63266401cf859f95a69a5360000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe08c3cc6e-f193-11e3-89cb-001f16c28cd6

Error: (06/03/2014 08:34:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000037400000000000c41028e801cf7f0bcd8dc2a0C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllc0327f46-eb4d-11e3-b8c8-001f16c28cd6


CodeIntegrity Errors:
===================================
  Date: 2013-06-15 11:19:49.168
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-15 11:03:04.263
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-23 16:57:16.552
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-23 16:55:28.330
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-02-05 00:58:34.593
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-10 08:55:59.629
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-11-14 21:26:31.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-23 19:11:51.791
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-12 10:07:16.550
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-23 16:52:49.272
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 4090.93 MB
Available physical RAM: 2581.13 MB
Total Pagefile: 8180.04 MB
Available Pagefile: 5803.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:438.18 GB) (Free:157.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 740B4E56)
Partition 1: (Not Active) - (Size=23 GB) - (Type=27)
Partition 2: (Not Active) - (Size=5 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=438 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

Bootsektor · 14.07.2014, 23:57

Ok,

danke.

Hattest du meinen Rat bezüglich der Verwendung zweier Antivirenprogramme gelesen?

Wie läuft der Rechner nach folgenden Schritten?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

SearchScopes: HKCU - {FFAE837E-CC0E-4F47-B799-6A7AD46217C2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DDR&o=16621&src=kw&q={searchTerms}&locale=&apn_ptnrs=^1Q&apn_dtid=^YYYYYY^YY^DE&apn_uid=3CEFE740-F3F1-41E3-9E5B-591F2196971A&apn_sauid=89118461-A5EA-4F84-A0C1-C5C6F1BBA900

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

cauchemar · 15.07.2014, 21:23

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-07-2014
Ran by cevin at 2014-07-15 21:07:11 Run:2
Running from C:\Users\cevin\Downloads\nicht wegwerfen\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - {FFAE837E-CC0E-4F47-B799-6A7AD46217C2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DDR&o=16621&src=kw&q={searchTerms}&locale=&apn_ptnrs=^1Q&apn_dtid=^YYYYYY^YY^DE&apn_uid=3CEFE740-F3F1-41E3-9E5B-591F2196971A&apn_sauid=89118461-A5EA-4F84-A0C1-C5C6F1BBA900

*****************

'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFAE837E-CC0E-4F47-B799-6A7AD46217C2}' => Key deleted successfully.
'HKCR\CLSID\{FFAE837E-CC0E-4F47-B799-6A7AD46217C2}'=> Key not found.

==== End of Fixlog ====

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Protection, 15.07.2014 21:14:27, SYSTEM, CEVIN-PC, Protection, Malware Protection, Starting,
Protection, 15.07.2014 21:14:28, SYSTEM, CEVIN-PC, Protection, Malware Protection, Started,
Protection, 15.07.2014 21:14:32, SYSTEM, CEVIN-PC, Protection, Malicious Website Protection, Starting,
Protection, 15.07.2014 21:18:49, SYSTEM, CEVIN-PC, Protection, Malicious Website Protection, Started,
Update, 15.07.2014 21:19:15, SYSTEM, CEVIN-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.7.14.1,
Update, 15.07.2014 21:19:34, SYSTEM, CEVIN-PC, Manual, Malware Database, 2014.3.4.9, 2014.7.15.11,
Protection, 15.07.2014 21:19:45, SYSTEM, CEVIN-PC, Protection, Refresh, Starting,
Protection, 15.07.2014 21:19:45, SYSTEM, CEVIN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 15.07.2014 21:19:46, SYSTEM, CEVIN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 15.07.2014 21:20:28, SYSTEM, CEVIN-PC, Protection, Refresh, Success,
Protection, 15.07.2014 21:20:36, SYSTEM, CEVIN-PC, Protection, Malicious Website Protection, Starting,
Protection, 15.07.2014 21:20:38, SYSTEM, CEVIN-PC, Protection, Malicious Website Protection, Started,
Update, 15.07.2014 21:27:37, SYSTEM, CEVIN-PC, Scheduler, Malware Database, 2014.7.15.11, 2014.7.15.12,
Protection, 15.07.2014 21:27:46, SYSTEM, CEVIN-PC, Protection, Refresh, Starting,
Protection, 15.07.2014 21:27:46, SYSTEM, CEVIN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 15.07.2014 21:27:46, SYSTEM, CEVIN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 15.07.2014 21:29:39, SYSTEM, CEVIN-PC, Protection, Refresh, Success,
Protection, 15.07.2014 21:29:39, SYSTEM, CEVIN-PC, Protection, Malicious Website Protection, Starting,
Protection, 15.07.2014 21:30:01, SYSTEM, CEVIN-PC, Protection, Malicious Website Protection, Started,

(end)

jetzt kam von diesem maildings noch mal ne nachricht

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 15.07.2014
Suchlauf-Zeit: 21:20:32
Logdatei: jjjjjjjjjjjj.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.15.11
Rootkit Datenbank: v2014.07.14.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: cevin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 365518
Verstrichene Zeit: 47 Min, 1 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 7
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, In Quarantäne, [01d69a05b8c347efa495566ad62c8080],
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\rrsavings, In Quarantäne, [eceb514e4f2ca393a87bbf129969b64a],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, In Quarantäne, [894e5847e2991c1a2be989357092619f],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-2298607320-3797335160-988972994-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Rr Savings, In Quarantäne, [0ccbb7e822593501dd4a973aa55d2dd3],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2298607320-3797335160-988972994-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [edeafaa5205b0e283cc414d048badf21],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2298607320-3797335160-988972994-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [f3e4217e3c3fa59127defefc2ed5f709],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2298607320-3797335160-988972994-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [ca0d3a65aad1da5cae5a32a130d23cc4],

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2298607320-3797335160-988972994-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0M2P0U0F0B1O1O1G, In Quarantäne, [f3e4217e3c3fa59127defefc2ed5f709]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 2
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter, In Quarantäne, [ab2c5d4205762a0c95d35259f30f42be],
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\SSL, In Quarantäne, [ab2c5d4205762a0c95d35259f30f42be],

Dateien: 2
PUP.Optional.AdPeak.A, C:\temp\t.msi, In Quarantäne, [fadd534cc7b487aff641e1ad6c9826da],
PUP.Optional.SafeInstall.A, C:\Users\cevin\Downloads\vioplayerv.exe, In Quarantäne, [19be891674078bab9c59d083ee13b34d],

Physische Sektoren: 0
(No malicious items detected)

(end)

Bootsektor · 15.07.2014, 21:55

Hallo cauchemar,

schön

ich warte dann noch auf die Beantwortung beider Fragen und die weiteren Logs

cauchemar · 17.07.2014, 22:21

C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung
C:\temp\InstallFilter64.msi Win64/Adware.Adpeak.D Anwendung
C:\Users\cevin\Downloads\avira_free_antivirus_de.exe Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung
C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager [1].exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung
C:\Users\cevin\Downloads\FreeYouTubeToMP3Converter(1).exe Win32/OpenCandy potenziell unsichere Anwendung
C:\Users\cevin\Downloads\FreeYouTubeToMP3Converter.exe Win32/OpenCandy potenziell unsichere Anwendung
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0 Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0 Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by cevin (administrator) on CEVIN-PC on 17-07-2014 09:56:31
Running from C:\Users\cevin\Downloads\nicht wegwerfen\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2298607320-3797335160-988972994-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask Partner Network | APN - Ask Toolbar Download
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9E1AA96A9BC2CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE370
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF Homepage: hxxp://www.gayromeo.com/
FF NetworkProxy: "ftp", "46.38.63.77"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "46.38.63.77"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "46.38.63.77"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "46.38.63.77"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\cevin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF SearchPlugin: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\NJuNeXaeLAqLGUfGTsla
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Block site - C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-12-12]
FF Extension: Adblock Plus - C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-20]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-05]
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-12-28]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-07-01]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-07-01]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-07-01]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2014-07-01] (Kaspersky Lab ZAO)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [796192 2009-08-18] (Acer Incorporated)
R2 IGBASVC; c:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-08-06] (Egis Technology Inc.) [File not signed]
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [615936 2010-06-14] (Nokia) [File not signed]
R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [247152 2010-04-27] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-04-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [6656 2009-07-21] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-07-01] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-07-01] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-07-01] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-07-01] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-07-01] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-07-01] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-07-01] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-04-03] ()
S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [24272 2010-11-19] (DiBcom S.A.)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2010-02-26] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [19456 2010-02-26] (Nokia)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [25088 2009-07-21] (Nuvoton Technology Corporation)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [9216 2010-02-26] (Nokia)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\000.fcl [146928 2009-08-04] (CyberLink Corp.)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 mod7700; system32\DRIVERS\mod7700.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-17 09:52 - 2014-07-17 09:52 - 00000000 ____D () C:\Users\cevin\AppData\Local\{638377CB-7C26-455B-A949-B616A18B10D1}
2014-07-16 20:12 - 2014-07-16 20:13 - 00000000 ____D () C:\Users\cevin\AppData\Local\{0C51CFB2-5562-4D67-83DA-603C3F3A14F5}
2014-07-15 22:34 - 2014-07-15 22:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\737321B9.sys
2014-07-15 21:53 - 2014-07-15 21:53 - 02347384 _____ (ESET) C:\Users\cevin\Downloads\esetsmartinstaller_deu.exe
2014-07-15 21:18 - 2014-07-15 21:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 21:12 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-15 21:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-15 21:09 - 2014-07-15 21:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\cevin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-15 21:02 - 2014-07-15 21:02 - 00000000 ____D () C:\Users\cevin\AppData\Local\{D325ADB0-D95A-4981-86FA-919C79056A6B}
2014-07-14 22:49 - 2014-07-14 22:49 - 00000000 ____D () C:\Users\cevin\AppData\Local\{62A3F380-03B3-4935-85FE-E41BD3653C09}
2014-07-14 13:09 - 2014-07-17 09:50 - 00000376 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_cevin.job
2014-07-14 13:09 - 2014-07-15 20:51 - 00000370 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_cevin.job
2014-07-14 13:09 - 2014-07-15 20:51 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_cevin.job
2014-07-14 13:09 - 2014-07-14 13:09 - 00003612 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_cevin
2014-07-14 13:09 - 2014-07-14 13:09 - 00002960 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_cevin
2014-07-14 13:09 - 2014-07-14 13:09 - 00002956 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_cevin
2014-07-14 13:09 - 2014-07-14 13:09 - 00002664 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_cevin
2014-07-14 10:47 - 2014-07-14 10:48 - 00000000 ____D () C:\Users\cevin\AppData\Local\{3B7A7269-4594-4BF4-BFEF-0335894F9116}
2014-07-13 22:45 - 2014-07-13 22:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{EC12B936-F503-411D-8BDA-D26060502CD6}
2014-07-13 11:28 - 2014-07-13 11:28 - 01348263 _____ () C:\Users\cevin\Downloads\adwcleaner_3.215.exe
2014-07-13 11:24 - 2014-07-13 11:24 - 00000000 ____D () C:\Users\cevin\Downloads\FRST-OlderVersion
2014-07-13 10:44 - 2014-07-13 10:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{CFFDC617-47B9-4396-931D-A9BED6C4E098}
2014-07-12 22:43 - 2014-07-12 22:43 - 00000000 ____D () C:\Users\cevin\AppData\Local\{ABFA9B3A-41E4-42A6-8DAA-A792DC2B3396}
2014-07-12 13:25 - 2014-07-12 13:25 - 00019202 _____ () C:\Users\cevin\Documents\000000000000regiobus.odt
2014-07-12 10:43 - 2014-07-12 10:43 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C0770B71-8471-4A42-A586-A42660621108}
2014-07-12 01:12 - 2014-07-12 01:14 - 00037380 _____ () C:\Users\cevin\Downloads\Addition.txt
2014-07-12 01:02 - 2014-07-12 01:14 - 00051812 _____ () C:\Users\cevin\Downloads\FRST.txt
2014-07-11 22:42 - 2014-07-11 22:42 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C35B9E6F-7759-4FAD-B04B-1AABA1E3814E}
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E9028EED-1296-412D-A703-508033734006}
2014-07-10 21:22 - 2014-07-10 21:22 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B3910F8C-22FC-4C4F-A53D-AA7D0435B49C}
2014-07-09 11:42 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 11:42 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 11:42 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 11:42 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 11:42 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 11:42 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 11:41 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 11:41 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 11:41 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 11:40 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 11:40 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 11:40 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 11:40 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 11:40 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 11:40 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 11:40 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 11:40 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 11:40 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 11:40 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 11:40 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 11:40 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 11:40 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 11:40 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 11:40 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 11:40 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 11:40 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 11:40 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 11:40 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 11:40 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 11:40 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 11:40 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 11:40 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 11:40 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 11:40 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 11:40 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 11:40 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 11:40 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 11:40 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 11:40 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 11:40 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 11:40 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 11:40 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 11:40 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 11:40 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 11:40 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 11:40 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 11:40 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 11:40 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 11:40 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 11:40 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 11:40 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 11:40 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 11:40 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 11:40 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 11:40 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 11:40 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 11:40 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 11:40 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 11:40 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 11:40 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 11:40 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 11:40 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 11:40 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 11:40 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 11:40 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 11:39 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 11:39 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 11:39 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 09:51 - 2014-07-09 09:51 - 00000000 ____D () C:\Users\cevin\AppData\Local\{013AD591-86F6-4EE2-9012-CBA5C62C8879}
2014-07-06 21:45 - 2014-07-06 21:46 - 00000000 ____D () C:\Users\cevin\AppData\Local\{3C4EE774-96CB-45F5-B110-E408E0A37022}
2014-07-06 09:44 - 2014-07-06 09:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B2F0EAA2-E69E-46FD-9F4E-5815FF8801A5}
2014-07-04 15:53 - 2014-07-04 15:53 - 00000000 ____D () C:\Users\cevin\AppData\Local\{50A79613-225C-40C8-BDBE-F0CF6915E518}
2014-07-02 16:47 - 2014-07-02 16:47 - 00000000 ____D () C:\Users\cevin\AppData\Local\{07DD5A38-1376-4124-B1FF-FC864792DF37}
2014-07-01 17:20 - 2014-07-01 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-07-01 17:20 - 2014-07-01 17:19 - 00001053 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-07-01 17:19 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-07-01 17:15 - 2014-07-17 09:50 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-07-01 17:14 - 2014-07-01 17:43 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-07-01 17:14 - 2014-07-01 17:43 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-07-01 16:58 - 2014-07-01 17:01 - 235628672 _____ () C:\Users\cevin\Downloads\kav14.0.0.4651de-de.exe
2014-07-01 16:09 - 2014-07-01 16:09 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B0959EA8-683E-4E37-8769-5D161E49BE17}
2014-06-30 13:27 - 2014-06-30 13:27 - 00000000 ____D () C:\Users\cevin\AppData\Local\{237D482E-7E34-401E-8F17-0BA27F0262C4}
2014-06-28 22:39 - 2014-07-17 09:48 - 00003692 _____ () C:\Windows\PFRO.log
2014-06-28 22:39 - 2014-07-17 09:48 - 00001064 _____ () C:\Windows\setupact.log
2014-06-28 22:39 - 2014-07-10 21:11 - 00337312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-28 22:39 - 2014-06-28 22:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-27 23:21 - 2014-06-27 23:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{42FBE03B-0244-461C-91B1-785F48845D38}
2014-06-27 19:48 - 2014-06-27 19:48 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchApp
2014-06-27 17:46 - 2014-06-27 17:46 - 00076776 _____ () C:\Users\cevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-27 17:26 - 2014-06-27 17:26 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-27 17:26 - 2014-06-27 17:26 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-27 17:25 - 2014-06-27 17:25 - 04812672 _____ (Piriform Ltd) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager [1].exe
2014-06-27 17:24 - 2014-06-27 17:24 - 00788832 _____ ( ) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager.exe
2014-06-27 11:21 - 2014-06-27 11:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{6972D8A5-A219-443E-A357-89C155BDDA7D}
2014-06-26 10:45 - 2014-06-26 10:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E70B6A60-F2E8-448D-9E0D-5E4A9BC626D0}
2014-06-25 21:25 - 2014-06-25 21:25 - 00000000 ____D () C:\Users\cevin\AppData\Local\{96794EEB-D1F6-489F-818D-47B3C9CD3A0F}
2014-06-24 22:46 - 2014-06-24 22:46 - 00000000 ____D () C:\Users\cevin\AppData\Local\{93E3B89A-5BF8-4712-B6C1-98709B53CE8C}
2014-06-24 09:35 - 2014-06-24 09:35 - 00000000 ____D () C:\Users\cevin\AppData\Local\{BA391E80-3556-46D6-B103-2A3C18176909}
2014-06-23 22:58 - 2014-06-23 22:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{249218FD-5D6A-4E8A-B766-85CA18465D77}
2014-06-22 22:45 - 2014-06-22 22:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{2D8FB200-76DE-4EBF-99D1-F998CD7462BD}
2014-06-22 10:44 - 2014-06-22 10:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{CC0DC116-9230-4337-9A80-0B157742DCBD}
2014-06-21 21:58 - 2014-06-21 21:59 - 00000000 ____D () C:\Users\cevin\AppData\Local\{F751A3DB-714D-4A90-828C-B7048371B2CA}
2014-06-21 09:58 - 2014-06-21 09:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{8192B066-D83E-4FCF-BE07-D97D837C12F0}
2014-06-20 10:46 - 2014-06-20 10:51 - 00103267 _____ () C:\Users\cevin\Downloads\DriverView_v1.45.zip
2014-06-20 10:41 - 2014-06-20 10:42 - 00511782 _____ () C:\Users\cevin\Downloads\Autoruns.zip
2014-06-20 10:37 - 2014-06-20 10:37 - 00000000 ____D () C:\Users\cevin\AppData\Local\{89AB4BC8-06E9-460D-8204-722BEC691B51}
2014-06-18 22:55 - 2014-06-18 22:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4BCD0956-D6CD-43B1-87F9-4BA71B703826}
2014-06-18 11:55 - 2014-06-18 11:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\Adobe
2014-06-18 10:54 - 2014-06-18 10:54 - 00000000 ____D () C:\Users\cevin\AppData\Local\{951B063B-5B4E-4294-AD34-35FCBF7713F0}
2014-06-17 22:50 - 2014-06-17 22:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{A19CB636-F822-494D-9BA2-2E122C628559}
2014-06-17 13:51 - 2014-06-17 10:52 - 00000030 _____ () C:\AVScanner.ini
2014-06-17 10:50 - 2014-06-17 10:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4215C0E0-4780-4FE7-BDE3-CBDDFCB730CD}

==================== One Month Modified Files and Folders =======

2014-07-17 09:59 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-17 09:59 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-17 09:58 - 2013-06-28 23:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-17 09:57 - 2013-12-15 12:10 - 00000000 ____D () C:\FRST
2014-07-17 09:52 - 2014-07-17 09:52 - 00000000 ____D () C:\Users\cevin\AppData\Local\{638377CB-7C26-455B-A949-B616A18B10D1}
2014-07-17 09:50 - 2014-07-14 13:09 - 00000376 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_cevin.job
2014-07-17 09:50 - 2014-07-01 17:15 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-17 09:48 - 2014-06-28 22:39 - 00003692 _____ () C:\Windows\PFRO.log
2014-07-17 09:48 - 2014-06-28 22:39 - 00001064 _____ () C:\Windows\setupact.log
2014-07-17 09:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-17 02:32 - 2010-01-26 17:30 - 01254273 _____ () C:\Windows\WindowsUpdate.log
2014-07-16 20:13 - 2014-07-16 20:12 - 00000000 ____D () C:\Users\cevin\AppData\Local\{0C51CFB2-5562-4D67-83DA-603C3F3A14F5}
2014-07-16 20:12 - 2013-07-05 09:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-15 22:34 - 2014-07-15 22:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\737321B9.sys
2014-07-15 22:21 - 2014-05-04 11:36 - 00000000 ____D () C:\temp
2014-07-15 21:53 - 2014-07-15 21:53 - 02347384 _____ (ESET) C:\Users\cevin\Downloads\esetsmartinstaller_deu.exe
2014-07-15 21:19 - 2014-07-15 21:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 21:13 - 2012-05-18 22:59 - 00000000 ____D () C:\Users\cevin\AppData\Roaming\Malwarebytes
2014-07-15 21:13 - 2012-05-18 22:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-15 21:11 - 2012-12-01 11:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-15 21:09 - 2014-07-15 21:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\cevin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-15 21:02 - 2014-07-15 21:02 - 00000000 ____D () C:\Users\cevin\AppData\Local\{D325ADB0-D95A-4981-86FA-919C79056A6B}
2014-07-15 20:51 - 2014-07-14 13:09 - 00000370 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_cevin.job
2014-07-15 20:51 - 2014-07-14 13:09 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_cevin.job
2014-07-14 22:49 - 2014-07-14 22:49 - 00000000 ____D () C:\Users\cevin\AppData\Local\{62A3F380-03B3-4935-85FE-E41BD3653C09}
2014-07-14 15:01 - 2014-05-03 18:52 - 00000322 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job
2014-07-14 13:09 - 2014-07-14 13:09 - 00003612 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_cevin
2014-07-14 13:09 - 2014-07-14 13:09 - 00002960 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_cevin
2014-07-14 13:09 - 2014-07-14 13:09 - 00002956 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_cevin
2014-07-14 13:09 - 2014-07-14 13:09 - 00002664 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_cevin
2014-07-14 10:48 - 2014-07-14 10:47 - 00000000 ____D () C:\Users\cevin\AppData\Local\{3B7A7269-4594-4BF4-BFEF-0335894F9116}
2014-07-13 22:45 - 2014-07-13 22:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{EC12B936-F503-411D-8BDA-D26060502CD6}
2014-07-13 11:30 - 2013-12-16 23:50 - 00000000 ____D () C:\AdwCleaner
2014-07-13 11:28 - 2014-07-13 11:28 - 01348263 _____ () C:\Users\cevin\Downloads\adwcleaner_3.215.exe
2014-07-13 11:24 - 2014-07-13 11:24 - 00000000 ____D () C:\Users\cevin\Downloads\FRST-OlderVersion
2014-07-13 10:44 - 2014-07-13 10:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{CFFDC617-47B9-4396-931D-A9BED6C4E098}
2014-07-12 22:43 - 2014-07-12 22:43 - 00000000 ____D () C:\Users\cevin\AppData\Local\{ABFA9B3A-41E4-42A6-8DAA-A792DC2B3396}
2014-07-12 13:25 - 2014-07-12 13:25 - 00019202 _____ () C:\Users\cevin\Documents\000000000000regiobus.odt
2014-07-12 10:43 - 2014-07-12 10:43 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C0770B71-8471-4A42-A586-A42660621108}
2014-07-12 01:14 - 2014-07-12 01:12 - 00037380 _____ () C:\Users\cevin\Downloads\Addition.txt
2014-07-12 01:14 - 2014-07-12 01:02 - 00051812 _____ () C:\Users\cevin\Downloads\FRST.txt
2014-07-11 22:42 - 2014-07-11 22:42 - 00000000 ____D () C:\Users\cevin\AppData\Local\{C35B9E6F-7759-4FAD-B04B-1AABA1E3814E}
2014-07-11 22:37 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E9028EED-1296-412D-A703-508033734006}
2014-07-10 21:22 - 2014-07-10 21:22 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B3910F8C-22FC-4C4F-A53D-AA7D0435B49C}
2014-07-10 21:11 - 2014-06-28 22:39 - 00337312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 00:03 - 2009-08-22 08:06 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 00:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 00:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 23:25 - 2013-08-15 10:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 23:19 - 2010-05-23 11:48 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 19:03 - 2014-05-03 19:03 - 00000326 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2014-07-09 18:59 - 2013-06-28 23:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 18:59 - 2013-05-05 20:44 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 18:59 - 2013-05-05 20:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 18:52 - 2014-05-03 18:52 - 00000330 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job
2014-07-09 16:34 - 2010-01-27 02:23 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-07-09 16:34 - 2010-01-27 02:23 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-07-09 16:34 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-09 09:51 - 2014-07-09 09:51 - 00000000 ____D () C:\Users\cevin\AppData\Local\{013AD591-86F6-4EE2-9012-CBA5C62C8879}
2014-07-06 21:46 - 2014-07-06 21:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{3C4EE774-96CB-45F5-B110-E408E0A37022}
2014-07-06 09:44 - 2014-07-06 09:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B2F0EAA2-E69E-46FD-9F4E-5815FF8801A5}
2014-07-05 23:24 - 2012-05-26 21:25 - 00000000 ____D () C:\Users\cevin\AppData\Roaming\vlc
2014-07-04 15:55 - 2013-12-19 13:51 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-04 15:53 - 2014-07-04 15:53 - 00000000 ____D () C:\Users\cevin\AppData\Local\{50A79613-225C-40C8-BDBE-F0CF6915E518}
2014-07-02 16:47 - 2014-07-02 16:47 - 00000000 ____D () C:\Users\cevin\AppData\Local\{07DD5A38-1376-4124-B1FF-FC864792DF37}
2014-07-01 17:43 - 2014-07-01 17:14 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-07-01 17:43 - 2014-07-01 17:14 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-07-01 17:43 - 2013-06-10 12:27 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2014-07-01 17:43 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-07-01 17:43 - 2013-05-06 09:22 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-07-01 17:43 - 2013-05-05 22:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2014-07-01 17:43 - 2013-05-05 22:42 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-07-01 17:20 - 2014-07-01 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-07-01 17:19 - 2014-07-01 17:20 - 00001053 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-07-01 17:15 - 2014-07-01 17:15 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-07-01 17:01 - 2014-07-01 16:58 - 235628672 _____ () C:\Users\cevin\Downloads\kav14.0.0.4651de-de.exe
2014-07-01 16:09 - 2014-07-01 16:09 - 00000000 ____D () C:\Users\cevin\AppData\Local\{B0959EA8-683E-4E37-8769-5D161E49BE17}
2014-06-30 13:27 - 2014-06-30 13:27 - 00000000 ____D () C:\Users\cevin\AppData\Local\{237D482E-7E34-401E-8F17-0BA27F0262C4}
2014-06-28 22:39 - 2014-06-28 22:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-27 23:21 - 2014-06-27 23:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{42FBE03B-0244-461C-91B1-785F48845D38}
2014-06-27 19:48 - 2014-06-27 19:48 - 00004026 _____ () C:\Windows\System32\Tasks\LaunchApp
2014-06-27 19:46 - 2010-03-08 14:50 - 00000000 ____D () C:\Windows\pss
2014-06-27 17:48 - 2010-08-10 14:59 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-06-27 17:46 - 2014-06-27 17:46 - 00076776 _____ () C:\Users\cevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-27 17:34 - 2012-01-24 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cultures - Die Entdeckung Vinlands
2014-06-27 17:34 - 2009-08-22 07:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2014-06-27 17:34 - 2009-07-27 22:41 - 00000000 ____D () C:\Windows\Panther
2014-06-27 17:33 - 2010-03-20 12:00 - 00000000 ____D () C:\Windows\Minidump
2014-06-27 17:26 - 2014-06-27 17:26 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-27 17:26 - 2014-06-27 17:26 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-27 17:26 - 2014-06-27 17:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-27 17:25 - 2014-06-27 17:25 - 04812672 _____ (Piriform Ltd) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager [1].exe
2014-06-27 17:24 - 2014-06-27 17:24 - 00788832 _____ ( ) C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager.exe
2014-06-27 11:21 - 2014-06-27 11:21 - 00000000 ____D () C:\Users\cevin\AppData\Local\{6972D8A5-A219-443E-A357-89C155BDDA7D}
2014-06-26 10:45 - 2014-06-26 10:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{E70B6A60-F2E8-448D-9E0D-5E4A9BC626D0}
2014-06-25 21:25 - 2014-06-25 21:25 - 00000000 ____D () C:\Users\cevin\AppData\Local\{96794EEB-D1F6-489F-818D-47B3C9CD3A0F}
2014-06-24 22:46 - 2014-06-24 22:46 - 00000000 ____D () C:\Users\cevin\AppData\Local\{93E3B89A-5BF8-4712-B6C1-98709B53CE8C}
2014-06-24 09:35 - 2014-06-24 09:35 - 00000000 ____D () C:\Users\cevin\AppData\Local\{BA391E80-3556-46D6-B103-2A3C18176909}
2014-06-23 22:58 - 2014-06-23 22:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{249218FD-5D6A-4E8A-B766-85CA18465D77}
2014-06-22 22:45 - 2014-06-22 22:45 - 00000000 ____D () C:\Users\cevin\AppData\Local\{2D8FB200-76DE-4EBF-99D1-F998CD7462BD}
2014-06-22 10:44 - 2014-06-22 10:44 - 00000000 ____D () C:\Users\cevin\AppData\Local\{CC0DC116-9230-4337-9A80-0B157742DCBD}
2014-06-21 21:59 - 2014-06-21 21:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{F751A3DB-714D-4A90-828C-B7048371B2CA}
2014-06-21 09:58 - 2014-06-21 09:58 - 00000000 ____D () C:\Users\cevin\AppData\Local\{8192B066-D83E-4FCF-BE07-D97D837C12F0}
2014-06-20 22:14 - 2014-07-09 11:40 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 11:40 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 10:51 - 2014-06-20 10:46 - 00103267 _____ () C:\Users\cevin\Downloads\DriverView_v1.45.zip
2014-06-20 10:42 - 2014-06-20 10:41 - 00511782 _____ () C:\Users\cevin\Downloads\Autoruns.zip
2014-06-20 10:37 - 2014-06-20 10:37 - 00000000 ____D () C:\Users\cevin\AppData\Local\{89AB4BC8-06E9-460D-8204-722BEC691B51}
2014-06-19 03:39 - 2014-07-09 11:40 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 11:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 11:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 11:40 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 11:40 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-09 11:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-09 11:40 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-09 11:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-09 11:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 11:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 11:40 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 11:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 11:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-09 11:40 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 11:40 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 11:40 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 11:40 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 11:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 11:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 11:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 11:40 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 11:40 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 11:40 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 11:40 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 11:40 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 11:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 11:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 11:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 11:40 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 11:40 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 11:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 11:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 11:40 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 11:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 11:40 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 11:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 11:40 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 11:40 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 11:40 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 11:40 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 11:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 11:40 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 11:40 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 11:40 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 11:40 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 11:40 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 11:40 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 11:40 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 11:40 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 11:40 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 11:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 11:40 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 11:40 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 11:40 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 22:55 - 2014-06-18 22:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4BCD0956-D6CD-43B1-87F9-4BA71B703826}
2014-06-18 11:55 - 2014-06-18 11:55 - 00000000 ____D () C:\Users\cevin\AppData\Local\Adobe
2014-06-18 10:54 - 2014-06-18 10:54 - 00000000 ____D () C:\Users\cevin\AppData\Local\{951B063B-5B4E-4294-AD34-35FCBF7713F0}
2014-06-18 04:18 - 2014-07-09 11:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-09 11:42 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-09 11:42 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 22:50 - 2014-06-17 22:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{A19CB636-F822-494D-9BA2-2E122C628559}
2014-06-17 10:52 - 2014-06-17 13:51 - 00000030 _____ () C:\AVScanner.ini
2014-06-17 10:52 - 2009-08-22 07:29 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-17 10:50 - 2014-06-17 10:50 - 00000000 ____D () C:\Users\cevin\AppData\Local\{4215C0E0-4780-4FE7-BDE3-CBDDFCB730CD}

Some content of TEMP:
====================
C:\Users\cevin\AppData\Local\Temp\avgnt.exe
C:\Users\cevin\AppData\Local\Temp\CloudBackup8495.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 16:50

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

also ich hab noch beide programme drauf das mit dem schirm aber deaktiviert weil kapersky is nur eine testversion und ich bin mir ncht sicher ob ich es kaufen will weil es ja auch nicht mehr bedrohungen gefunden hat we das schirm teil

ob der rechner besser läuft kann ich dir noch nicht sagen da ich ja grad erst deine anweisungen ausgeführt habe....

allerdings die gefundenen bedrohungen von eset sind ja immer noch auf meinen rechner weil die ja ncht entfernt werden sollten oder seh ich das falsch

also ich hab jetzt bissel mit dem notebook gearbeitet und muss sagen ich hab das gefühl stellenweise ist es schlimmer geworden

ich arbeite klick was an und dann friert die seite ein und ich muss minutenlang warten bis es weiter geht

Bootsektor · 17.07.2014, 22:27

Zitat:

also ich hab noch beide programme drauf das mit dem schirm aber deaktiviert weil kapersky is nur eine testversion und ich bin mir ncht sicher ob ich es kaufen will weil es ja auch nicht mehr bedrohungen gefunden hat we das schirm teil

auch wenn du es deaktiviert hast, rödelt es da immer noch rum, deinstalliere versuchsweise avira, benutze dazu den Avira Registry Cleaner und teste danach dann die Performance nochmal.

Ist das das ganze ESET-Log?

cauchemar · 21.07.2014, 07:24

also hab es gemacht der rechner ist nicht schneller allerdings wundert mich das nicht weil die probleme hab ich ja schon gehabt bevor ich den zweiten vierenscaner installiert habe...

ja hab dir das ganze log geschickt.....fehlt was?

und was is jetzt eigentlich mit den bedrohungen de das andere programm von dir gefunden hat?

Bootsektor · 21.07.2014, 23:02

Du meinst Eset?
Das sind PUPs (unerwünschte Programme ohne sinnvollen Nutzen), Adware und Toolbars in Installern verpackt, nichts, was deinen PC so dermassen in die Knie zwingt und das entfernen wir noch

Ich seh in deinen Logs keinen malwarerelativierten Anhaltspunkt, der das verursacht, ist der Laptop generell ständig so langsam?
Schau einmal im Taskmanager nach, ob du da einen Prozess findest, der viel Speicherkapazität verbraucht.

Hast du den Rechner schon einmal defragmentiert?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask Partner Network | APN - Ask Toolbar Download
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
FF SearchPlugin: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\NJuNeXaeLAqLGUfGTsla
C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe 
C:\temp\InstallFilter64.msi 
C:\Users\cevin\Downloads\avira_free_antivirus_de.exe 
C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager [1].exe 
C:\Users\cevin\Downloads\FreeYouTubeToMP3Converter(1).exe 
C:\Users\cevin\Downloads\FreeYouTubeToMP3Converter.exe 
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0 
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

cauchemar · 25.07.2014, 08:07

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-07-2014 01
Ran by cevin at 2014-07-25 08:55:56 Run:3
Running from C:\Users\cevin\Downloads\nicht wegwerfen\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask Partner Network | APN - Ask Toolbar Download
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
FF SearchPlugin: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\NJuNeXaeLAqLGUfGTsla
C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe
C:\temp\InstallFilter64.msi
C:\Users\cevin\Downloads\avira_free_antivirus_de.exe
C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager [1].exe
C:\Users\cevin\Downloads\FreeYouTubeToMP3Converter(1).exe
C:\Users\cevin\Downloads\FreeYouTubeToMP3Converter.exe
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0

*****************

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
"C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\askcom.xml" => not found.
"C:\Users\cevin\AppData\Roaming\Mozilla\Firefox\Profiles\0yzj76kz.default\searchplugins\NJuNeXaeLAqLGUfGTsla" => not found.
Could not move "C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe" => Scheduled to move on reboot.
C:\temp\InstallFilter64.msi => Moved successfully.
C:\Users\cevin\Downloads\avira_free_antivirus_de.exe => Moved successfully.
C:\Users\cevin\Downloads\ccsetup415_CB-DL-Manager [1].exe => Moved successfully.
C:\Users\cevin\Downloads\FreeYouTubeToMP3Converter(1).exe => Moved successfully.
C:\Users\cevin\Downloads\FreeYouTubeToMP3Converter.exe => Moved successfully.
"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0" => File/Directory not found.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0 => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-07-25 09:00:31)<=

"C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe" => File could not move.

==== End of Fixlog ====

13.07.2014, 09:52	#6
Bootsektor Ruhe in Frieden † 2019	notebook wird immer langsamer Das liegt dadran, dass du FRST aus deinem Downloadordner ausführst. Verschieb die FRST bitte auf dem Desktop, und probiere es dann nochmal. __________________ --> notebook wird immer langsamer

15.07.2014, 21:55	#10
Bootsektor Ruhe in Frieden † 2019	notebook wird immer langsamer Hallo cauchemar, schön ich warte dann noch auf die Beantwortung beider Fragen und die weiteren Logs __________________ Grüße stolzes Mitglied von UNITE Du hast Lob oder Verbesserungsvorschläge? Du findest unsere Arbeit gut und möchtest uns finanziell unterstützen? -> Spende

notebook wird immer langsamer

Plagegeister aller Art und deren Bekämpfung: notebook wird immer langsamer