Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird

Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird


Plagegeister aller Art und deren Bekämpfung: Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 19.07.2014, 17:45   #1
Lady Frigg
 
Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird - Standard

Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird


Wie im Titel schon erwähnt, öffnet Firefox derzeit ständig eigenmächtig Fenster/Tabs - auch wenn ich in dem Moment Firefox gar nicht nutzen möchte.
(zB wenn ich über ein Spieleclient online gehe)

Bevor wir loslegen, muss ich noch erwähnen, das ich kaum bis keine Ahnung habe und genaue Anleitungen brauche um Folgen zu können.

Wie ich an die ersten Logfiles komme, hab ich mich erstmal hier durchgelesen und hoffe habe alles richtig gemacht für meinen ersten Versuch dabei.
Solltet ich doch was vergessen haben - werd ich natürlich versuchen diese Nachzureichen^^

defogger_disable
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:44 on 19/07/2014 (Lola)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2014
Ran by Lola (administrator) on STUBE on 19-07-2014 17:48:13
Running from C:\Users\Lola\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
() C:\Users\Lola\AppData\Local\ContextFree\nvcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(Spigot Inc) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13425224 2013-03-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SearchSettings] => C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1404736 2014-06-16] (Spigot, Inc.)
HKLM-x32\...\Run: [fst_de_86] => [X]
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1601856 2014-05-23] (IObit)
HKU\S-1-5-21-2611022401-1185657083-2724232758-1001\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2295584 2014-04-21] (IObit)
HKU\S-1-5-21-2611022401-1185657083-2724232758-1001\...\Run: [framei] => C:\Users\Lola\AppData\Local\ContextFree\framei.exe [567808 2014-07-01] ()
HKU\S-1-5-21-2611022401-1185657083-2724232758-1001\...\Run: [nvcmd] => C:\Users\Lola\AppData\Local\ContextFree\nvcmd.exe [596480 2014-07-01] ()
HKU\S-1-5-21-2611022401-1185657083-2724232758-1001\...\Run: [cntcmd] => C:\Users\Lola\AppData\Local\ContextFree\cntcmd.exe [596480 2014-07-01] ()
HKU\S-1-5-21-2611022401-1185657083-2724232758-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2611022401-1185657083-2724232758-1001\...\MountPoints2: {025fd6ec-81f2-11e3-be73-f80f41a03396} - "E:\LGAutoRun.exe" 
HKU\S-1-5-21-2611022401-1185657083-2724232758-1001\...\MountPoints2: {2324f0b4-9ccd-11e3-be8b-f80f41a03396} - "E:\LGAutoRun.exe" 
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
BootExecute: RegistryDefragBootTime.exeautocheck autochk * 

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027&q={searchTerms}
URLSearchHook: HKCU - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.4\iobitappsToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.4\iobitappsToolbarIE.dll (Spigot, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027&q={searchTerms}
SearchScopes: HKLM - {351D8E3A-7CC5-41B3-841C-2A2C601EC8D5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027&q={searchTerms}
SearchScopes: HKLM-x32 - {351D8E3A-7CC5-41B3-841C-2A2C601EC8D5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027&q={searchTerms}
SearchScopes: HKCU - {351D8E3A-7CC5-41B3-841C-2A2C601EC8D5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {790DEE0B-14BB-4FEE-8805-7AC306401ACA} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO-x32: IObit Apps Toolbar -> {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -> C:\Program Files (x86)\IObit Apps Toolbar\IE\9.4\iobitappsToolbarIE.dll (Spigot, Inc.)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: FlowSurf -> {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} -> C:\Program Files (x86)\Flowsurf\FlowSurf.dll (FlowSurf Inc.)
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.4\iobitappsToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.4\iobitappsToolbarIE.dll (Spigot, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.repage.de/member/paladine
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @mail.ru/GameCenter - C:\Users\Lola\AppData\Local\Mail.Ru\GameCenter-EU\NPDetector.dll (LLC Mail.Ru)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Lola\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ads Removal - C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\adremoveext@adremoveext.net [2014-06-27]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\ascsurfingprotection@iobit.com [2014-06-07]
FF Extension: Fast Start - C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\faststartff@gmail.com [2014-07-14]
FF Extension: Start Page - C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} [2014-06-17]
FF Extension: Qute Classic - C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\{5514CFC3-D9A8-4f1a-8DF1-930EBFB59901}.xpi [2014-01-19]
FF Extension: Adblock Plus - C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-18]
FF HKLM-x32\...\Firefox\Extensions: [jid1-tofUlNEIFlkUIA@jetpack] - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack
FF Extension: FlowSurf - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://istart.webssearches.com/?type=sc&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027

Chrome: 
=======
CHR HomePage: hxxp://istart.webssearches.com/?type=hp&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: webssearches
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - F:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Wajam) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll No File
CHR Plugin: (Adobe Acrobat) - F:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.170.4) - F:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll No File
CHR Plugin: (2007 Microsoft Office system) - F:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Winamp Application Detector) - F:\Program Files\Mozilla Firefox\plugins\npwachk.dll No File
CHR Plugin: (Microsoft® DRM) - F:\Program Files\Windows Media Player\npdrmv2.dll No File
CHR Plugin: (Microsoft® DRM) - F:\Program Files\Windows Media Player\npwmsdrm.dll No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - F:\Program Files\Windows Media Player\npdsplay.dll No File
CHR Plugin: (Google Update) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Google Earth Plugin) - F:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Panda ActiveScan 2.0) - F:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll No File
CHR Plugin: (iTunes Application Detector) - F:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Ma-Config.com plugin) - F:\Program Files\ma-config.com\nphardwaredetection.dll No File
CHR Plugin: (Silverlight Plug-In) - f:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (gamecenter component npdetector.dll) - C:\Users\Lola\AppData\Local\Mail.Ru\GameCenter-EU\NPDetector.dll (LLC Mail.Ru)
CHR Extension: (Google Wallet) - C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-23]
CHR Extension: (FlowSurf) - C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Lola\AppData\Local\Slick Savings\coupons.crx [2014-07-14]

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-05-15] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-06-07] (IObit)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com)
S2 HPSLPSVC; C:\Users\Lola\AppData\Local\Temp\7zS3EFF\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [38504 2012-04-16] (Windows (R) Codename Longhorn DDK provider)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; \SystemRoot\system32\DRIVERS\lgandnetndis64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-19 17:48 - 2014-07-19 17:48 - 00022616 _____ () C:\Users\Lola\Desktop\FRST.txt
2014-07-19 17:47 - 2014-07-19 17:48 - 00000000 ____D () C:\FRST
2014-07-19 17:44 - 2014-07-19 17:44 - 00000470 _____ () C:\Users\Lola\Desktop\defogger_disable.log
2014-07-19 17:44 - 2014-07-19 17:44 - 00000000 _____ () C:\Users\Lola\defogger_reenable
2014-07-19 17:37 - 2014-07-19 17:37 - 00000626 _____ () C:\Users\Lola\Desktop\Ereignisse.txt
2014-07-19 17:34 - 2014-07-19 17:34 - 00380416 _____ () C:\Users\Lola\Desktop\Gmer-19357.exe
2014-07-19 17:33 - 2014-07-19 17:33 - 02089984 _____ (Farbar) C:\Users\Lola\Desktop\FRST64.exe
2014-07-19 17:30 - 2014-07-19 17:30 - 00050477 _____ () C:\Users\Lola\Desktop\Defogger.exe
2014-07-15 12:18 - 2014-07-15 12:18 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-15 12:17 - 2014-07-15 12:17 - 00003158 _____ () C:\WINDOWS\System32\Tasks\StartMenuAutoupdate
2014-07-15 12:17 - 2014-07-15 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2014-07-15 10:08 - 2014-07-15 10:08 - 00818744 _____ (Reimage®) C:\Users\Lola\Downloads\ReimageRepair.exe
2014-07-14 21:38 - 2014-07-14 21:38 - 00000000 ____D () C:\Users\Lola\AppData\Local\ContextFree
2014-07-14 21:36 - 2014-07-15 12:21 - 00000000 ____D () C:\Users\Lola\AppData\Roaming\InetStat
2014-07-14 21:36 - 2014-07-14 21:36 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-14 21:34 - 2014-07-15 09:38 - 00000002 _____ () C:\END
2014-07-14 21:34 - 2014-07-15 09:38 - 00000000 ____D () C:\Program Files (x86)\Flowsurf
2014-07-14 21:34 - 2014-07-14 21:34 - 00003082 _____ () C:\WINDOWS\System32\Tasks\fsupdate
2014-07-14 16:17 - 2014-07-14 16:17 - 00339680 _____ () C:\Users\Lola\Downloads\FlashPlayersetup__7343_i1040439988_il23.exe
2014-07-11 09:13 - 2014-07-11 09:13 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-07-11 09:13 - 2014-07-11 09:13 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-07-11 09:13 - 2014-07-11 09:13 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-07-11 09:12 - 2014-07-11 09:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-07-11 08:52 - 2014-06-26 22:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-11 08:52 - 2014-06-26 22:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 12:10 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 12:09 - 2014-07-09 12:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 05:55 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 05:55 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 05:55 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 05:55 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 05:55 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 05:55 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 05:55 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 05:55 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 05:55 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 05:55 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 05:54 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 05:54 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 05:54 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 05:54 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 05:54 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 05:54 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 05:53 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 05:53 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 05:53 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 05:53 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 05:53 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 05:53 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 05:53 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 05:53 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 05:53 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 05:53 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 05:53 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 05:53 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 05:53 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 05:53 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 05:53 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 05:53 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 05:53 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 05:53 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 05:53 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 05:53 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 05:53 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 05:51 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 05:51 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 05:51 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 05:51 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 05:51 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 05:51 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 05:51 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 05:51 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 05:51 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 05:51 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 05:51 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 05:51 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 05:51 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 05:51 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 05:51 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 05:51 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 05:51 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 05:51 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 05:51 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 05:51 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 05:45 - 2014-07-09 05:45 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-01 11:51 - 2014-07-01 11:51 - 00000000 ____D () C:\Program Files (x86)\IObit Apps Toolbar
2014-07-01 11:51 - 2014-07-01 11:51 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-06-21 23:43 - 2014-06-21 23:43 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2014-06-21 18:02 - 2014-07-19 09:52 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-21 18:02 - 2014-06-21 18:02 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 10:16 - 2014-06-19 10:16 - 00000024 _____ () C:\Users\Lola\AppData\Roaming\temp.ini

==================== One Month Modified Files and Folders =======

2014-07-19 17:48 - 2014-07-19 17:48 - 00022616 _____ () C:\Users\Lola\Desktop\FRST.txt
2014-07-19 17:48 - 2014-07-19 17:47 - 00000000 ____D () C:\FRST
2014-07-19 17:44 - 2014-07-19 17:44 - 00000470 _____ () C:\Users\Lola\Desktop\defogger_disable.log
2014-07-19 17:44 - 2014-07-19 17:44 - 00000000 _____ () C:\Users\Lola\defogger_reenable
2014-07-19 17:44 - 2014-01-28 00:00 - 00000000 ____D () C:\Users\Lola
2014-07-19 17:43 - 2014-06-09 18:15 - 01755225 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-19 17:37 - 2014-07-19 17:37 - 00000626 _____ () C:\Users\Lola\Desktop\Ereignisse.txt
2014-07-19 17:36 - 2014-01-17 23:23 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2611022401-1185657083-2724232758-1001
2014-07-19 17:34 - 2014-07-19 17:34 - 00380416 _____ () C:\Users\Lola\Desktop\Gmer-19357.exe
2014-07-19 17:33 - 2014-07-19 17:33 - 02089984 _____ (Farbar) C:\Users\Lola\Desktop\FRST64.exe
2014-07-19 17:30 - 2014-07-19 17:30 - 00050477 _____ () C:\Users\Lola\Desktop\Defogger.exe
2014-07-19 17:29 - 2014-06-07 17:49 - 00000000 ____D () C:\Users\Lola\Desktop\Deutschland Spielt
2014-07-19 17:26 - 2014-06-07 15:12 - 00002189 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-07-19 17:20 - 2014-06-07 15:12 - 00000252 _____ () C:\WINDOWS\Tasks\ASC7_SkipUac_Lola.job
2014-07-19 17:16 - 2014-04-18 12:13 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-19 17:13 - 2014-02-20 22:37 - 00000288 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job
2014-07-19 17:07 - 2014-01-18 14:35 - 00001118 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-19 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-19 15:20 - 2014-05-17 15:23 - 00000412 _____ () C:\WINDOWS\Tasks\Wise Turbo Checker.job
2014-07-19 10:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-19 09:52 - 2014-06-21 18:02 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-19 09:52 - 2014-01-28 00:31 - 00000000 ___DO () C:\Users\Lola\SkyDrive
2014-07-19 03:13 - 2014-06-09 18:01 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87182F7E-78A1-441D-96FB-2954177723C7}
2014-07-15 12:23 - 2014-06-17 10:13 - 00000000 ____D () C:\Users\Lola\AppData\Roaming\Slick Savings
2014-07-15 12:23 - 2014-06-17 10:13 - 00000000 ____D () C:\Users\Lola\AppData\Local\Slick Savings
2014-07-15 12:21 - 2014-07-14 21:36 - 00000000 ____D () C:\Users\Lola\AppData\Roaming\InetStat
2014-07-15 12:18 - 2014-07-15 12:18 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-15 12:17 - 2014-07-15 12:17 - 00003158 _____ () C:\WINDOWS\System32\Tasks\StartMenuAutoupdate
2014-07-15 12:17 - 2014-07-15 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2014-07-15 10:08 - 2014-07-15 10:08 - 00818744 _____ (Reimage®) C:\Users\Lola\Downloads\ReimageRepair.exe
2014-07-15 09:42 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-15 09:42 - 2013-11-14 09:11 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-15 09:42 - 2013-11-14 09:11 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-15 09:38 - 2014-07-14 21:34 - 00000002 _____ () C:\END
2014-07-15 09:38 - 2014-07-14 21:34 - 00000000 ____D () C:\Program Files (x86)\Flowsurf
2014-07-15 09:37 - 2014-06-07 16:11 - 00165659 _____ () C:\MyXML.xml
2014-07-15 09:37 - 2014-05-17 14:58 - 00000000 ____D () C:\Users\Lola\AppData\Roaming\Wise Care 365
2014-07-15 09:37 - 2014-02-20 22:37 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-15 09:36 - 2014-06-09 05:51 - 73138176 _____ () C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2014-07-15 09:36 - 2014-06-09 05:51 - 00409600 _____ () C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2014-07-15 09:36 - 2014-06-09 05:51 - 00036864 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak
2014-07-15 09:36 - 2014-06-09 05:51 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2014-07-15 09:36 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-15 06:23 - 2013-08-22 15:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-14 21:38 - 2014-07-14 21:38 - 00000000 ____D () C:\Users\Lola\AppData\Local\ContextFree
2014-07-14 21:36 - 2014-07-14 21:36 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-14 21:35 - 2014-01-28 00:25 - 00001688 _____ () C:\Users\Lola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-14 21:35 - 2014-01-17 23:25 - 00001385 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-14 21:34 - 2014-07-14 21:34 - 00003082 _____ () C:\WINDOWS\System32\Tasks\fsupdate
2014-07-14 16:17 - 2014-07-14 16:17 - 00339680 _____ () C:\Users\Lola\Downloads\FlashPlayersetup__7343_i1040439988_il23.exe
2014-07-11 12:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-11 09:13 - 2014-07-11 09:13 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-07-11 09:13 - 2014-07-11 09:13 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-07-11 09:13 - 2014-07-11 09:13 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-07-11 09:13 - 2014-07-11 09:13 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-07-11 09:13 - 2014-07-11 09:13 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-07-11 09:13 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-11 09:12 - 2014-07-11 09:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-07-11 08:51 - 2013-08-22 16:44 - 00360464 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-11 02:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-11 02:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 02:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 02:12 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-10 14:26 - 2014-03-13 12:34 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-07-09 12:15 - 2014-01-18 14:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 12:12 - 2014-01-18 14:18 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 12:12 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 12:09 - 2014-07-09 12:09 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 12:09 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 05:45 - 2014-07-09 05:45 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-08 11:54 - 2014-04-18 12:13 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-03 17:29 - 2014-03-12 15:10 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-07-01 11:51 - 2014-07-01 11:51 - 00000000 ____D () C:\Program Files (x86)\IObit Apps Toolbar
2014-07-01 11:51 - 2014-07-01 11:51 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-07-01 00:45 - 2014-07-09 05:51 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-28 09:48 - 2014-07-09 05:51 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 09:07 - 2014-07-09 05:51 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-28 00:50 - 2014-01-18 00:56 - 00000000 ____D () C:\Users\Lola\AppData\Roaming\TS3Client
2014-06-26 22:55 - 2014-07-11 08:52 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:55 - 2014-07-11 08:52 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 11:35 - 2014-01-18 00:48 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-21 23:43 - 2014-06-21 23:43 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2014-06-21 18:02 - 2014-06-21 18:02 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-21 18:02 - 2014-01-18 14:35 - 00004090 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 10:16 - 2014-06-19 10:16 - 00000024 _____ () C:\Users\Lola\AppData\Roaming\temp.ini
2014-06-19 10:15 - 2014-02-20 22:37 - 00000000 ____D () C:\ProgramData\IObit
2014-06-19 03:39 - 2014-07-09 05:54 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-19 02:48 - 2014-07-09 05:53 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-19 02:16 - 2014-07-09 05:54 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-19 02:09 - 2014-07-09 05:53 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-19 01:51 - 2014-07-09 05:54 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 05:53 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 05:53 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-19 01:46 - 2014-07-09 05:54 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-19 01:39 - 2014-07-09 05:53 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-19 01:33 - 2014-07-09 05:53 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 05:53 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-19 01:27 - 2014-07-09 05:53 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-19 01:12 - 2014-07-09 05:53 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-19 00:59 - 2014-07-09 05:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 05:53 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 05:53 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-19 00:57 - 2014-07-09 05:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-19 00:52 - 2014-07-09 05:53 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 05:54 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 05:53 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-19 00:45 - 2014-07-09 05:53 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 05:53 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 05:53 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 05:53 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 05:53 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 05:53 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 05:53 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\ProgramData\uninstall265917.exe


Some content of TEMP:
====================
C:\Users\Freya\AppData\Local\Temp\avgnt.exe
C:\Users\Lola\AppData\Local\Temp\avgnt.exe
C:\Users\Lola\AppData\Local\Temp\{D983D7E1-6584-4398-A43B-2FB423F350E2}-36.0.1985.125_35.0.1916.153_chrome_updater.exe
C:\Users\Thomas\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 14:57

==================== End Of Log ============================
Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2014
Ran by Lola at 2014-07-19 17:50:16
Running from C:\Users\Lola\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer Remote (HKLM-x32\...\Acer Remote1.0) (Version: 1.0 - Acer Inc.)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.3.0 - IObit)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{6F33B065-4478-44EE-8E5F-A40BBD61619F}) (Version: 20.2.45.72438 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.2.45.72438 - Alcor Micro Corp.) Hidden
AMD Accelerated Video Transcoding (Version: 12.10.100.30322 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E3AB2F4D-B540-437B-4E4F-3A3C344C3B2A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0322.413.5642 - Ihr Firmenname) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0322.413.5642 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0322.413.5642 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2013.0322.413.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0322.0412.5642 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0322.413.5642 - Advanced Micro Devices, Inc.) Hidden
Center@Mail.Ru - EU (HKCU\...\GameCenterMailRu-EU) (Version: 2.320 - LLC Mail.Ru)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2012 - Acer Incorporated)
ContextFree (HKCU\...\ContextFree) (Version:  - )
Dark Mysteries: Der Seelensammler Sammleredition (HKLM-x32\...\Dark Mysteries: Der Seelensammler Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Dark Strokes: Die Sünden der Väter Sammleredition (HKLM-x32\...\Dark Strokes: Die Sünden der Väter Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Der Fluch der Werwölfe Sammleredition (HKLM-x32\...\Der Fluch der Werwölfe Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Der Tempel des Lebens: Die Legende der Vier Elemente Sammleredition (HKLM-x32\...\Der Tempel des Lebens: Die Legende der Vier Elemente Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Die 4 Elemente (HKLM-x32\...\Die 4 Elemente) (Version: 0.0.0.0 - INTENIUM GmbH)
Die 4 Elemente II Sammleredition (HKLM-x32\...\Die 4 Elemente II Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit)
Elementals: Der Magische Schlüssel (HKLM-x32\...\Elementals: Der Magische Schlüssel) (Version: 1.0.0.0 - INTENIUM GmbH)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haunted Past: Im Reich der Geister Sammleredition (HKLM-x32\...\Haunted Past: Im Reich der Geister Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Haus der 1000 Türen 2: Das Juwel des Zarathustra Sammleredition (HKLM-x32\...\Haus der 1000 Türen 2: Das Juwel des Zarathustra Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Haus der 1000 Türen Sammleredition (HKLM-x32\...\Haus der 1000 Türen Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3005 - Acer Incorporated)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3005 - Acer Incorporated)
IObit Apps Toolbar v9.4 (HKLM-x32\...\{5FACD482-8CE2-41D5-B05F-9EE67D21ECE7}) (Version: 9.4 - Spigot, Inc.) <==== ATTENTION
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Legend - Legacy Of The Dragons (HKCU\...\Legend - Legacy Of The Dragons (DE)) (Version: 1.9 - Mail.Ru Games GmbH)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.16.20140414 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3008 - Acer Incorporated)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.13.314.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6859 - Realtek Semiconductor Corp.)
Sacra Terra 2: Der Kuss des Todes Sammleredition (HKLM-x32\...\Sacra Terra 2: Der Kuss des Todes Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Sacra Terra: Nacht der Engel Sammleredition (HKLM-x32\...\Sacra Terra: Nacht der Engel Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 8.1.0.17 - WildTangent, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Voodoo Chroniken: Erstes Zeichen Sammleredition (HKLM-x32\...\Voodoo Chroniken: Erstes Zeichen Sammleredition) (Version: 1.0.0.0 - INTENIUM GmbH)
Wise Care 365 2.99 (HKLM-x32\...\Wise Care 365_is1) (Version: 2.99 - WiseCleaner.com, Inc.)

==================== Restore Points  =========================

30-06-2014 10:21:00 Geplanter Prüfpunkt
08-07-2014 01:37:08 Geplanter Prüfpunkt
11-07-2014 07:11:54 Windows Modules Installer
18-07-2014 12:27:43 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03788E86-B7B8-4E63-B551-3C2AD247CFF7} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0622BD4E-1624-4D7D-BBF1-12695E6745F6} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2013-02-27] (Acer Incorporated)
Task: {07771D45-0369-49C2-8A17-1F224FB67EC9} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2611022401-1185657083-2724232758-1001
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {29A36733-D1DF-43DB-9141-740D150877D1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2F947BC4-4262-4BBF-A78F-003E94166000} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {355BFE34-8469-49CC-8BFE-10C6BA036237} - \The weDownload Manager-enabler No Task File <==== ATTENTION
Task: {396993F1-06F6-4B62-8230-4524A7805DE7} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41EB21E1-55BF-49E7-AACB-53FA3FC10FA2} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit)
Task: {420853CD-78F8-4573-9AF9-0D2A2D43AFFD} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4C23CDEF-B252-426C-879E-1AB0BDCEFD0D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {56CAB56C-29F8-49A4-9FBF-356CE766BA30} - System32\Tasks\fsupdate => C:\Program Files (x86)\Flowsurf\fsupd.exe [2014-04-15] ()
Task: {5BD0C2C6-2F41-4ECA-A795-35F9FFFF3BEE} - System32\Tasks\RunAsStdUser_GameCenterMailRu-EU => C:\Users\Lola\AppData\Local\Mail.Ru\GameCenter-EU\gamecenter@mail.ru.exe [2014-06-11] ()
Task: {5FA885F4-7F52-4F6C-8135-60DAC70882C5} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {63D499B3-DCC5-4C9A-A5B7-B77097D5EF33} - \The weDownload Manager-codedownloader No Task File <==== ATTENTION
Task: {659AB603-985B-4C8E-8316-91C7E40A4024} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-01-21] (WiseCleaner.COM)
Task: {667938BF-64DB-47F6-B61D-555C33829F76} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit)
Task: {679929BC-487F-4EEB-A1C2-86B1B45E9135} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-06-13] ()
Task: {694A34E4-F5AC-4818-85F4-10DEFB91478C} - \The weDownload Manager-chromeinstaller No Task File <==== ATTENTION
Task: {694AEFB2-C1B3-40CE-B1D8-E67D97FA6348} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {744877A2-28E3-435A-9CE9-F70A68FBA20D} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-06-06] (IObit)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7AFFDBD5-D60B-4A99-8B48-239CEA06206E} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {82289AA5-EA75-4D97-B43B-D731687B4F30} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-06-07] (IObit)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8C197F2F-7907-4B64-A1D3-20D2AA22695B} - \The weDownload Manager-firefoxinstaller No Task File <==== ATTENTION
Task: {8C85203C-0983-4E97-A28F-9134C25861C2} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {93BE7CD1-ECFD-4235-9350-09EF10809A57} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {9CB31A68-86B3-4E17-BF5C-57B535DF3F3B} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C1317186-1346-44AB-92EA-C5635A789E8C} - System32\Tasks\ASC7_SkipUac_Lola => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-05-28] (IObit)
Task: {C53E619E-1F73-4BD8-8D8E-F263A59F2C3D} - \The weDownload Manager-updater No Task File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E26439DF-BDA4-4A64-811C-3BC9826F45AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-18] (Google Inc.)
Task: {E2C41E52-73D6-45BE-AA6A-84316EF4DA4C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-18] (Google Inc.)
Task: {E5766170-AD65-476C-9283-F466803F357C} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-03-10] (IObit)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EB85D3CB-FCE5-40BB-B285-CEB018C61702} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-05-06] (IObit)
Task: {FB46942C-D91E-4919-80C5-158CD0AE790F} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-02-22] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC7_SkipUac_Lola.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2014-05-23 12:28 - 2014-05-23 12:28 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-07-01 14:26 - 2014-07-01 14:26 - 00596480 _____ () C:\Users\Lola\AppData\Local\ContextFree\nvcmd.exe
2013-12-05 14:35 - 2013-02-20 23:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-06-07 15:12 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-07-15 12:17 - 2014-06-06 13:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-07-15 12:17 - 2014-06-06 13:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-07-15 12:17 - 2014-06-06 13:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-06-07 16:12 - 2012-09-05 18:55 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2014-06-07 15:12 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-06-07 15:12 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-06-07 15:12 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-06-07 15:12 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2014-06-17 10:12 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-06-17 10:12 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-06-17 10:12 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-06-17 10:12 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-06-17 10:12 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-06-17 10:12 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-06-17 10:12 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2014-06-07 15:12 - 2013-12-02 19:06 - 01281312 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\Scan.dll
2014-07-15 12:17 - 2014-06-06 13:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Freya\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Lola\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Thomas\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: GameCenterMailRu-EU => "c:\users\lola\appdata\local\mail.ru\gamecenter-eu\gamecenter@mail.ru.exe" -autostart

==================== Faulty Device Manager Devices =============

Name: CIF Single Chip     
Description: CIF Single Chip     
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2014 05:31:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (07/19/2014 05:31:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (07/19/2014 05:31:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17039, Zeitstempel: 0x53156588
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000005280fd8
ID des fehlerhaften Prozesses: 0x1084
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (07/19/2014 05:26:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (07/19/2014 00:55:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (07/19/2014 10:03:08 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (07/19/2014 07:51:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (07/18/2014 03:36:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (07/18/2014 02:57:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (07/18/2014 09:42:21 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.


System errors:
=============
Error: (07/19/2014 09:54:55 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4FD21B26-2BAF-4176-9FAA-AAB65B3D1761}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/19/2014 07:42:41 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4FD21B26-2BAF-4176-9FAA-AAB65B3D1761}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/18/2014 10:17:43 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4FD21B26-2BAF-4176-9FAA-AAB65B3D1761}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/18/2014 08:56:35 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4FD21B26-2BAF-4176-9FAA-AAB65B3D1761}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/18/2014 02:25:57 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4FD21B26-2BAF-4176-9FAA-AAB65B3D1761}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/18/2014 10:16:31 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4FD21B26-2BAF-4176-9FAA-AAB65B3D1761}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/18/2014 00:21:32 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4FD21B26-2BAF-4176-9FAA-AAB65B3D1761}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/17/2014 08:39:10 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4FD21B26-2BAF-4176-9FAA-AAB65B3D1761}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/17/2014 04:56:48 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4FD21B26-2BAF-4176-9FAA-AAB65B3D1761}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/17/2014 09:44:04 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4FD21B26-2BAF-4176-9FAA-AAB65B3D1761}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (07/19/2014 05:31:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (07/19/2014 05:31:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (07/19/2014 05:31:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1703953156588unknown0.0.0.000000000c00000050000000005280fd8108401cfa3264d65d5cfC:\WINDOWS\Explorer.EXEunknownbaef9508-0f59-11e4-bebf-f80f41a03396

Error: (07/19/2014 05:26:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (07/19/2014 00:55:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (07/19/2014 10:03:08 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (07/19/2014 07:51:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (07/18/2014 03:36:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (07/18/2014 02:57:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (07/18/2014 09:42:21 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 7613.49 MB
Available physical RAM: 5615.26 MB
Total Pagefile: 8829.49 MB
Available Pagefile: 5843.15 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:455.25 GB) (Free:385.11 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.11 GB) (Free:454.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 651131BF)

Partition: GPT Partition Type.

==================== End Of Log ============================
Gmer
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-19 18:13:01
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000026 WDC_WD10EZEX-22RKKA0 rev.80.00A80 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Lola\AppData\Local\Temp\kgldypog.sys


---- Kernel code sections - GMER 2.1 ----

.text    C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                                                                           fffff96000199600 15 bytes [00, F8, 09, 02, 80, 32, 72, ...]
.text    C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16                                                                                                      fffff96000199610 11 bytes [00, BC, FB, FF, 00, 77, B2, ...]

---- User code sections - GMER 2.1 ----

.text    C:\WINDOWS\system32\atiesrxx.exe[988] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                              00007fff1dd2169a 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\atiesrxx.exe[988] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                              00007fff1dd216a2 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\atiesrxx.exe[988] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                 00007fff1dd2181a 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\atiesrxx.exe[988] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                 00007fff1dd21832 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[540] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                              00007fff1dd2169a 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[540] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                              00007fff1dd216a2 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[540] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                 00007fff1dd2181a 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\atieclxx.exe[540] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                 00007fff1dd21832 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\taskhostex.exe[1972] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                           00007fff1dd2169a 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\taskhostex.exe[1972] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                           00007fff1dd216a2 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\taskhostex.exe[1972] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                              00007fff1dd2181a 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\system32\taskhostex.exe[1972] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                              00007fff1dd21832 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\Explorer.EXE[2080] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                      00007fff1dd2169a 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\Explorer.EXE[2080] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                      00007fff1dd216a2 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\Explorer.EXE[2080] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                         00007fff1dd2181a 4 bytes [D2, 1D, FF, 7F]
.text    C:\WINDOWS\Explorer.EXE[2080] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                         00007fff1dd21832 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe[2352] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                              00007fff1dd2169a 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe[2352] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                              00007fff1dd216a2 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe[2352] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                 00007fff1dd2181a 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe[2352] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                 00007fff1dd21832 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[3380] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                              00007fff1dd2169a 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[3380] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                              00007fff1dd216a2 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[3380] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                 00007fff1dd2181a 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[3380] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                 00007fff1dd21832 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3916] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506              00007fff1dd2169a 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3916] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514              00007fff1dd216a2 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3916] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                 00007fff1dd2181a 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3916] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                 00007fff1dd21832 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[1244] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                    00007fff1dd2169a 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[1244] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                    00007fff1dd216a2 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[1244] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                       00007fff1dd2181a 4 bytes [D2, 1D, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[1244] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                       00007fff1dd21832 4 bytes [D2, 1D, FF, 7F]

---- Threads - GMER 2.1 ----

Thread   C:\WINDOWS\system32\csrss.exe [536:572]                                                                                                                   fffff96000897b90
Thread   C:\WINDOWS\system32\svchost.exe [272:2320]                                                                                                                00007fff0b336cb4
Thread   C:\WINDOWS\system32\svchost.exe [272:2632]                                                                                                                00007fff169f5340
Thread   C:\WINDOWS\system32\svchost.exe [1280:3144]                                                                                                               00007fff0e974608
Thread   C:\WINDOWS\system32\svchost.exe [1280:3148]                                                                                                               00007fff0eb31584
Thread   C:\WINDOWS\system32\svchost.exe [1280:3160]                                                                                                               00007fff0e8e1b40
Thread   C:\Windows\System32\SettingSyncHost.exe [2440:2448]                                                                                                       00007fff15fd4b30
---- Processes - GMER 2.1 ----

Process  C:\Users\Lola\AppData\Local\ContextFree\framei.exe (*** suspicious ***) @ C:\Users\Lola\AppData\Local\ContextFree\framei.exe [3524](2014-07-01 12:26:50)  0000000000400000
Process  C:\Users\Lola\AppData\Local\ContextFree\nvcmd.exe (*** suspicious ***) @ C:\Users\Lola\AppData\Local\ContextFree\nvcmd.exe [3568](2                       0000000000400000
Process  C:\Users\Lola\AppData\Local\ContextFree\cntcmd.exe (*** suspicious ***) @ C:\Users\Lola\AppData\Local\ContextFree\cntcmd.exe [3604](2014-07-01 12:26:52)  0000000000400000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                     unknown MBR code

---- EOF - GMER 2.1 ----
Antivir Fund
Code:
ATTFilter
Exportierte Ereignisse:

14.07.2014 21:36 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/Agent.ALJT.1' [adware] 
      gefunden.
      Ausgeführte Aktion: Übergeben an Scanner

 

Themen zu Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird
adware/agent.aljt.1, android/mobserv.a, branding, fast start, pup.optional.amonetize, pup.optional.bundleinstaller.a, pup.optional.crossrider.a, pup.optional.faststart.a, pup.optional.firstseentoday.a, pup.optional.flowsurf.a, pup.optional.qone8, pup.optional.searchprotect.a, pup.optional.spigot.a, pup.optional.websearchs.a, pup.optional.webssearches.a, pup.optional.wedownload.a, pup.optional.wpm.a, win32/conduit.searchprotect.h, win32/conduit.searchprotect.i, win32/conduit.searchprotect.q, win32/elex.ar, win32/mobogenie.a, win32/nextlive.a, win32/thinknice.b, win32/thinknice.d, win64/conduit.searchprotect.a, win64/thinknice.a, windowsapps


« Virenprogramm hat 174 Viren gefunden | Unerwünschte Werbeeinblendungen unter Firefox und Win8 »


Ähnliche Themen: Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird


  1. Windows 7 : Firefox öffnet eigenständig tabs mit Werbung.
    Plagegeister aller Art und deren Bekämpfung - 16.03.2015 (15)
  2. Chrome und Firefox öffnen ständig Werbeseiten,Malwarebytes funktionioniert nicht mehr,auch nicht mit Chameleon
    Log-Analyse und Auswertung - 18.09.2014 (12)
  3. Google Chrome öffnet selbstständig Tabs und Fenster, auch wenn Browser geschlossen
    Plagegeister aller Art und deren Bekämpfung - 02.09.2014 (19)
  4. Firefox öffnet automatisch Tabs und Werbeseiten.
    Plagegeister aller Art und deren Bekämpfung - 07.04.2014 (7)
  5. Windows 8.1 Firefox: Problem mit Werbeseiten, Werbung beim Öffnen eines neuen Tabs
    Log-Analyse und Auswertung - 24.02.2014 (9)
  6. Firefox öffnet sowohl neue Tabs als auch Werbe-Videos selbstständig!
    Log-Analyse und Auswertung - 09.02.2014 (49)
  7. Firefox öffnet eigenständig ein Tab(http://e.ligatus.com/LigatusFallback.gif?ids=34088)
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (1)
  8. Firefox öffnet eigenständig neuen Tab mit folgender Adresse: http://e.ligatus.com/LigatusFallback.gif?ids=34088
    Plagegeister aller Art und deren Bekämpfung - 04.04.2013 (16)
  9. Firefox öffnet eigenständig Tabs mit dem Link http://www.xn--34-jfa70azaif3a3ko249a.com/
    Plagegeister aller Art und deren Bekämpfung - 04.04.2013 (2)
  10. Firefox öffnet eigenständig neuen Tab mit http://e.ligatus.com/LigatusFallback.gif?ids=34088
    Plagegeister aller Art und deren Bekämpfung - 29.03.2013 (1)
  11. Firefox öffnet Tab zu Kreditwerbung oder FIrefox startet auch selbsbt mit der Krditwerbung
    Log-Analyse und Auswertung - 18.01.2012 (1)
  12. Firefox öffnet eigenständig mehrere Fenster mit vielen Taps (keine Werbung)
    Log-Analyse und Auswertung - 26.08.2011 (12)
  13. Nach Hiloti.gen: Firefox öffnet eigenständig Tabs u. Windows automat. Updates schlagen fehl
    Plagegeister aller Art und deren Bekämpfung - 24.08.2010 (15)
  14. Firefox öffnet automatisch neue Tabs (Werbung) NIS meldet sich auch
    Log-Analyse und Auswertung - 30.04.2010 (9)
  15. FIREFOX öffnet immer Firefox Hilfe Tabs
    Mülltonne - 22.12.2008 (0)
  16. Firefox öffnet eigenständig, services.exe hat verursacht hohe Auslastung
    Log-Analyse und Auswertung - 16.10.2007 (1)
  17. Benötigt man BHO's wenn man Firefox verwendet
    Log-Analyse und Auswertung - 17.01.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird - Wie im Titel schon erwähnt, öffnet Firefox derzeit ständig eigenmächtig Fenster/Tabs - auch wenn ich in dem Moment Firefox gar nicht nutzen möchte. (zB wenn ich über ein Spieleclient online - Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird...
Archiv
Du betrachtest: Firefox öffnet eigenständig Werbeseiten in Tabs, auch wenn Firefox grad nicht verwendet wird auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131