|
Log-Analyse und Auswertung: Safe Finder lässt sich nicht entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
01.09.2014, 00:43 | #1 |
| Safe Finder lässt sich nicht entfernen Hallo, bitte um Hilfe beim Entfernen des Safe Finder Virus. Hier die Logfile von FRST: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02 Ran by SabrinaG (administrator) on SABRINA on 01-09-2014 01:36:01 Running from C:\Users\SabrinaG\Downloads Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Spotify Ltd) C:\Users\SabrinaG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\SabrinaG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Akamai Technologies, Inc.) C:\Users\SabrinaG\AppData\Local\Akamai\netsession_win.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Akamai Technologies, Inc.) C:\Users\SabrinaG\AppData\Local\Akamai\netsession_win.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe () C:\Program Files (x86)\AVG Nation toolbar\vprot.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.0.233\AsusWSPanel.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe (AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS) HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Nation toolbar\vprot.exe [2556744 2014-04-28] () HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.0.233\AsusWSPanel.exe [5585216 2013-11-20] (ASUS Cloud Corporation) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1719986186-707622418-130792293-1001\...\Run: [MxDock] => C:\Program Files (x86)\Maxthon\Modules\MxDock\MxDock.exe [2661176 2013-04-10] () HKU\S-1-5-21-1719986186-707622418-130792293-1001\...\Run: [Spotify] => C:\Users\SabrinaG\AppData\Roaming\Spotify\Spotify.exe [4736000 2013-10-06] (Spotify Ltd) HKU\S-1-5-21-1719986186-707622418-130792293-1001\...\Run: [Spotify Web Helper] => C:\Users\SabrinaG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-06] (Spotify Ltd) HKU\S-1-5-21-1719986186-707622418-130792293-1001\...\Run: [Power2GoExpress] => C:\Users\SabrinaG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-06] (Spotify Ltd) HKU\S-1-5-21-1719986186-707622418-130792293-1001\...\Run: [Akamai NetSession Interface] => C:\Users\SabrinaG\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-1719986186-707622418-130792293-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-06-14] (Samsung) HKU\S-1-5-21-1719986186-707622418-130792293-1001\...\Run: [Google Update] => C:\Users\SabrinaG\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-26] (Google Inc.) HKU\S-1-5-21-1719986186-707622418-130792293-1001\...\Run: [GoogleChromeAutoLaunch_E74514E67B1C2582C93DF3E2EA3E6189] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.) HKU\S-1-5-21-1719986186-707622418-130792293-1001\...\MountPoints2: {8fc7efd9-c251-11e2-be72-60a44c773f19} - "F:\LGAutoRun.exe" AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.) Startup: C:\Users\SabrinaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AbholungsClient starten.lnk ShortcutTarget: AbholungsClient starten.lnk -> C:\Program Files (x86)\AbholungsClient\AbholungsClient.bat (No File) Startup: C:\Users\SabrinaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.0.233\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.0.233\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.0.233\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) GroupPolicyUsers\S-1-5-21-1719986186-707622418-130792293-1002\User: Group Policy restriction detected <======= ATTENTION GroupPolicyUsers\S-1-5-21-1719986186-707622418-130792293-1001\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9howJC-fJrapcjwabevn_Tdp3qS6RNZ8WMAFJbn5kswd9KbOvnABGOJniiXXaANHgO-8dsQk1BTLY0LmL6CFi0zQDPBomh4PuVQ6R577IUMbC7LuqAtfmZrYEAvI9UO9nOjqdJExqYHyxGy32KGuCP2HsKoLK-Qx1poRA,,&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9howJC-fJrapcjwabevn_Tdp3qS6RNZ8WMAFJbn5kswd9KbOvnABGOJniiXXaANHgO-8dsQk1BTLY0LmLJ1jIm_Yhua6RsiFBuwGwZJV4csF19-nyZ-02L3vN1MPuoj73Y_pudoMIhJVe8yFoUCYJHHWV9TirrcF5JP-g,, HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9howJC-fJrapcjwabevn_Tdp3qS6RNZ8WMAFJbn5kswd9KbOvnABGOJniiXXaANHgO-8dsQk1BTLY0LmL6CFi0zQDPBomh4PuVQ6R577IUMbC7LuqAtfmZrYEAvI9UO9nOjqdJExqYHyxGy32KGuCP2HsKoLK-Qx1poRA,,&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX&q={searchTerms} SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX&q={searchTerms} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9howJC-fJrapcjwabevn_Tdp3qS6RNZ8WMAFJbn5kswd9KbOvnABGOJniiXXaANHgO-8dsQk1BTLY0LmL6CFi0zQDPBomh4PuVQ6R577IUMbC7LuqAtfmZrYEAvI9UO9nOjqdJExqYHyxGy32KGuCP2HsKoLK-Qx1poRA,,&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9howJC-fJrapcjwabevn_Tdp3qS6RNZ8WMAFJbn5kswd9KbOvnABGOJniiXXaANHgO-8dsQk1BTLY0LmL6CFi0zQDPBomh4PuVQ6R577IUMbC7LuqAtfmZrYEAvI9UO9nOjqdJExqYHyxGy32KGuCP2HsKoLK-Qx1poRA,,&q={searchTerms} SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX&q={searchTerms} SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9howJC-fJrapcjwabevn_Tdp3qS6RNZ8WMAFJbn5kswd9KbOvnABGOJniiXXaANHgO-8dsQk1BTLY0LmL6CFi0zQDPBomh4PuVQ6R577IUMbC7LuqAtfmZrYEAvI9UO9nOjqdJExqYHyxGy32KGuCP2HsKoLK-Qx1poRA,,&q={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9howJC-fJrapcjwabevn_Tdp3qS6RNZ8WMAFJbn5kswd9KbOvnABGOJniiXXaANHgO-8dsQk1BTLY0LmL6CFi0zQDPBomh4PuVQ6R577IUMbC7LuqAtfmZrYEAvI9UO9nOjqdJExqYHyxGy32KGuCP2HsKoLK-Qx1poRA,,&q={searchTerms} SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX&q={searchTerms} SearchScopes: HKCU - {878BC7CA-884A-4059-9262-4967C086732A} URL = hxxp://www.search.ask.com/web?p2=%5EADN%5EOSJ000%5EYY%5EAT&gct=&itbv=12.0.1.100&o=APN10616&tpid=ORJ-V7&apn_uid=935E72E5-E1F1-4692-AB7E-A6039A5B4A8C&apn_ptnrs=ADN&apn_dtid=%5EOSJ000%5EYY%5EAT&apn_dbr=ie_10.0.9200.16537&doi=2013-07-22&trgb=IE&q={searchTerms}&psv= SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://avg.nation.com/avgtbavg/search/web?cid={355393CC-780D-490E-B5EC-6F51275FBA01}&mid=99b00e8fca3f47d39dc2b1ed0a93d6ea-afe969944559fe722802eb926021994ae9c0aaf0&lang=de&ds=AVG&coid=avgtbavg&pr=fr&d=2013-10-08 15:40:34&v=17.0.0.12&pid=nation&sg=0&sap=dsp&q={searchTerms} BHO: SafeFinder SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) BHO: No Name -> {4F524A2D-5637-006A-76A7-7A786E7484D7} -> No File BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: SafeFinder SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: AVG Nation toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Nation toolbar\17.3.0.49\AVG Nation toolbar_toolbar.dll (AVG Secure Search) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\17.3.0.49\AVG Nation toolbar_toolbar.dll (AVG Secure Search) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @unity3d.com/UnityPlayer,version=1.0 -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\SabrinaG\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\SabrinaG\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\SabrinaG\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-11-14] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "about:newtab?source=home", "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-105&v=n8883-118&t=4", "about:newtab", "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_4&ent=hp&u=1BB9E6FF4BDD682E8638B752454DBBB4", "hxxp://www.sweet-page.com/?type=hp&ts=1403290349&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX", "hxxp://www.sweet-page.com/?type=hppp&ts=1404853749&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX", "hxxp://www.sweet-page.com/?type=hppp&ts=1405447084&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX", "hxxp://www.sweet-page.com/?type=hppp&ts=1406570843&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX", "hxxp://www.sweet-page.com/?type=hppp&ts=1407348253&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX", "hxxp://www.sweet-page.com/?type=hppp&ts=1407352309&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX", "hxxp://www.sweet-page.com/?type=hppp&ts=1407518237&from=wld&uid=HitachiXHTS545050A7E380_TM8512ZJ13LW4R13LW4RX", "hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9howJC-fJrapcjwabevn_Tdp3qS6RNZ8WMAFJbn5kswd9KbOvnABGOJniiXXaANHgO-8dsQk1BTLY0LmLJ1jIm_Yhua6RsiFBuwGwZJV4csF19-nyZ-02L3vN1MPuoj73Y_pudoMIhJVe8yFoUCYJHHWV9TirrcF5JP-g,," CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google :cursorPosition}{google:currentPageUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-21] CHR Extension: (Google Drive) - C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-21] CHR Extension: (YouTube) - C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-21] CHR Extension: (Google-Suche) - C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-21] CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-11-15] CHR Extension: (Reise durch Mittelerde) - C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2013-12-12] CHR Extension: (Google Wallet) - C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27] CHR Extension: (Simple Startup Password) - C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojoalkffommhmdmbohjphohoejjmgepc [2013-05-21] CHR Extension: (Google Mail) - C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-21] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08] CHR HKLM-x32\...\Chrome\Extension: [khcceooakamlehbimaepcldnnlnkcmfk] - C:\Program Files (x86)\SaveSense\SaveSense.crx [2014-05-08] CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Nation toolbar\ChromeExt\18.1.0.443\avg.crx [2014-04-28] CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\SabrinaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-20] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2253112 2014-07-14] (AVG) R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2014-07-14] (AVG) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.) R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1793536 2014-04-28] (AVG Secure Search) [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-12] (Fuyu LIMITED) S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-04-28] (AVG Technologies) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [270104 2014-06-30] (AVG Technologies CZ, s.r.o.) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation ) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(www.devguru.co.kr)) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software) S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-01 01:36 - 2014-09-01 01:36 - 00034682 _____ () C:\Users\SabrinaG\Downloads\FRST.txt 2014-09-01 01:35 - 2014-09-01 01:36 - 00000000 ____D () C:\FRST 2014-09-01 01:31 - 2014-09-01 01:31 - 02104832 _____ (Farbar) C:\Users\SabrinaG\Downloads\FRST64.exe 2014-09-01 01:30 - 2014-09-01 01:30 - 01096704 _____ (Farbar) C:\Users\SabrinaG\Downloads\FRST.exe 2014-09-01 01:25 - 2014-09-01 01:27 - 00000478 _____ () C:\Users\SabrinaG\Downloads\defogger_disable.log 2014-09-01 01:25 - 2014-09-01 01:25 - 00000000 _____ () C:\Users\SabrinaG\defogger_reenable 2014-09-01 01:24 - 2014-09-01 01:24 - 00050477 _____ () C:\Users\SabrinaG\Downloads\Defogger.exe 2014-08-27 22:24 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-08-27 22:24 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-08-27 22:24 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-08-22 16:31 - 2014-09-01 00:14 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-08-22 16:30 - 2014-08-22 16:30 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-22 16:30 - 2014-08-22 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-22 16:30 - 2014-08-22 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-22 16:30 - 2014-08-22 16:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-22 16:30 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-08-22 16:30 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-08-22 16:30 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-08-22 16:25 - 2014-08-22 16:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\SabrinaG\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager [1].exe 2014-08-22 16:24 - 2014-08-22 16:24 - 00816064 _____ ( ) C:\Users\SabrinaG\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe 2014-08-21 22:49 - 2014-08-21 22:49 - 00000000 ____D () C:\Users\SabrinaG\AppData\Roaming\Nico Mak Computing 2014-08-21 22:48 - 2014-08-21 22:48 - 04892480 _____ (WinZip International LLC ) C:\Users\SabrinaG\Downloads\wzmp_8 (1).exe 2014-08-19 21:49 - 2014-08-27 16:40 - 00000000 ____D () C:\Program Files (x86)\LPT 2014-08-19 21:49 - 2014-08-19 21:51 - 00002680 _____ () C:\Users\SabrinaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-08-19 21:49 - 2014-08-19 21:51 - 00002633 _____ () C:\Users\SabrinaG\Desktop\Search.lnk 2014-08-19 21:47 - 2014-08-24 23:33 - 00000000 ____D () C:\Users\SabrinaG\AppData\Local\LPT 2014-08-19 21:47 - 2014-08-19 21:47 - 00000000 ____D () C:\Users\SabrinaG\AppData\Local\Smartbar 2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\Users\SabrinaG\AppData\Roaming\0F1F1C2Y1H1P1C0I0T 2014-08-15 06:41 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-08-15 06:41 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-08-15 06:41 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2014-08-15 06:41 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2014-08-15 06:41 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2014-08-15 06:41 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-08-15 06:41 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-08-15 06:41 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2014-08-15 06:41 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2014-08-15 06:40 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2014-08-15 06:40 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-08-15 06:40 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-08-15 06:40 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-08-15 06:40 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-08-15 06:40 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-08-15 06:40 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-08-15 06:40 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-08-15 06:40 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll 2014-08-15 06:40 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll 2014-08-15 06:40 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll 2014-08-15 06:40 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll 2014-08-15 06:40 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll 2014-08-15 06:40 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll 2014-08-15 06:40 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat 2014-08-15 06:40 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys 2014-08-15 06:40 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-08-15 06:40 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2014-08-15 06:40 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2014-08-15 06:40 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2014-08-15 06:40 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2014-08-15 06:40 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2014-08-15 06:40 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2014-08-15 06:40 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2014-08-15 06:40 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2014-08-15 06:40 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2014-08-15 06:40 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2014-08-15 06:40 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2014-08-15 06:40 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2014-08-15 06:40 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2014-08-15 06:40 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2014-08-15 06:40 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll 2014-08-15 06:40 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2014-08-15 06:40 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2014-08-15 06:30 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2014-08-15 06:30 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2014-08-15 06:22 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-08-15 06:22 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-08-15 06:22 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-08-15 06:22 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-08-15 06:22 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-08-15 06:22 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-08-15 06:22 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-08-15 06:22 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-08-15 06:22 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-08-15 06:22 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-08-15 06:22 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-08-15 06:22 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-08-15 06:22 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-08-15 06:22 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-08-15 06:22 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-08-15 06:22 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-08-15 06:22 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-08-15 06:22 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-08-15 06:22 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-08-15 06:22 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-08-15 06:22 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-08-15 06:22 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-08-15 06:22 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-08-15 06:22 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-08-15 06:21 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-08-15 06:21 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-08-15 06:21 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-08-15 06:21 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-08-15 06:21 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-08-15 06:21 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-08-15 06:21 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-15 06:21 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-08-15 06:21 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-08-15 06:21 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-08-15 06:21 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-08-15 06:18 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-08-15 06:18 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-08-15 06:18 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-08-15 06:18 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-08-14 19:44 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2014-08-14 19:44 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2014-08-14 19:44 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll 2014-08-14 19:44 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2014-08-14 19:44 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2014-08-14 19:44 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2014-08-14 19:43 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-08-14 19:43 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-08-14 19:43 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-08-14 19:42 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-08-14 19:38 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-08-14 19:38 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-08-14 19:38 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-08-14 19:38 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-08-14 19:38 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2014-08-14 19:38 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2014-08-14 19:38 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-08-14 19:38 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-08-14 19:38 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-08-14 19:38 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-08-14 19:38 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-08-14 19:38 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-08-14 19:38 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-08-14 19:38 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2014-08-14 19:38 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2014-08-14 19:38 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2014-08-14 19:38 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2014-08-14 19:38 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2014-08-14 19:38 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2014-08-14 19:38 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2014-08-14 19:38 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys 2014-08-14 19:38 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys 2014-08-14 19:38 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe 2014-08-14 19:38 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2014-08-14 19:38 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll 2014-08-14 19:38 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-08-14 19:38 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll 2014-08-14 19:38 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll 2014-08-14 19:38 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-08-14 19:38 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-08-10 18:52 - 2014-08-10 18:52 - 00591309 _____ () C:\Users\SabrinaG\Downloads\Per E-Mail senden P8080037.jpg, P8080038.jpg, P8080041.jpg, P8080042.jpg, P8080043.jpg, P8080044.jpg, P8080047.jpg, P8080048.jpg, P8080052.jpg, P8080054.jpg, P8080035.jpg, P8080036.jpg.zip ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-01 01:36 - 2014-09-01 01:36 - 00034682 _____ () C:\Users\SabrinaG\Downloads\FRST.txt 2014-09-01 01:36 - 2014-09-01 01:35 - 00000000 ____D () C:\FRST 2014-09-01 01:34 - 2013-11-11 02:28 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A971B618-0186-4622-861A-FD96DC1DC237} 2014-09-01 01:32 - 2013-11-10 12:26 - 01535725 _____ () C:\WINDOWS\WindowsUpdate.log 2014-09-01 01:31 - 2014-09-01 01:31 - 02104832 _____ (Farbar) C:\Users\SabrinaG\Downloads\FRST64.exe 2014-09-01 01:30 - 2014-09-01 01:30 - 01096704 _____ (Farbar) C:\Users\SabrinaG\Downloads\FRST.exe 2014-09-01 01:27 - 2014-09-01 01:25 - 00000478 _____ () C:\Users\SabrinaG\Downloads\defogger_disable.log 2014-09-01 01:25 - 2014-09-01 01:25 - 00000000 _____ () C:\Users\SabrinaG\defogger_reenable 2014-09-01 01:25 - 2013-11-10 12:03 - 00000000 ____D () C:\Users\SabrinaG 2014-09-01 01:24 - 2014-09-01 01:24 - 00050477 _____ () C:\Users\SabrinaG\Downloads\Defogger.exe 2014-09-01 01:14 - 2013-05-21 22:20 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1719986186-707622418-130792293-1001 2014-09-01 01:09 - 2014-01-05 20:55 - 00000000 ____D () C:\Users\SabrinaG\AppData\Local\Boss Media 2014-09-01 01:09 - 2014-01-05 20:55 - 00000000 ____D () C:\ProgramData\Boss Media 2014-09-01 01:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-09-01 00:58 - 2014-02-26 21:32 - 00001148 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1719986186-707622418-130792293-1001UA.job 2014-09-01 00:45 - 2013-05-21 22:51 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-01 00:14 - 2014-08-22 16:31 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-08-31 18:36 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-08-31 18:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-08-31 17:55 - 2013-06-13 14:25 - 00000000 ____D () C:\ProgramData\MFAData 2014-08-31 16:41 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-08-31 16:39 - 2013-05-21 22:52 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-08-31 16:39 - 2013-05-21 22:51 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-31 16:38 - 2013-11-11 02:35 - 00000000 ___DO () C:\Users\SabrinaG\SkyDrive 2014-08-31 16:38 - 2013-05-21 22:15 - 00000408 _____ () C:\Users\SabrinaG\AppData\Roaming\sp_data.sys 2014-08-31 16:37 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-08-31 16:37 - 2013-08-22 16:44 - 00484176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-08-31 16:35 - 2013-09-29 21:04 - 00009752 _____ () C:\WINDOWS\PFRO.log 2014-08-31 16:35 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI 2014-08-28 21:35 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-08-27 16:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-08-27 16:40 - 2014-08-19 21:49 - 00000000 ____D () C:\Program Files (x86)\LPT 2014-08-27 16:40 - 2013-10-08 14:53 - 00000000 ____D () C:\Program Files (x86)\AbholungsClient 2014-08-27 16:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions 2014-08-27 16:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-08-27 16:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-08-27 16:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-08-27 16:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-08-26 17:07 - 2013-05-22 06:10 - 00000000 ____D () C:\Users\SabrinaG\AppData\Roaming\HpUpdate 2014-08-24 23:33 - 2014-08-19 21:47 - 00000000 ____D () C:\Users\SabrinaG\AppData\Local\LPT 2014-08-23 10:25 - 2014-06-20 20:53 - 00000000 ____D () C:\ProgramData\IePluginServices 2014-08-23 10:25 - 2014-06-20 20:53 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-08-23 02:42 - 2014-08-27 22:24 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-08-22 16:30 - 2014-08-22 16:30 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-22 16:30 - 2014-08-22 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-22 16:30 - 2014-08-22 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-22 16:30 - 2014-08-22 16:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-22 16:25 - 2014-08-22 16:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\SabrinaG\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager [1].exe 2014-08-22 16:24 - 2014-08-22 16:24 - 00816064 _____ ( ) C:\Users\SabrinaG\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe 2014-08-21 22:49 - 2014-08-21 22:49 - 00000000 ____D () C:\Users\SabrinaG\AppData\Roaming\Nico Mak Computing 2014-08-21 22:48 - 2014-08-21 22:48 - 04892480 _____ (WinZip International LLC ) C:\Users\SabrinaG\Downloads\wzmp_8 (1).exe 2014-08-19 21:51 - 2014-08-19 21:49 - 00002680 _____ () C:\Users\SabrinaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-08-19 21:51 - 2014-08-19 21:49 - 00002633 _____ () C:\Users\SabrinaG\Desktop\Search.lnk 2014-08-19 21:49 - 2013-10-08 15:39 - 00000000 ____D () C:\ProgramData\AVG2014 2014-08-19 21:47 - 2014-08-19 21:47 - 00000000 ____D () C:\Users\SabrinaG\AppData\Local\Smartbar 2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\Users\SabrinaG\AppData\Roaming\0F1F1C2Y1H1P1C0I0T 2014-08-18 20:29 - 2013-05-22 06:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-08-18 20:29 - 2013-05-22 06:09 - 00000000 ____D () C:\Program Files (x86)\HP 2014-08-16 19:41 - 2013-08-16 17:40 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-08-16 19:35 - 2013-05-24 20:37 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-08-16 19:30 - 2014-07-15 19:53 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-08-14 19:35 - 2014-07-09 23:14 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-08-14 19:34 - 2014-07-09 23:14 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-08-14 19:34 - 2014-05-02 11:27 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-08-14 19:34 - 2014-05-02 11:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-08-14 19:34 - 2014-04-23 21:22 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-08-14 19:34 - 2014-04-23 21:22 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-08-14 19:34 - 2014-04-23 21:22 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-08-14 19:34 - 2014-04-23 21:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-08-14 19:34 - 2014-04-23 21:22 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-08-14 19:34 - 2014-04-23 21:22 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-08-14 19:34 - 2014-04-23 21:22 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-08-14 19:34 - 2014-04-23 21:22 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-08-14 19:34 - 2014-04-23 21:22 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-08-14 19:34 - 2014-04-09 19:08 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-08-14 19:34 - 2014-04-09 19:08 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-08-14 19:32 - 2014-04-23 21:22 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-08-14 19:30 - 2014-06-12 17:27 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-08-14 19:26 - 2014-04-01 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-08-14 19:26 - 2013-10-08 15:40 - 00000999 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-08-10 18:52 - 2014-08-10 18:52 - 00591309 _____ () C:\Users\SabrinaG\Downloads\Per E-Mail senden P8080037.jpg, P8080038.jpg, P8080041.jpg, P8080042.jpg, P8080043.jpg, P8080044.jpg, P8080047.jpg, P8080048.jpg, P8080052.jpg, P8080054.jpg, P8080035.jpg, P8080036.jpg.zip 2014-08-07 04:12 - 2014-08-27 22:24 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-08-07 00:38 - 2014-08-14 19:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-08-06 20:03 - 2013-10-13 18:25 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-08-06 20:03 - 2013-10-13 18:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-08-03 09:58 - 2014-02-26 21:32 - 00001096 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1719986186-707622418-130792293-1001Core.job 2014-08-02 07:44 - 2014-08-14 19:38 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-08-02 05:56 - 2014-08-27 22:24 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-08-02 05:11 - 2014-08-14 19:38 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-08-02 02:17 - 2013-08-22 17:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-08-02 02:17 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl Files to move or delete: ==================== C:\ProgramData\SetStretch.exe C:\ProgramData\SetStretch.VBS Some content of TEMP: ==================== C:\Users\SabrinaG\AppData\Local\Temp\DseShExt-x64.dll C:\Users\SabrinaG\AppData\Local\Temp\DseShExt-x86.dll C:\Users\SabrinaG\AppData\Local\Temp\oi_{8071FB57-33B8-41D1-A117-6E6F25D86D31}.exe C:\Users\SabrinaG\AppData\Local\Temp\sdanircmdc.exe C:\Users\SabrinaG\AppData\Local\Temp\sdapskill.exe C:\Users\SabrinaG\AppData\Local\Temp\sdaspwn.exe C:\Users\SabrinaG\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\SabrinaG\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\SabrinaG\AppData\Local\Temp\zoo2trial.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-31 18:16 ==================== End Of Log ============================ Hier die Addition.txt nach dem ersten Scan: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014 02 Ran by SabrinaG at 2014-09-01 01:37:20 Running from C:\Users\SabrinaG\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AbholungsClient (HKLM-x32\...\83E89050-04B3-4B61-B62B-D49D807D107D) (Version: 1.0 - PLOT) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.08 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated) Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.36 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS) ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS) AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4745 - AVG Technologies) AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4745 - AVG Technologies) Hidden AVG Nation toolbar (HKLM-x32\...\AVG Nation toolbar) (Version: 18.1.0.443 - InfoSpace) AVG PC TuneUp 2014 (de-DE) (x32 Version: 14.0.1001.519 - AVG) Hidden AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.519 - AVG) AVG PC TuneUp 2014 (x32 Version: 14.0.1001.519 - AVG) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.) CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.) CyberLink Power2Go (x32 Version: 7.0.0.3625 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Free Documents Pad (HKCU\...\Free Documents Pad) (Version: 1.0 - FreeDocumentsPad) Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.) HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{DF37555F-0259-43DA-B60C-47106FA14AA3}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.) Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.14.20140117 - LG Electronics) LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics) LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.0.5.4000 - Maxthon International Limited) Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation) Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - ) PDF24 Creator 6.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.1 - Tracker Software Products Ltd) Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden SafeFinder Smartbar (HKLM-x32\...\{08CA50B1-98F0-4470-BB6C-B5D0B8C28EFC}) (Version: 11.106.72.18963 - Linkury Ltd.) <==== ATTENTION Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.) SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.16 - ASUS) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Spotify (HKCU\...\Spotify) (Version: 0.9.4.178.g259772ba - Spotify AB) Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{C559DE9F-9451-49E5-9176-316E36192409}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) Unity Web Player (All users) (HKLM-x32\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.0.233 - ASUS Cloud Corporation) Windows Driver Package - ASUS (ATP) Mouse (11/09/2012 1.0.0.153) (HKLM\...\5AB9160B769DD2E134ADCB8010377DECA2479378) (Version: 11/09/2012 1.0.0.153 - ASUS) Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden WindowsProtectManger20.0.0.401 (HKLM-x32\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1719986186-707622418-130792293-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\SabrinaG\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-1719986186-707622418-130792293-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\SabrinaG\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1719986186-707622418-130792293-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\SabrinaG\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1719986186-707622418-130792293-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\SabrinaG\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1719986186-707622418-130792293-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\SabrinaG\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1719986186-707622418-130792293-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\SabrinaG\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1719986186-707622418-130792293-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\SabrinaG\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1719986186-707622418-130792293-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\SabrinaG\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 16-08-2014 17:26:31 Windows Update 18-08-2014 18:27:54 Installed HP Update. 20-08-2014 16:30:36 Removed LPT System Updater Service 28-08-2014 19:34:31 Windows Update 31-08-2014 23:09:58 Removed LPT System Updater Service ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0A17FFD9-08FB-4939-A67E-5E3D26C45007} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {10D94B8E-A97E-4BAD-92FE-678FF952F049} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-21] (Google Inc.) Task: {11DDB4CF-490A-491B-98AB-E9BAFE733197} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1719986186-707622418-130792293-1001UA => C:\Users\SabrinaG\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.) Task: {1A75CBF3-982D-423F-95EB-F9F3A30570A5} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard) Task: {1F84ACDA-30C9-4633-AE79-C4853AEB9DB6} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-06-03] (Maxthon International ltd.) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {20F2B4B7-691B-4033-B89F-7E66805A8C85} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {27FC1164-0549-4ADB-AF6C-CA5D2EF73154} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {36E9C80F-6EBE-49B9-A60E-BDE816CFAC06} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {4428F4C3-61A0-453F-AD26-66909BAD1C11} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS) Task: {491C1F9D-D7B4-41EB-BEB5-6BC130E12EF4} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [2012-11-07] (ASUSTek Computer INC.) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {66ABB9B6-48E8-4B9A-B140-906D5CB43F4A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-07-14] (AVG) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {7783F937-8E34-4C4E-96E2-0091B4368BF8} - \SaveSense No Task File <==== ATTENTION Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {78B69040-0B98-404C-8183-41FCE101E942} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1719986186-707622418-130792293-1001Core => C:\Users\SabrinaG\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-26] (Google Inc.) Task: {86913253-8BBE-424C-BAFC-CA7CB6CDF87A} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {98C72DDC-60AA-4D2D-B227-B97E4DDE33D1} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A8B0181E-5783-4B01-9E73-8DF8E24FF67A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-16] (Microsoft Corporation) Task: {B630C02F-6849-45F9-B700-5615A7EFF544} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.) Task: {C434BBEF-552A-49A5-A732-548CFD7D1AD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {C6C4D37B-D6C5-446B-A4F1-814553F25800} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {CBBD0999-C412-4A76-95DE-219E1E2F0A85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-21] (Google Inc.) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D364D6CC-C68C-4F08-9C94-BC9A6E15286D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {D38D30A8-5ADA-4163-85A0-087A038C8A3A} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.) Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {E85886BC-74A0-4650-A10E-13FB9F1E1E45} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: {EA89C9A8-21B9-490E-B575-26D0C49F4023} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {EEF2BDF1-D2B9-4B74-A612-363F0270A02E} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-11-20] (AsusTek) Task: {F8BF17DE-472A-417D-9D30-5BD0162B1BB8} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1719986186-707622418-130792293-1001Core.job => C:\Users\SabrinaG\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1719986186-707622418-130792293-1001UA.job => C:\Users\SabrinaG\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\SaveSense.job => C:\Users\SabrinaG\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2014-07-14 12:26 - 2014-07-14 12:26 - 00699704 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll 2014-07-14 12:26 - 2014-07-14 12:26 - 00407864 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tuavga.dll 2014-04-28 21:15 - 2014-04-28 21:15 - 00158536 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe 2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2012-12-14 03:42 - 2012-12-14 03:42 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll 2013-02-07 07:41 - 2012-08-16 12:04 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2013-02-07 07:41 - 2012-08-16 12:04 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2014-02-13 17:57 - 2014-04-28 21:15 - 02556744 _____ () C:\Program Files (x86)\AVG Nation toolbar\vprot.exe 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-04-28 21:15 - 2014-04-28 21:15 - 00518472 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll 2012-09-11 16:01 - 2012-09-11 16:01 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2012-05-24 21:19 - 2012-05-24 21:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2011-03-09 14:21 - 2011-03-09 14:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2014-08-15 18:49 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll 2014-08-15 18:49 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll 2012-09-23 21:43 - 2012-09-23 21:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu 2014-08-15 18:49 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll 2014-08-15 18:49 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll 2014-08-15 18:49 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll 2013-02-07 07:39 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2014-07-14 12:21 - 2014-07-14 12:21 - 00611128 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUKernel.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00152888 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUBasic.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00819512 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\MainControls.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00119096 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUTransl.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00129336 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\SchedAgent_2007.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00458040 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\PowerManager.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00278840 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\AppInitialization.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00493368 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\Html.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00449848 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\GR32_D6.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00335672 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUCompression.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00307000 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\ntrtl60.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00307000 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\DEC.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00210744 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\XMLComponents.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00161080 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\PerlRegEx.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00470328 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\SysInfo.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00423224 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\VisControls.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00069944 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxGDIPlusD12.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00044856 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxCoreD12.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00154424 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\cefcomponent.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00144184 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUIcoEngineerDirTree.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00076600 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUShell.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00632632 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUDiskCleanerClass.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 01145144 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxBarD12.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00852280 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\cxLibraryD12.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00055608 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxThemeD12.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00215864 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\ProgramRating.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00068408 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\SysControls.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00489272 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\Traces.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00083256 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUOperaClass.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00047928 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUApplications.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00609080 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\VirtualTreesR.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00033080 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUBase.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00092984 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUApps.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00103224 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUDefragClient.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00962872 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TuningWizard.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00042808 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUSafariClass.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00656184 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\MSI_D6.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00107320 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\Internet.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00207672 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxBarExtItemsD12.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00289080 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\RegCleaner.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00023864 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\IEControl.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00140088 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\CommonForms.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00107320 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUShredder.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00065848 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUIECacheClass.bpl 2014-07-14 12:22 - 2014-07-14 12:22 - 00016184 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxComnD12.bpl 2014-07-14 12:21 - 2014-07-14 12:21 - 00042808 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TURar.bpl 2014-08-15 18:49 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\SabrinaG\SkyDrive:ms-properties AlternateDataStreams: C:\Users\vanes_000\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKCU\...\StartupApproved\Run: => "Spotify" HKCU\...\StartupApproved\Run: => "KiesAirMessage" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/01/2014 01:27:55 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (09/01/2014 01:18:46 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI39BA.tmp Error: (09/01/2014 01:18:45 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI2036.tmp Error: (09/01/2014 01:14:33 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI5A53.tmp Error: (09/01/2014 01:14:31 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI5532.tmp Error: (09/01/2014 01:09:52 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI126C.tmp Error: (09/01/2014 01:09:51 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSIEA33.tmp Error: (08/31/2014 10:05:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1156 Error: (08/31/2014 10:05:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1156 Error: (08/31/2014 10:05:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (08/31/2014 10:05:42 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (08/31/2014 08:00:06 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (08/31/2014 04:37:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/31/2014 04:32:51 PM) (Source: DCOM) (EventID: 10010) (User: SABRINA) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (08/31/2014 04:32:51 PM) (Source: DCOM) (EventID: 10010) (User: SABRINA) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (08/31/2014 04:32:51 PM) (Source: DCOM) (EventID: 10010) (User: SABRINA) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (08/31/2014 04:32:51 PM) (Source: DCOM) (EventID: 10010) (User: SABRINA) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (08/31/2014 04:32:51 PM) (Source: DCOM) (EventID: 10010) (User: SABRINA) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (08/31/2014 04:32:49 PM) (Source: DCOM) (EventID: 10010) (User: SABRINA) Description: Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.4 Error: (08/31/2014 04:32:49 PM) (Source: DCOM) (EventID: 10010) (User: SABRINA) Description: Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.4 Microsoft Office Sessions: ========================= Error: (09/01/2014 01:27:55 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe Error: (09/01/2014 01:18:46 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI39BA.tmp (NULL)(NULL)(NULL)(NULL)(NULL) Error: (09/01/2014 01:18:45 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI2036.tmp (NULL)(NULL)(NULL)(NULL)(NULL) Error: (09/01/2014 01:14:33 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI5A53.tmp (NULL)(NULL)(NULL)(NULL)(NULL) Error: (09/01/2014 01:14:31 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSI5532.tmp (NULL)(NULL)(NULL)(NULL)(NULL) Error: (09/01/2014 01:09:52 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationFailed, entry: InstallationFailed, library: C:\WINDOWS\Installer\MSI126C.tmp (NULL)(NULL)(NULL)(NULL)(NULL) Error: (09/01/2014 01:09:51 AM) (Source: MsiInstaller) (EventID: 11723) (User: SABRINA) Description: Product: SafeFinder Smartbar -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action InstallationStartUninstall, entry: InstallationStartUninstall, library: C:\WINDOWS\Installer\MSIEA33.tmp (NULL)(NULL)(NULL)(NULL)(NULL) Error: (08/31/2014 10:05:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1156 Error: (08/31/2014 10:05:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1156 Error: (08/31/2014 10:05:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz Percentage of memory in use: 46% Total physical RAM: 3979.68 MB Available physical RAM: 2137.41 MB Total Pagefile: 5259.68 MB Available Pagefile: 2911.82 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:133.94 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:257.98 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 04A53D1B) Partition: GPT Partition Type. ==================== End Of Log ============================ |
01.09.2014, 00:48 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Safe Finder lässt sich nicht entfernen Hallo und
__________________Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
Themen zu Safe Finder lässt sich nicht entfernen |
akamai, antivirus, bonjour, browser, cid, desktop, e-mail, entfernen, error, failed, fehler, google, homepage, linkury, logfile, mozilla, newtab, problem, realtek, registry, required, rundll, secure search, security, senden, software, spotify web helper, svchost.exe, system, tracker, vtoolbarupdater, windows, windowsprotectmanger |