Angst vor Trojaner

t0dy · 20.11.2014, 17:43

Guten Abend, ich habe diese Email bekommen und bin durch euch darauf aufmerksam geworden das dort viele Trojaner unterwegs sind, außerdem habe ich bei keinem dieser Anbieter ein Netz.

Ich bekam so eine mail schon mal vor ein paar wochen die ich damals geöffnet hatte, seitdem läuft mein Laptop sehr langsam, kann das daran liegen und wenn ja wie kann ich das bereinigen?
Bin eine Absoloute Null in Sachen Pc muss ich noch anmerken

lg
tody

Alle Spam-Nachrichten jetzt löschen (Nachrichten, die länger als 30 Tage in "Spam" waren, werden automatisch gelöscht.)
Nicht markiert
1&1 De-Mail-Kundenservice
1&1 De-Mail - Ihre Rechnung 137543000210525 vom 20.11.2014 - Rechnung 1&1 Kundenservice Guten Tag, heute erhalten Sie Ihre Rechnung vom 20.11.2014. Sie finden
12:34
Nicht markiert
b.hofmann, ich (2)
Ihre Festnetz-Rechnung für November 2014 - Am 12. November 2014 09:28 schrieb Vodafone D2 <
18. Nov.
Nicht markiert
rechnungonline@telekom.de
Rechnung 17.11.2014 Nr. 832090 - Sehr geehrte Kundin, sehr geehrter Kunde, mit dieser E-Mail erhalten Sie Ihre aktuelle Rechnung. Die
17. Nov.

schrauber · 20.11.2014, 17:51

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

t0dy · 20.11.2014, 18:27

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014
Ran by t0dy (administrator) on TODY on 20-11-2014 18:19:03
Running from C:\Users\t0dy\Downloads
Loaded Profile: t0dy (Available profiles: t0dy)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
() C:\Program Files (x86)\Opera\25.0.1614.71\opera_crashreporter.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\msm\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\mcupdmgr.exe
(McAfee, Inc.) C:\Program Files\mcafee\mqs\QcShm.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\25.0.1614.71\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-17] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\Run: [iLivid] => "C:\Users\t0dy\AppData\Local\iLivid\iLivid.exe" -autorun
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22066272 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: E - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: F - "F:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {535fe569-fca2-11e3-825a-b8ee651ab1db} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {535fe5f2-fca2-11e3-825a-b8ee651ab1db} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {535fe62b-fca2-11e3-825a-b8ee651ab1db} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {535fe677-fca2-11e3-825a-b8ee651ab1db} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {563ff7a8-161d-11e4-825e-3065ec3ed1e1} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {563ffbe3-161d-11e4-825e-3065ec3ed1e1} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {94161118-fbea-11e3-8257-b8ee651ab1db} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {c5076a6e-02f5-11e4-825c-3065ec3ed1e1} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df264ccd-fca3-11e3-825b-b8ee651ab1db} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df264f8f-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df264ff7-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df265218-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df26524c-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df265295-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\MountPoints2: {df2652c0-fca3-11e3-825b-3065ec3ed1e1} - "E:\AutoRun.exe" 
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms}
SearchScopes: HKLM -> {8480F444-F744-48B3-BF4F-552CD3CC4112} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms}
SearchScopes: HKLM-x32 -> {8480F444-F744-48B3-BF4F-552CD3CC4112} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> DefaultScope {17113864-241D-4842-BE3B-E0E992F93D38} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=M99D971FB-F41E-4B3C-A8EC-A6D08FC14B58&SearchSource=58&CUI=&UM=5&UP=SPC2CC06E3-D37F-4C7B-94A9-F4EF0F2CBF4C&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> {17113864-241D-4842-BE3B-E0E992F93D38} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403632001&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511291116} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Users\t0dy\Desktop\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Users\t0dy\Desktop\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\..\Interfaces\{2C9698EB-3FED-4D59-818D-89B22BB09C0A}: [NameServer] 139.7.30.125 139.7.30.126
Tcpip\..\Interfaces\{F3F5A87B-4C8D-4D5C-8A77-DC1BF6BE72C6}: [NameServer] 139.7.30.125 139.7.30.126

FireFox:
========
FF ProfilePath: C:\Users\t0dy\AppData\Roaming\Mozilla\Firefox\Profiles\s7qntpv0.default
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Users\t0dy\Desktop\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Users\t0dy\Desktop\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF user.js: detected! => C:\Users\t0dy\AppData\Roaming\Mozilla\Firefox\Profiles\s7qntpv0.default\user.js
FF Extension: Plus-HD-9.1 - C:\Users\t0dy\AppData\Roaming\Mozilla\Firefox\Profiles\s7qntpv0.default\Extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com [2014-06-26]
FF Extension: auto-plugin-checker - C:\Users\t0dy\AppData\Roaming\Mozilla\Firefox\Profiles\s7qntpv0.default\Extensions\auto-plugin-checker@jetpack.xpi [2014-06-25]
FF Extension: Adblock Plus - C:\Users\t0dy\AppData\Roaming\Mozilla\Firefox\Profiles\s7qntpv0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-25]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-09-06]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-09-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.sweet-page.com/?type=hppp&ts=1404084919&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hppp&ts=1404084919&from=adks&uid=WDCXWD10JPVX-22JC3T0_WD-WX21AC37424274242"
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSearchURL: Default -> hxxp://de.search.yahoo.com/search?fr=mcafee&type=A211DE662&p={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Plus-HD-9.1) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe [2014-06-25]
CHR Extension: (Google Docs) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-26]
CHR Extension: (Google Drive) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (YouTube) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-26]
CHR Extension: (Google-Suche) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-26]
CHR Extension: (Avast Online Security) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-26]
CHR Extension: (Google Wallet) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-26]
CHR Extension: (Google Mail) - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-20]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-24]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\t0dy\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0306391416439666mcinstcleanup; C:\Windows\TEMP\030639~1.EXE [827456 2012-01-09] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-24] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-24] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-24] (globalUpdate) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 Update SpadeCast; "C:\Program Files (x86)\SpadeCast\updateSpadeCast.exe" [X]
S2 Util SpadeCast; "C:\Program Files (x86)\SpadeCast\bin\utilSpadeCast.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-24] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [212992 2014-07-31] (Huawei Technologies Co., Ltd.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64; C:\Windows\System32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys [61112 2014-06-21] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-20 18:19 - 2014-11-20 18:21 - 00030344 _____ () C:\Users\t0dy\Downloads\FRST.txt
2014-11-20 18:18 - 2014-11-20 18:19 - 00000000 ____D () C:\FRST
2014-11-20 18:18 - 2014-11-20 18:18 - 02117120 _____ (Farbar) C:\Users\t0dy\Downloads\FRST64.exe
2014-11-20 03:00 - 2014-11-20 03:05 - 93079061 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e45-sd.mp4
2014-11-20 02:00 - 2014-11-20 02:04 - 102667467 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e46-sd.mp4
2014-11-20 01:55 - 2014-11-20 02:05 - 92547072 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e44-sd.mp4
2014-11-20 01:49 - 2014-11-20 01:55 - 91936753 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e43-sd.mp4
2014-11-20 01:44 - 2014-11-20 01:49 - 94815120 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e42-sd.mp4
2014-11-20 01:37 - 2014-11-20 01:44 - 95504203 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e41-sd.mp4
2014-11-19 21:30 - 2014-11-19 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-19 16:14 - 2014-11-19 16:15 - 00793680 _____ () C:\Windows\Minidump\111914-30250-01.dmp
2014-11-19 16:14 - 2014-11-19 16:14 - 807020734 _____ () C:\Windows\MEMORY.DMP
2014-11-19 16:14 - 2014-11-19 16:14 - 00000000 ____D () C:\Windows\Minidump
2014-11-18 22:24 - 2014-11-18 22:24 - 06078245 _____ () C:\Users\t0dy\Downloads\Sextrack Fotzensaft pur.mp4
2014-11-18 18:19 - 2014-11-18 18:42 - 97945922 _____ () C:\Users\t0dy\Downloads\rsg-anger-management-s02e40-sd.mp4
2014-11-12 00:23 - 2014-11-12 00:23 - 00003172 _____ () C:\Windows\System32\Tasks\{3E97DC6A-F479-4B22-A074-8061D3FBC57A}
2014-11-04 09:46 - 2014-11-04 09:46 - 00015250 _____ () C:\Users\t0dy\Desktop\SH Draxler.odt
2014-10-23 12:35 - 2014-09-29 23:45 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-23 12:35 - 2014-09-29 23:45 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-22 09:48 - 2014-10-09 23:16 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-22 09:48 - 2014-10-08 23:09 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-22 09:48 - 2014-09-19 02:24 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-22 09:48 - 2014-09-05 03:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-10-22 09:48 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-10-22 09:48 - 2014-09-04 00:57 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-10-22 09:48 - 2014-09-04 00:49 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-22 09:47 - 2014-09-13 07:02 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-22 09:47 - 2014-09-13 06:30 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-21 22:30 - 2014-09-27 23:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-21 22:28 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-21 22:28 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-21 22:28 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-21 22:28 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-21 22:28 - 2014-09-08 04:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-21 22:28 - 2014-09-08 02:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-21 22:28 - 2014-09-08 02:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-21 22:28 - 2014-09-08 01:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-21 22:28 - 2014-09-08 01:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-21 22:28 - 2014-09-08 01:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-21 22:28 - 2014-09-08 01:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-21 22:28 - 2014-09-08 01:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-21 22:28 - 2014-09-08 01:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-21 22:28 - 2014-09-08 01:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-21 22:28 - 2014-09-08 00:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-21 22:28 - 2014-09-08 00:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-21 22:28 - 2014-09-08 00:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-21 22:28 - 2014-09-08 00:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-21 22:28 - 2014-08-16 02:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-21 22:28 - 2014-07-24 11:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-10-21 22:27 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-21 22:27 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-21 22:27 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-21 22:27 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-21 22:27 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-21 22:27 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-21 22:27 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-21 22:27 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-21 22:27 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-21 22:27 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-21 22:27 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-21 22:27 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-21 22:27 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-21 22:27 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-21 22:27 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-21 22:27 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-21 22:27 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-21 22:27 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-21 22:27 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-21 22:27 - 2014-09-19 01:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-21 22:27 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-21 22:27 - 2014-09-19 01:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-21 22:27 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-21 22:27 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-21 22:27 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-21 22:27 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-21 22:27 - 2014-08-16 02:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-21 22:27 - 2014-08-16 02:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-21 22:27 - 2014-08-16 02:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-21 22:27 - 2014-08-16 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-21 22:27 - 2014-05-30 10:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-21 22:27 - 2014-05-30 09:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-21 22:25 - 2014-09-13 07:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-21 22:25 - 2014-09-13 06:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-21 22:25 - 2014-08-29 02:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-21 22:25 - 2014-08-29 00:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-21 22:25 - 2014-08-29 00:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-21 22:25 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-10-21 22:25 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-10-21 22:25 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-10-21 22:25 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-10-21 22:25 - 2014-08-23 05:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-10-21 22:25 - 2014-08-23 05:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-10-21 22:25 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-10-21 22:25 - 2014-08-23 05:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-10-21 22:25 - 2014-08-23 05:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-10-21 22:24 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-21 22:24 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-21 22:24 - 2014-08-16 05:08 - 21195616 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-21 22:24 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-10-21 22:24 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-21 22:24 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-10-21 22:24 - 2014-08-16 04:57 - 02498880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-21 22:24 - 2014-08-16 04:57 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-10-21 22:24 - 2014-08-16 04:16 - 18722600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-21 22:24 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-10-21 22:24 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-21 22:24 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-10-21 22:24 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-10-21 22:24 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-21 22:24 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-10-21 22:24 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-10-21 22:24 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-10-21 22:24 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-10-21 22:24 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-10-21 22:24 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-21 22:24 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-10-21 22:24 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-21 22:24 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-10-21 22:24 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-21 22:24 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-10-21 22:24 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-21 22:24 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-10-21 22:24 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-10-21 22:24 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-21 22:24 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-21 22:24 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-21 22:24 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-10-21 22:24 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-21 22:24 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-10-21 22:24 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-21 22:24 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-21 22:24 - 2014-08-01 00:22 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-21 22:24 - 2014-07-24 16:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-10-21 22:24 - 2014-07-24 12:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-10-21 22:24 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-10-21 22:24 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-21 22:24 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-20 18:17 - 2014-06-24 17:43 - 00000000 ____D () C:\Users\t0dy\AppData\Roaming\Skype
2014-11-20 17:59 - 2014-06-26 18:41 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-20 17:50 - 2014-04-07 18:30 - 02065843 _____ () C:\Windows\WindowsUpdate.log
2014-11-20 17:37 - 2014-06-24 18:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-20 17:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-11-20 16:46 - 2014-08-25 04:34 - 00000000 ____D () C:\Users\t0dy\AppData\Local\DSWorkbench
2014-11-20 13:51 - 2014-06-24 17:19 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA769BBC-0E89-4E5D-80BB-4A4DFBC4CF04}
2014-11-20 05:25 - 2014-06-24 23:09 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3170407362-2190225718-3599811896-1001
2014-11-20 05:03 - 2014-06-25 23:56 - 00000000 ____D () C:\Users\t0dy\AppData\Roaming\vlc
2014-11-20 04:42 - 2014-09-01 16:01 - 00000000 ____D () C:\Users\t0dy\Downloads\film
2014-11-20 01:37 - 2014-07-02 21:21 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-11-20 01:35 - 2014-09-01 16:08 - 00000000 ____D () C:\Users\t0dy\Downloads\serie
2014-11-20 00:38 - 2014-06-24 17:33 - 00000922 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-11-20 00:33 - 2014-06-24 17:33 - 00003806 _____ () C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-11.job
2014-11-20 00:33 - 2014-06-24 17:33 - 00003124 _____ () C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-3.job
2014-11-20 00:33 - 2014-06-24 17:33 - 00002228 _____ () C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-4.job
2014-11-20 00:33 - 2014-06-24 17:33 - 00001508 _____ () C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-1.job
2014-11-20 00:33 - 2014-06-24 17:33 - 00001500 _____ () C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-6.job
2014-11-19 22:59 - 2014-06-26 18:41 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-19 22:46 - 2014-04-08 04:14 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-11-19 22:46 - 2014-04-08 04:14 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-11-19 22:46 - 2013-09-06 08:08 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-19 18:38 - 2014-06-24 17:33 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-11-19 16:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-11-19 16:18 - 2014-07-28 07:00 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-11-19 16:17 - 2014-06-24 19:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-19 16:16 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-11-19 16:15 - 2014-06-24 23:02 - 00000000 ____D () C:\Users\t0dy
2014-11-19 16:15 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-19 00:06 - 2014-06-25 23:04 - 00003844 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1403640512
2014-11-19 00:06 - 2014-06-24 17:26 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-19 00:05 - 2014-06-24 21:08 - 00001021 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-11-18 23:38 - 2014-06-24 18:23 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-17 17:43 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-11-17 16:11 - 2013-08-22 15:46 - 00095249 _____ () C:\Windows\setupact.log
2014-11-17 16:05 - 2014-06-24 17:10 - 00000000 ____D () C:\ProgramData\DatacardService
2014-11-17 15:58 - 2014-09-08 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2014-11-17 15:58 - 2014-09-08 20:23 - 00000000 ____D () C:\Program Files (x86)\mIRC
2014-11-17 15:58 - 2014-09-07 21:52 - 00000000 ____D () C:\Users\t0dy\AppData\Roaming\WildTangent
2014-11-17 15:58 - 2014-07-31 07:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
2014-11-17 15:58 - 2014-07-31 07:32 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-11-17 15:58 - 2014-07-22 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-11-17 15:58 - 2014-07-22 00:17 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-11-17 15:58 - 2014-07-21 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-11-17 15:58 - 2014-07-21 00:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-11-17 15:58 - 2014-07-09 05:59 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-17 15:58 - 2014-06-25 21:27 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-17 15:58 - 2014-06-24 23:05 - 00000000 ____D () C:\Users\t0dy\AppData\Local\clear.fi
2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\Windows\system32\Drivers\NARAx64
2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\ProgramData\Symantec
2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\ProgramData\Norton
2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\Program Files (x86)\Symantec
2014-11-17 15:58 - 2014-04-07 19:11 - 00000000 ____D () C:\Program Files (x86)\Norton Online Backup ARA
2014-11-17 15:58 - 2013-09-06 08:08 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-17 15:58 - 2013-09-06 08:07 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-17 15:58 - 2013-09-06 08:07 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-11-17 15:46 - 2014-08-01 11:57 - 00000000 ____D () C:\Users\t0dy\AppData\Roaming\Yahoo!
2014-11-17 15:46 - 2014-07-22 00:23 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-11-17 15:46 - 2014-06-24 17:17 - 00000000 ____D () C:\ProgramData\Mobile Partner
2014-11-17 15:46 - 2013-09-06 08:16 - 00000000 ____D () C:\ProgramData\McAfee
2014-11-17 15:46 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration
2014-11-17 15:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-17 14:59 - 2014-04-07 19:11 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-11-16 22:54 - 2014-06-26 18:41 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 22:54 - 2014-06-26 18:41 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 22:26 - 2013-09-06 07:58 - 00023294 _____ () C:\Windows\PFRO.log
2014-11-12 00:30 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-12 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-11-12 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2014-11-12 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2014-11-12 00:20 - 2014-06-26 18:49 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-12 00:19 - 2014-09-04 00:45 - 00000000 ____D () C:\Users\t0dy\AppData\Local\Adobe
2014-11-08 04:48 - 2014-04-07 18:44 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-11-04 09:46 - 2014-07-03 22:23 - 00000000 ____D () C:\Users\t0dy\Desktop\Filme
2014-10-26 19:01 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-24 21:26 - 2014-06-24 18:47 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-10-23 18:54 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\Skype
2014-10-23 12:32 - 2013-08-22 15:44 - 00363224 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-22 21:56 - 2014-08-30 00:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-22 21:56 - 2013-08-22 20:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-10-22 21:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2014-10-22 21:56 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-10-22 21:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2014-10-22 21:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2014-10-22 21:52 - 2014-06-27 00:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-22 19:17 - 2014-06-26 16:35 - 00000000 ____D () C:\Users\t0dy\AppData\Local\Deployment

Some content of TEMP:
====================
C:\Users\t0dy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3rutlt.dll
C:\Users\t0dy\AppData\Local\Temp\JDSetup130488058623762909.exe
C:\Users\t0dy\AppData\Local\Temp\lowproc.exe
C:\Users\t0dy\AppData\Local\Temp\mirc736.exe
C:\Users\t0dy\AppData\Local\Temp\nsc1243.exe
C:\Users\t0dy\AppData\Local\Temp\nsr6AE5.exe
C:\Users\t0dy\AppData\Local\Temp\nss7C2.exe
C:\Users\t0dy\AppData\Local\Temp\nsvB6B1.exe
C:\Users\t0dy\AppData\Local\Temp\nsw76CD.exe
C:\Users\t0dy\AppData\Local\Temp\nswE49E.tmp.exe
C:\Users\t0dy\AppData\Local\Temp\optprosetup.exe
C:\Users\t0dy\AppData\Local\Temp\stubhelper.dll
C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite12740.dll
C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite27414.dll
C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite32289.dll
C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite50578.dll
C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite59473.dll
C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite65036.dll
C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite80201.dll
C:\Users\t0dy\AppData\Local\Temp\System.Data.SQLite83799.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-14 05:05

==================== End Of Log ============================

--- --- ---

Addidition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2014
Ran by t0dy at 2014-11-20 18:23:01
Running from C:\Users\t0dy\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8101 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.228 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{4465D909-4FA8-86D2-121C-676BB60E63D7}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Download Protect (HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\{132401a7-2006-4342-b43c-ccf5f02c2b01}) (Version:  - Download Protect)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.36 - mIRC Co. Ltd.)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.35 - Huawei Technologies Co.,Ltd)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 25.0.1614.71 (HKLM-x32\...\Opera 25.0.1614.71) (Version: 25.0.1614.71 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Zattoo Live TV (HKU\S-1-5-21-3170407362-2190225718-3599811896-1001\...\6d7aa3e3bf931c56) (Version: 1.0.0.44 - Zattoo Europa AG)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\t0dy\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3170407362-2190225718-3599811896-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

==================== Restore Points  =========================

04-11-2014 22:00:47 Geplanter Prüfpunkt
17-11-2014 07:24:02 Geplanter Prüfpunkt
17-11-2014 14:40:56 Wiederherstellungsvorgang

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C36C3CD-470C-412D-A0DB-38A803532F3C} - System32\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-4 => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-4.exe <==== ATTENTION
Task: {0F797B44-552D-4F98-9CC0-4C71E176CCF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {11064B3D-D813-4831-93F7-3288CC14A9E5} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-26] (Acer Incorporated)
Task: {169FFF7B-4C79-43BB-ADEB-655EF062124A} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-01-15] (Systweak) <==== ATTENTION
Task: {2D4BD8DD-6A73-493C-AB3C-DBF6345E2131} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-09-12] (Acer Incorporated)
Task: {32DFFDBE-6FDD-4230-8007-45D9DFE887B6} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {4B4EF700-22F6-4BA6-AFF2-92192CE19AD7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-18] (Adobe Systems Incorporated)
Task: {546301A8-A38F-4790-8FE8-42EC180792ED} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {566B7660-B965-40DE-AEE5-4E3D72938FA1} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {5F846995-83DC-41BD-964E-5212158849BA} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {8EDCC02D-B897-41D9-B6DD-C3D3C5B4FB2B} - System32\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-11 => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-11.exe <==== ATTENTION
Task: {97990C96-0FB4-4C1E-B510-51154516B0DF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-10-03] (Microsoft Corporation)
Task: {9975FD7C-2FD9-4E52-A254-59B101D47227} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {9A12B064-0A3D-4C35-92AD-C9C39564D92E} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {A821C2D6-B6C4-4A97-A11C-A0EF0BD5B004} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {AA0A4CDD-F139-4C05-9AA4-9DC9CF0BF665} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-24] (AVAST Software)
Task: {B3C89E84-1B42-49DA-B440-569D1FEAFB4A} - System32\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-6 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-novainstaller.exe <==== ATTENTION
Task: {B6F75749-76A0-4CD2-A9FE-27D7F6E146F3} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-24] (globalUpdate) <==== ATTENTION
Task: {C3136A4A-07DF-4487-BE5A-9E054B61BE27} - System32\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-3 => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-3.exe <==== ATTENTION
Task: {D7A9A693-3243-4345-A376-B8860C9E1C66} - System32\Tasks\Opera scheduled Autoupdate 1403640512 => C:\Program Files (x86)\Opera\launcher.exe [2014-11-14] (Opera Software)
Task: {D9606D05-2FF7-422F-9C34-DBAA03FF67CF} - System32\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-1 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-codedownloader.exe <==== ATTENTION
Task: {F56F568E-0ACA-4A7C-A942-C491A2804287} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-24] (globalUpdate) <==== ATTENTION
Task: {FD705265-470B-4C5E-9ED6-94B3F920466F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-1.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-11.job => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-3.job => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-4.job => C:\Program Files (x86)\Plus-HD-9.1\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\9d4977b5-dfca-409f-8a64-56bf5a2a8a81-6.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-novainstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-04-07 19:14 - 2013-07-30 17:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00514048 _____ () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
2013-09-07 00:48 - 2013-09-07 00:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 00:45 - 2013-09-07 00:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 00:52 - 2013-09-07 00:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-11-19 00:05 - 2014-11-19 00:05 - 00500344 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\opera_crashreporter.exe
2014-11-18 17:25 - 2014-11-18 17:25 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\14111802\algo.dll
2014-11-20 16:24 - 2014-11-20 16:24 - 02903040 _____ () C:\Program Files\AVAST Software\Avast\defs\14112000\algo.dll
2014-06-24 19:00 - 2012-07-25 11:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-06-24 19:00 - 2014-01-15 17:53 - 01731312 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-06-24 19:00 - 2012-07-25 11:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2014-11-17 15:20 - 2014-07-31 07:32 - 00427008 _____ () C:\Program Files (x86)\Mobile Partner\core.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00264192 _____ () C:\Program Files (x86)\Mobile Partner\sdk.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00011362 _____ () C:\Program Files (x86)\Mobile Partner\mingwm10.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00043008 _____ () C:\Program Files (x86)\Mobile Partner\libgcc_s_dw2-1.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 02415104 _____ () C:\Program Files (x86)\Mobile Partner\QtCore4.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 09515520 _____ () C:\Program Files (x86)\Mobile Partner\QtGui4.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00382464 _____ () C:\Program Files (x86)\Mobile Partner\Proxy.DLL
2014-11-17 15:20 - 2014-07-31 07:32 - 00218112 _____ () C:\Program Files (x86)\Mobile Partner\Common.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00135168 _____ () C:\Program Files (x86)\Mobile Partner\Trace.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00545280 _____ () C:\Program Files (x86)\Mobile Partner\PluginContainer.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00238080 _____ () C:\Program Files (x86)\Mobile Partner\AtCodec.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00301056 _____ () C:\Program Files (x86)\Mobile Partner\DeviceSrvPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00237568 _____ () C:\Program Files (x86)\Mobile Partner\NetSrvPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00133120 _____ () C:\Program Files (x86)\Mobile Partner\OSDialup.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00159744 _____ () C:\Program Files (x86)\Mobile Partner\XCodec.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00157184 _____ () C:\Program Files (x86)\Mobile Partner\DataServicePlugin.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00176128 _____ () C:\Program Files (x86)\Mobile Partner\CallSrvPlugin.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00264704 _____ () C:\Program Files (x86)\Mobile Partner\AddrBookSrvPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00217600 _____ () C:\Program Files (x86)\Mobile Partner\SmsSrvPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00142336 _____ () C:\Program Files (x86)\Mobile Partner\USSDSrvPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00156672 _____ () C:\Program Files (x86)\Mobile Partner\STKSrvPlugin.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00338432 _____ () C:\Program Files (x86)\Mobile Partner\DeviceAppPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00065536 _____ () C:\Program Files (x86)\Mobile Partner\OSPowerMgr.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00114688 _____ () C:\Program Files (x86)\Mobile Partner\Win7Support.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 01078272 _____ () C:\Program Files (x86)\Mobile Partner\AddrBookPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00670720 _____ () C:\Program Files (x86)\Mobile Partner\SmsAppPlugin.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00550400 _____ () C:\Program Files (x86)\Mobile Partner\CallAppPlugin.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00547840 _____ () C:\Program Files (x86)\Mobile Partner\CallLogSrvPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00158720 _____ () C:\Program Files (x86)\Mobile Partner\NetConnectSrvPlugin.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00211968 _____ () C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00101376 _____ () C:\Program Files (x86)\Mobile Partner\OSAdapt.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00180224 _____ () C:\Program Files (x86)\Mobile Partner\NDISPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00131072 _____ () C:\Program Files (x86)\Mobile Partner\OSNDIS.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 01101824 _____ () C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00278528 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoSrvPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00062976 _____ () C:\Program Files (x86)\Mobile Partner\OSCall.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00538624 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00398336 _____ () C:\Program Files (x86)\Mobile Partner\QtXml4.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00123392 _____ () C:\Program Files (x86)\Mobile Partner\ATR2SMgr.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00184832 _____ () C:\Program Files (x86)\Mobile Partner\XFramePlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00307200 _____ () C:\Program Files (x86)\Mobile Partner\StatusBarMgrPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00117760 _____ () C:\Program Files (x86)\Mobile Partner\LayoutPlugin.dll
2014-11-17 15:20 - 2014-07-31 07:32 - 00441856 _____ () C:\Program Files (x86)\Mobile Partner\DialupUIPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00093184 _____ () C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00333824 _____ () C:\Program Files (x86)\Mobile Partner\NetConnectPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00295424 _____ () C:\Program Files (x86)\Mobile Partner\MenuMgrPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00484352 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoUIExPlugin.dll
2014-07-31 07:32 - 2014-07-31 07:32 - 00209408 _____ () C:\Program Files (x86)\Mobile Partner\ToolBarMgrPlugin.dll
2014-06-24 19:20 - 2014-06-24 19:20 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-19 00:05 - 2014-11-19 00:04 - 00156792 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\message_center_win8.dll
2014-04-07 19:14 - 2013-07-30 17:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2014-11-19 00:05 - 2014-11-19 00:04 - 01310328 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\libglesv2.dll
2014-11-19 00:05 - 2014-11-19 00:04 - 00219256 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\libegl.dll
2014-11-19 00:05 - 2014-11-19 00:05 - 09218168 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\pdf.dll
2014-11-19 00:05 - 2014-11-19 00:04 - 00991864 _____ () C:\Program Files (x86)\Opera\25.0.1614.71\ffmpegsumo.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00113171 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 02396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00268307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00031251 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 11148307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 01248787 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00066579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 02021395 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00100371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00240659 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00076307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00045587 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00060947 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00531475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00708627 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00114195 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00040467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00133139 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 01512467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00296979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00054291 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00189971 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00038419 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00036371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00091667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00291859 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00017939 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 01280019 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00336403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00344595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00198675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00027155 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00015891 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 01371667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00146451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00022035 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00733203 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00026131 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00171027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 10396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00724499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00026643 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00555027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00113683 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00053779 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00016915 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00032275 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00020499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00067091 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2014-02-05 02:32 - 2014-02-05 02:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-02-05 02:31 - 2014-02-05 02:31 - 01496083 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKCU\...\StartupApproved\Run: => "iLivid"
HKCU\...\StartupApproved\Run: => "Messenger (Yahoo!)"

========================= Accounts: ==========================

Administrator (S-1-5-21-3170407362-2190225718-3599811896-500 - Administrator - Disabled)
Gast (S-1-5-21-3170407362-2190225718-3599811896-501 - Limited - Disabled)
t0dy (S-1-5-21-3170407362-2190225718-3599811896-1001 - Administrator - Enabled) => C:\Users\t0dy

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/20/2014 05:30:40 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (11/20/2014 05:30:39 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (11/20/2014 05:30:39 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (11/19/2014 11:06:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/19/2014 04:23:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (11/18/2014 09:19:09 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/17/2014 05:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1188) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU008D1.log.


System errors:
=============
Error: (11/20/2014 04:25:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/20/2014 04:25:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/20/2014 03:26:32 PM) (Source: DCOM) (EventID: 10010) (User: tody)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/20/2014 03:26:02 PM) (Source: DCOM) (EventID: 10010) (User: tody)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/20/2014 01:47:52 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (11/20/2014 05:26:37 AM) (Source: DCOM) (EventID: 10010) (User: tody)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/20/2014 05:26:07 AM) (Source: DCOM) (EventID: 10010) (User: tody)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/19/2014 08:20:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/19/2014 08:20:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (11/19/2014 04:18:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127


Microsoft Office Sessions:
=========================
Error: (11/20/2014 05:30:40 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (11/20/2014 05:30:39 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (11/20/2014 05:30:39 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (11/19/2014 11:06:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/19/2014 04:23:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (11/18/2014 09:37:17 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (11/18/2014 09:19:09 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (11/17/2014 05:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1188SRUJet: C:\Windows\system32\SRU\SRU008D1.log-1811 (0xfffff8ed)


==================== Memory info =========================== 

Processor: AMD A6-5200 APU with Radeon(TM) HD Graphics 
Percentage of memory in use: 86%
Total physical RAM: 3525.01 MB
Available physical RAM: 490.82 MB
Total Pagefile: 10437.01 MB
Available Pagefile: 2650.95 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:914.56 GB) (Free:857.86 GB) NTFS
Drive d: (MANAGER14) (CDROM) (Total:5.85 GB) (Free:0 GB) CDFS
Drive e: (Surfstick) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:662.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5DF1DD61)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3CF250A7)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 21.11.2014, 16:17

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Angst vor Trojaner

Plagegeister aller Art und deren Bekämpfung: Angst vor Trojaner