Windows Vista 32bit : Durchseuchung durch unsachgemäße Nutzung

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-12-2014
Ran by Pia (administrator) on PIA-PC on 13-11-2014 02:08:25
Running from C:\Users\Pia\Desktop
Loaded Profile: Pia (Available profiles: udo & Pia)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\System32\dmwu.exe
() C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
() C:\Program Files\ver6LyricsContainer\i0LyricsContainerpp175.exe
() C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
() C:\Program Files\ver6LyricsContainer\b3LyricsContainero.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\SweetIM.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Updater) C:\ProgramData\Updater\updater.exe
() C:\Users\Pia\AppData\Local\Temp\TasksWatch.exe
() C:\Program Files\Ads Clever\VideoUsage.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Smartbar) C:\Users\Pia\AppData\Local\Smartbar\Application\SnapDo.exe
(Edimax Technology Co., Ltd.) C:\Program Files\EDIMAX\Common\RaUI.exe
(PC Utilities Pro) C:\Program Files\Optimizer Pro\OptProSmartScan.exe
(PC Utilities Pro) C:\Program Files\Optimizer Pro\OptProReminder.exe
() C:\Windows\System32\jmdp\stij.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IeHelper\IeHelper.exe
() C:\Program Files\Ads Clever\ProcessUsage.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ieuser.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [17092608 2009-01-21] (VIA)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [DATAMNGR] => C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE
HKLM\...\Run: [SweetIM] => C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032 2012-05-29] (SweetIM Technologies Ltd.)
HKLM\...\Run: [Sweetpacks Communicator] => C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe                                                                                     
HKLM\...\Run: [Updater] => C:\ProgramData\Updater\Updater.exe [486264 2013-12-18] (Updater)
HKLM\...\Run: [TasksWatch] => C:\Users\Pia\AppData\Local\Temp\TasksWatch.exe [1257600 2014-03-21] () <===== ATTENTION
HKLM\...\Run: [VideoUsage] => C:\Program Files\Ads Clever\VideoUsage.exe [1286784 2014-02-14] ()
HKLM\...\Run: [fst_de_2] => "C:\Program Files\fst_de_2\fst_de_2.exe"
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2940695343-952386912-1787405249-1001\...\Run: [Optimizer Pro] => C:\Program Files\Optimizer Pro\OptProLauncher.exe [134648 2013-10-28] ()
HKU\S-1-5-21-2940695343-952386912-1787405249-1001\...\Run: [NextLive] => C:\Windows\system32\rundll32.exe "C:\Users\Pia\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-2940695343-952386912-1787405249-1001\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
HKU\S-1-5-21-2940695343-952386912-1787405249-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Pia\AppData\Local\Smartbar\Application\SnapDo.exe [29728 2014-05-29] (Smartbar)
HKU\S-1-5-21-2940695343-952386912-1787405249-1001\...\MountPoints2: {5c60f961-cb75-11e1-8e00-806e6f6e6963} - D:\Autorun.exe
AppInit_DLLs: c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll => c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll File Not Found
AppInit_DLLs:  c:\progra~1\optimi~1\optpro~1.dll => c:\Program Files\Optimizer Pro\OptProCrash.dll [4024648 2013-10-29] ()
AppInit_DLLs:  c:\progra~1\suppor~1\suppor~1.dll => c:\Program Files\Supporter\Supporter.dll [4367872 2014-03-21] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Utility.lnk
ShortcutTarget: Wireless Utility.lnk -> C:\Program Files\EDIMAX\Common\RaUI.exe (Edimax Technology Co., Ltd.)
Startup: C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\AZ 6-1.launcher.kids.lnk
ShortcutTarget: AZ 6-1.launcher.kids.lnk -> C:\Program Files\AZ 6-1\Kids\az6-1.launcher.exe ()
Startup: C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\AZ 6-1.launcher.teens.lnk
ShortcutTarget: AZ 6-1.launcher.teens.lnk -> C:\Users\Pia\Desktop\AZ 6-1\Teens\az6-1.launcher.exe (No File)
Startup: C:\Users\udo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AZ 6-1.launcher.teens.lnk
ShortcutTarget: AZ 6-1.launcher.teens.lnk -> C:\Program Files\AZ 6-1\Teens\az6-1.launcher.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-2940695343-952386912-1787405249-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-2940695343-952386912-1787405249-1001] => http=127.0.0.1:14032;https=127.0.0.1:14032
HKU\S-1-5-21-2940695343-952386912-1787405249-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT4z5TYbRaHbeOd7xesig1ffQUpUDM1jjYZzMe8TdAvMztOOYdAXtkWTKlnshaoihqzlMZPzPeydTmhkuIUCcWi1cxnGPtJGU3-PkPJ8vBe4iglKTugSiRCFvLP7mSQw,,
HKU\S-1-5-21-2940695343-952386912-1787405249-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT4z5TYbRaHbeOd7xesig1ffQUpUDM1jjYZzMe8TdAvMztOOYdAXtkWTKlnshaoihqwr0MHBWBfL74CZwjlMjZy-XVkDpFhpv6tfqt4bvapQfm1HUPPzOh5kCdziUL4w,,&q={searchTerms}
HKU\S-1-5-21-2940695343-952386912-1787405249-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT4z5TYbRaHbeOd7xesig1ffQUpUDM1jjYZzMe8TdAvMztOOYdAXtkWTKlnshaoihqwr0MHBWBfL74CZwjlMjZy-XVkDpFhpv6tfqt4bvapQfm1HUPPzOh5kCdziUL4w,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gboxapp.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1387395646&from=tugs&uid=395049983_397234_3824A910
URLSearchHook: [S-1-5-21-2940695343-952386912-1787405249-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT4z5TYbRaHbeOd7xesig1ffQUpUDM1jjYZzMe8TdAvMztOOYdAXtkWTKlnshaoihqwr0MHBWBfL74CZwjlMjZy-XVkDpFhpv6tfqt4bvapQfm1HUPPzOh5kCdziUL4w,,&q={searchTerms}
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT4z5TYbRaHbeOd7xesig1ffQUpUDM1jjYZzMe8TdAvMztOOYdAXtkWTKlnshaoihqwr0MHBWBfL74CZwjlMjZy-XVkDpFhpv6tfqt4bvapQfm1HUPPzOh5kCdziUL4w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2940695343-952386912-1787405249-1001 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT4z5TYbRaHbeOd7xesig1ffQUpUDM1jjYZzMe8TdAvMztOOYdAXtkWTKlnshaoihqwr0MHBWBfL74CZwjlMjZy-XVkDpFhpv6tfqt4bvapQfm1HUPPzOh5kCdziUL4w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2940695343-952386912-1787405249-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT4z5TYbRaHbeOd7xesig1ffQUpUDM1jjYZzMe8TdAvMztOOYdAXtkWTKlnshaoihqwr0MHBWBfL74CZwjlMjZy-XVkDpFhpv6tfqt4bvapQfm1HUPPzOh5kCdziUL4w,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2940695343-952386912-1787405249-1001 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&&st=23
BHO: DP1815 -> {11111111-1111-1111-1111-110411721120} -> C:\Program Files\DP1815\DP1815-bho.dll (mrlmedia)
BHO: Plus-HD-9.5 -> {11111111-1111-1111-1111-110511311166} -> C:\Program Files\Plus-HD-9.5\Plus-HD-9.5-bho.dll (Plus HD)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll ()
BHO: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: LyricsContainer -> {3C61AF1D-4064-D3D5-81AA-7A6584A5014E} -> C:\Program Files\ver6LyricsContainer\175.dll ()
BHO: Easytoshoopa -> {421F6AF0-E75F-73A8-477D-DD55CA50FCCD} -> C:\ProgramData\Easytoshoopa\V9RJ.dll ()
BHO: SaveClicker -> {44A720B7-15CC-3ED1-B86C-5499CFCE2AF9} -> C:\Program Files\SaveClicker\ik3Rh7.dll ()
BHO: Websteroids -> {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} -> C:\ProgramData\Websteroids\IE\common.dll (Creative Island Media, LLC)
BHO: FindBestDeal -> {5a07cd24-5d0a-40ae-8a9a-e6f987f3e8f8} -> C:\ProgramData\FindBestDeal\yawvBHJ6uGtIzf.dll ()
BHO: SaverExtiEnsIOnu -> {5A85AB33-9C92-BCC5-34B4-548B5285A5C2} -> C:\ProgramData\SaverExtiEnsIOnu\U55.dll ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
BHO: savverneat -> {7DE499E7-9990-7141-5E8A-57457FC0032C} -> C:\ProgramData\savverneat\5J8Qj.dll ()
BHO: ValueApps -> {93DBF2BB-A2B3-4683-A92E-57E60751F346} -> C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.)
BHO: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll No File
BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL No File
BHO: DoacsaCeonveRterr -> {A8C51B2B-1FF9-103C-AFF6-470E0CEE25DA} -> C:\ProgramData\DoacsaCeonveRterr\Sly9P.dll ()
BHO: AllCheapPrice -> {ab8f786e-255c-4b3b-b315-e9b589b0e6f5} -> C:\ProgramData\AllCheapPrice\DeSXuil1L9fDBp.dll ()
BHO: savingtooyoou -> {B199488F-6643-527A-0497-02C557B38EC1} -> C:\ProgramData\savingtooyoou\MTq6jxiv.dll ()
BHO: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files\Delta\delta\1.8.22.0\bh\delta.dll No File
BHO: EXoStraSeavinuGs -> {CB735F91-B33C-1CB7-21DE-27BFCA70C825} -> C:\ProgramData\EXoStraSeavinuGs\mK9O9.dll ()
BHO: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO: buenosearch Helper Object -> {F1C81E40-2485-4DB6-8C9D-04BD596B281E} -> C:\Program Files\buenosearch LTD\buenosearch\1.8.28.7\bh\buenosearch.dll (Montiera Technologies LTD)
BHO: BestSavveFoRYou -> {F3486969-139F-4C6B-1FA2-FFB10C5AB5DE} -> C:\ProgramData\BestSavveFoRYou\U6esA.dll ()
BHO: No Name -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} ->  No File
BHO: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
BHO: DealExpress -> {ff789530-a180-4d1b-8108-39aa16a16460} -> C:\ProgramData\DealExpress\9CjCGUMiZMGmJl.dll ()
Toolbar: HKLM - buenosearch Toolbar - {828DC97A-2277-4E10-92A9-4907FA0922A9} - C:\Program Files\buenosearch LTD\buenosearch\1.8.28.7\buenosearchTlbr.dll (Montiera Technologies LTD)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default
FF NewTab: hxxp://www.sweetpacks-search.com/?barid=&src=97&&st=23
FF SearchEngineOrder.1: Search The Web(ominent)
FF Homepage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT4z5TYbRaHbeOd7xesig1ffQUpUDM1jjYZzMe8TdAvMztOOYdAXtkWTKlnshaoihqzlMZPzPeydTmhkuIUCcWi1cxnGPtJGU3-PkPJ8vBe4iglKTugSiRCFvLP7mSQw,,
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQwbi612RKJWHCxBDMVBPQX4kSuhANOGbPwQXg1x7VadmA7H3GKT4z5TYbRaHbeOd7xesig1ffQUpUDM1jjYZzMe8TdAvMztOOYdAXtkWTKlnshaoihqwr0MHBWBfL74CZwjlMjZy-XVkDpFhpv6tfqt4bvapQfm1HUPPzOh5kCdziUL4w,,&q=
FF SelectedSearchEngine: Web Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2940695343-952386912-1787405249-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )
FF user.js: detected! => C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\user.js
FF SearchPlugin: C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\searchplugins\bing-.xml
FF SearchPlugin: C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\searchplugins\Sweetpacks Search.xml
FF SearchPlugin: C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\searchplugins\Web Search.xml
FF Extension: Widget context - C:\Users\Pia\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-02-07]
FF Extension: LyricsContainer - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\128 [2013-08-18]
FF Extension: LyricsContainer - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\133 [2013-09-11]
FF Extension: DP1815 - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\858a779a-4bec-47f4-ac06-ed86e2daad75@d82626c3-adcb-475b-b77d-9a1e67c4fd2a(34).com [2014-03-08]
FF Extension: SaveClicker - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\aouo8g5s@aey-kho.co.uk [2014-03-21]
FF Extension: Fast Start - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\faststartff@gmail.com [2014-09-18]
FF Extension: BuenoSearch - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\ffxtlbr@buenosearch.com [2014-04-20]
FF Extension: Funmoods.com - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\ffxtlbr@funmoods.com [2012-12-04]
FF Extension: Ominent - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\ffxtlbr@ominent.com [2013-11-11]
FF Extension: Websteroids - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\support@websteroidsapp.com [2014-01-06]
FF Extension: Searchqu Toolbar - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012-08-27]
FF Extension: Amazon 1Button App for Firefox - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\abb@amazon.com.xpi [2014-09-24]
FF Extension: Bing Search for Firefox - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\firefoxbingsearch.full@microsoft.com.xpi [2014-02-28]
FF Extension: Yontoo - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\plugin@yontoo.com.xpi [2013-02-26]
FF Extension: Funmoods - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi [2013-09-20]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-10-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-08-10]
FF HKLM\...\Firefox\Extensions: [ext@flash-Enhancer.com] - C:\Program Files\AmiExt\flashEnhancer\ff
FF HKLM\...\Firefox\Extensions: [ext@flashenhancer.com] - C:\Program Files\AmiExt\flashEnhancer\ff
FF HKU\S-1-5-21-2940695343-952386912-1787405249-1001\...\Firefox\Extensions: [{78E45DCB-CAAF-D4DB-5CD7-597E4EEEBB89}] - C:\Program Files\ver6LyricsContainer\175.xpi
FF Extension: No Name - C:\Users\Pia\AppData\Roaming\Mozilla\Firefox\Profiles\0cw0l3y5.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [Not Found]
FF Extension: No Name - C:\Program Files\ver6LyricsContainer\175.xpi [Not Found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (\x4cyr\x69csConta\x69n\x65\x72) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfmigjiaapipflmopkaaooigcjjdojh [2013-08-18]
CHR Extension: (PriceGong) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2013-11-11]
CHR Extension: (No Name) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjllbogbaogimpilgdginhalhhbmhiob [2014-01-25]
CHR Extension: (SaveClicker) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mejaadpnmdpppnhhdkbaeopkejcbnbcg [2014-03-21]
CHR Extension: (LyricsContainer) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgfjljkdgefhpbkhhpmbbljfodnoohae [2014-08-03]
CHR Extension: (Plus-HD-9.5) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnkgiapbjhdboldbhkagdodklkphaip [2014-04-20]
CHR Extension: (Widget context) - C:\Users\Pia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp [2014-02-07]
CHR HKLM\...\Chrome\Extension: [acfoobbgoakpihljnfedbcfaipcdlfhk] - No Path
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pia\AppData\Local\funmoods.crx [2012-12-02]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pia\AppData\Local\funmoods-speeddial_sf.crx [2012-12-02]
CHR HKLM\...\Chrome\Extension: [ehmnjgkmbpbohelngpclcdhgochdeoej] - C:\Program Files\AmiExt\flashEnhancer\ch\flashEnhancer.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [licjnkifamhpbaefhdpacpmihicfbomb] - C:\Program Files\PricePeep\pricepeep.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files\Yontoo\YontooLayers.crx [Not Found]
CHR HKU\S-1-5-21-2940695343-952386912-1787405249-1001\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pia\AppData\Local\funmoods.crx [2012-12-02]
CHR HKU\S-1-5-21-2940695343-952386912-1787405249-1001\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pia\AppData\Local\funmoods-speeddial_sf.crx [2012-12-02]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 40030ae4; c:\Program Files\Supporter\SupporterSvc.dll [179536 2014-03-21] () [File not signed]
R2 ca82e1a5; c:\Program Files\Optimizer Pro\OptProCrashSvc.dll [192664 2013-12-18] ()
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1488176 2013-12-29] ()
R2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [40448 2013-12-06] () [File not signed]
R2 LyricsContainer; C:\Program Files\ver6LyricsContainer\i0LyricsContainerpp175.exe [162304 2014-08-03] () [File not signed]
R2 RalinkRegistryWriter; C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe [53760 2007-12-26] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [277544 2009-01-19] (Protect Software GmbH)
R3 netr73; C:\Windows\System32\DRIVERS\netr73.sys [489984 2008-01-16] (Ralink Technology, Corp.) [File not signed]
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [975872 2009-01-11] (VIA Technologies, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 02:08 - 2014-11-13 02:08 - 00024118 _____ () C:\Users\Pia\Desktop\FRST.txt
2014-11-13 02:08 - 2014-11-13 02:08 - 00000000 ____D () C:\FRST
2014-11-13 02:07 - 2014-12-06 14:47 - 01110016 _____ (Farbar) C:\Users\Pia\Desktop\FRST.exe
2014-11-13 02:07 - 2014-12-06 14:47 - 00380416 _____ () C:\Users\Pia\Desktop\Gmer-19357(2).exe
2014-11-13 02:07 - 2014-11-13 02:08 - 00000468 _____ () C:\Users\Pia\Desktop\defogger_disable.log
2014-11-13 02:07 - 2014-11-13 02:07 - 00000000 _____ () C:\Users\Pia\defogger_reenable
2014-11-13 02:07 - 2014-10-20 14:17 - 00050477 _____ () C:\Users\Pia\Desktop\Defogger.exe
2014-11-11 22:32 - 2014-11-11 22:32 - 00000000 ____D () C:\ProgramData\DealExpress
2014-11-11 22:00 - 2014-11-11 22:00 - 00000949 _____ () C:\Users\Pia\Desktop\Internet Explorer.lnk
2014-11-10 17:15 - 2014-11-10 17:15 - 00000000 ____D () C:\ProgramData\Ads Remover
2014-11-03 19:26 - 2014-11-03 19:26 - 00000000 ____D () C:\ProgramData\AllCheapPrice
2014-11-03 17:26 - 2014-11-03 19:24 - 00002631 _____ () C:\Users\Pia\Desktop\Microsoft Office Word 2007.lnk
2014-11-03 17:11 - 2014-11-03 17:11 - 00000000 ____D () C:\ProgramData\FindBestDeal
2014-11-02 16:26 - 2014-11-03 19:19 - 00000000 ____D () C:\ProgramData\SaveLoTs
2014-11-02 16:13 - 2014-11-02 16:17 - 00000000 ____D () C:\Users\udo\AppData\Roaming\System Speedup
2014-11-02 16:13 - 2014-11-02 16:13 - 00000000 ____D () C:\Users\udo\AppData\Local\fst_de_2
2014-11-02 15:48 - 2014-11-02 15:48 - 00000000 ____D () C:\Users\udo\Documents\RegistryDr
2014-11-02 15:39 - 2014-11-02 15:39 - 00000000 ____D () C:\Program Files\ShopDrop
2014-11-02 15:35 - 2014-11-02 15:35 - 00000000 ____D () C:\Users\udo\AppData\Roaming\Adobe
2014-11-02 15:35 - 2014-11-02 15:35 - 00000000 ____D () C:\Users\udo\AppData\Local\Adobe
2014-11-02 15:12 - 2014-11-02 15:12 - 00000000 ____D () C:\Program Files\predm
2014-11-02 15:10 - 2014-11-02 15:10 - 00000000 ____D () C:\Program Files\EXoStraSeavinuGs
2014-11-02 15:10 - 2014-11-02 15:10 - 00000000 ____D () C:\Program Files\Easytoshoopa
2014-11-02 15:10 - 2014-11-02 15:10 - 00000000 ____D () C:\Program Files\DoacsaCeonveRterr
2014-11-02 15:10 - 2014-11-02 15:10 - 00000000 ____D () C:\Program Files\BuitSoaveRo
2014-11-02 15:10 - 2014-11-02 15:10 - 00000000 ____D () C:\Program Files\BestSavveFoRYou
2014-11-02 15:06 - 2014-11-02 15:37 - 00000000 ____D () C:\Users\udo\AppData\Roaming\Systweak
2014-11-02 15:06 - 2014-11-02 15:06 - 00000003 _____ () C:\Users\udo\AppData\Local\proxy.log
2014-11-02 15:00 - 2014-11-02 15:00 - 00000000 ____D () C:\Users\Pia\AppData\Local\Amazon Browser Bar
2014-11-02 14:56 - 2014-11-02 14:56 - 00000000 ____D () C:\Program Files\savverneat
2014-11-02 14:56 - 2014-11-02 14:56 - 00000000 ____D () C:\Program Files\savingtooyoou
2014-11-02 14:56 - 2014-11-02 14:56 - 00000000 ____D () C:\Program Files\SaverExtiEnsIOnu
2014-11-02 14:56 - 2014-11-02 14:56 - 00000000 ____D () C:\Program Files\SaveLoTs
2014-11-02 14:52 - 2014-11-02 14:52 - 00000000 ____D () C:\Users\Pia\AppData\Local\fst_de_188

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 02:08 - 2008-01-21 09:21 - 00005552 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 02:07 - 2012-08-10 17:40 - 00000000 ____D () C:\Users\Pia
2014-11-13 02:06 - 2006-11-02 13:49 - 00001978 _____ () C:\Windows\setupact.log
2014-11-13 02:05 - 2014-01-25 19:01 - 00000000 ____D () C:\Users\Pia\Documents\RegistryDr
2014-11-13 02:04 - 2008-01-21 02:38 - 01624746 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 02:03 - 2012-08-10 17:40 - 00000680 _____ () C:\Users\Pia\AppData\Local\d3d9caps.dat
2014-11-13 02:01 - 2014-04-20 20:25 - 00000000 ____D () C:\Users\Pia\AppData\Roaming\System Speedup
2014-11-13 02:01 - 2014-03-21 15:44 - 00000256 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-11-13 01:59 - 2014-04-20 20:26 - 00001444 _____ () C:\Windows\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-5.job
2014-11-13 01:59 - 2014-01-06 19:07 - 00000000 ____D () C:\Users\Pia\AppData\Roaming\newnext.me
2014-11-13 01:59 - 2013-07-30 19:47 - 00000414 _____ () C:\Windows\Tasks\LyricsContainer Update.job
2014-11-13 01:58 - 2014-04-20 20:26 - 00002750 _____ () C:\Windows\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-3.job
2014-11-13 01:58 - 2014-04-20 20:26 - 00002106 _____ () C:\Windows\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-4.job
2014-11-13 01:58 - 2014-04-20 20:26 - 00001332 _____ () C:\Windows\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-1.job
2014-11-13 01:58 - 2014-04-20 20:26 - 00001328 _____ () C:\Windows\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-2.job
2014-11-13 01:58 - 2014-03-08 10:22 - 00002096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-13 01:58 - 2014-03-08 10:22 - 00002096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-13 01:58 - 2014-02-21 14:18 - 00000394 _____ () C:\Windows\Tasks\LyricsContainer_wd.job
2014-11-13 01:58 - 2014-01-25 19:00 - 00001282 _____ () C:\Windows\Tasks\DP1815-updater.job
2014-11-13 01:58 - 2014-01-25 19:00 - 00001184 _____ () C:\Windows\Tasks\DP1815-codedownloader.job
2014-11-13 01:58 - 2014-01-25 19:00 - 00001084 _____ () C:\Windows\Tasks\DP1815-enabler.job
2014-11-13 01:58 - 2014-01-25 18:59 - 00001942 _____ () C:\Windows\Tasks\DP1815-firefoxinstaller.job
2014-11-13 01:58 - 2014-01-25 18:59 - 00001906 _____ () C:\Windows\Tasks\DP1815-chromeinstaller.job
2014-11-13 01:58 - 2014-01-06 19:04 - 00000522 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-11-13 01:58 - 2012-08-11 11:29 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 01:58 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-13 01:57 - 2006-11-02 13:58 - 00032564 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-12 23:28 - 2012-11-09 19:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 23:23 - 2013-07-29 07:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 23:22 - 2006-11-02 11:24 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-11-12 23:19 - 2012-10-07 07:54 - 00000000 ____D () C:\Users\Pia\AppData\Roaming\vlc
2014-11-11 22:44 - 2014-03-21 15:44 - 00000262 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-11-11 22:39 - 2014-02-18 14:39 - 00000284 _____ () C:\Windows\Tasks\Funmoods.job
2014-11-11 22:39 - 2013-09-15 15:54 - 00000179 _____ () C:\Users\Pia\AppData\Roaming\WB.CFG
2014-11-11 22:33 - 2013-05-18 08:03 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce5395d8449d83.job
2014-11-11 22:32 - 2014-01-28 15:15 - 00000000 ____D () C:\ProgramData\c63fc3d96f2c48bd
2014-11-11 21:51 - 2008-01-21 04:02 - 00051896 _____ () C:\Windows\PFRO.log
2014-11-04 14:30 - 2012-08-10 20:05 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-03 20:09 - 2012-08-11 11:22 - 00039424 _____ () C:\Users\Pia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-03 19:23 - 2013-12-18 20:47 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-11-03 19:20 - 2006-11-02 13:44 - 00392784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-03 17:54 - 2013-10-15 19:16 - 00000000 ____D () C:\Users\Pia\AppData\Roaming\File Scout
2014-11-03 17:24 - 2013-05-26 14:21 - 00002633 _____ () C:\Users\Pia\Desktop\Microsoft Office Excel 2007.lnk
2014-11-03 17:07 - 2014-01-06 19:07 - 00000000 ____D () C:\Program Files\AmiExt
2014-11-03 17:05 - 2014-01-06 19:06 - 00000000 ____D () C:\Users\Pia\AppData\Local\Lollipop
2014-11-03 17:04 - 2014-01-06 19:07 - 00000000 ____D () C:\Users\Pia\AppData\Local\Mobogenie
2014-11-03 16:57 - 2012-08-10 17:40 - 00105872 _____ () C:\Users\Pia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-02 17:42 - 2014-03-08 17:38 - 00000668 _____ () C:\Users\udo\daemonprocess.txt
2014-11-02 17:40 - 2012-08-10 17:36 - 00000680 _____ () C:\Users\udo\AppData\Local\d3d9caps.dat
2014-11-02 17:32 - 2014-01-06 19:07 - 00018833 _____ () C:\Users\Pia\daemonprocess.txt
2014-11-02 17:10 - 2012-12-17 20:34 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-11-02 17:10 - 2012-12-17 20:34 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-11-02 17:10 - 2006-11-02 11:22 - 34340864 _____ () C:\Windows\system32\config\software_previous
2014-11-02 17:10 - 2006-11-02 11:22 - 28835840 _____ () C:\Windows\system32\config\components_previous
2014-11-02 17:10 - 2006-11-02 11:22 - 21233664 _____ () C:\Windows\system32\config\system_previous
2014-11-02 17:10 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\default_previous
2014-11-02 17:07 - 2012-08-10 17:36 - 00000000 ____D () C:\Users\udo
2014-11-02 17:06 - 2014-08-03 22:30 - 00000000 ____D () C:\Program Files\ver6LyricsContainer
2014-11-02 17:06 - 2014-05-30 09:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-02 17:06 - 2014-05-28 22:20 - 00000000 ____D () C:\ProgramData\BestSavveFoRYou
2014-11-02 17:06 - 2014-05-28 22:00 - 00000000 ____D () C:\ProgramData\EXoStraSeavinuGs
2014-11-02 17:06 - 2014-04-20 20:25 - 00000000 ____D () C:\Users\Pia\AppData\Roaming\systweak
2014-11-02 17:06 - 2014-04-20 20:25 - 00000000 ____D () C:\Users\Pia\AppData\Local\fst_de_2
2014-11-02 17:06 - 2014-04-20 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-11-02 17:06 - 2014-04-20 20:25 - 00000000 ____D () C:\Program Files\fst_de_2
2014-11-02 17:06 - 2014-04-13 18:35 - 00000000 ____D () C:\ProgramData\SaverExtiEnsIOnu
2014-11-02 17:06 - 2014-03-21 15:44 - 00000000 ____D () C:\Program Files\Uniblue
2014-11-02 17:06 - 2014-03-21 15:44 - 00000000 ____D () C:\Program Files\Supporter
2014-11-02 17:06 - 2014-03-21 15:44 - 00000000 ____D () C:\Program Files\SaveClicker
2014-11-02 17:06 - 2014-03-21 15:44 - 00000000 ____D () C:\Program Files\Ads Clever
2014-11-02 17:06 - 2014-03-21 15:32 - 00000000 ____D () C:\Program Files\GameforgeLive
2014-11-02 17:06 - 2014-02-21 14:58 - 00000000 ____D () C:\ProgramData\Easytoshoopa
2014-11-02 17:06 - 2014-02-21 14:58 - 00000000 ____D () C:\ProgramData\DoacsaCeonveRterr
2014-11-02 17:06 - 2014-01-28 15:16 - 00000000 ____D () C:\ProgramData\savingtooyoou
2014-11-02 17:06 - 2014-01-28 15:15 - 00000000 ____D () C:\ProgramData\savverneat
2014-11-02 17:06 - 2014-01-25 19:00 - 00000000 ____D () C:\Program Files\Registry Dr
2014-11-02 17:06 - 2014-01-06 19:17 - 00000000 ____D () C:\ProgramData\InternetUpdater
2014-11-02 17:06 - 2014-01-06 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git
2014-11-02 17:06 - 2014-01-06 19:08 - 00000000 ____D () C:\Program Files\Lightspark 0.5.3-git
2014-11-02 17:06 - 2014-01-06 19:07 - 00000000 ____D () C:\ProgramData\Websteroids
2014-11-02 17:06 - 2014-01-06 19:07 - 00000000 ____D () C:\ProgramData\Updater
2014-11-02 17:06 - 2014-01-06 19:07 - 00000000 ____D () C:\ProgramData\RHelpers
2014-11-02 17:06 - 2014-01-02 10:29 - 00000000 ____D () C:\Windows\system32\jmdp
2014-11-02 17:06 - 2013-11-21 15:19 - 00000000 ____D () C:\Users\Pia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2014-11-02 17:06 - 2013-11-11 14:45 - 00000000 ____D () C:\Program Files\weDownload Ltd
2014-11-02 17:06 - 2013-06-04 20:30 - 00000000 ____D () C:\Windows\system32\ARFC
2014-11-02 17:06 - 2013-06-04 20:29 - 00000000 ____D () C:\Windows\system32\WNLT
2014-11-02 17:06 - 2012-12-02 19:49 - 00000000 ____D () C:\Program Files\Funmoods
2014-11-02 17:06 - 2012-10-07 07:53 - 00000000 ____D () C:\ProgramData\SweetIM
2014-11-02 17:06 - 2012-10-07 07:53 - 00000000 ____D () C:\Program Files\SweetIM
2014-11-02 17:06 - 2012-10-07 07:47 - 00000000 ____D () C:\Program Files\Yontoo
2014-11-02 17:06 - 2012-08-27 13:15 - 00000000 ____D () C:\Program Files\iLivid
2014-11-02 17:06 - 2012-08-27 13:14 - 00000000 ____D () C:\Program Files\Searchqu Toolbar
2014-11-02 17:06 - 2012-08-10 18:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-02 17:06 - 2006-11-02 12:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-02 17:06 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2014-11-02 17:06 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2014-11-02 16:43 - 2006-11-02 13:49 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-02 16:16 - 2014-09-12 20:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox(25)
2014-11-02 16:15 - 2012-08-10 17:37 - 00105872 _____ () C:\Users\udo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-02 16:11 - 2014-09-18 13:45 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-11-02 16:11 - 2014-09-18 13:45 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-11-02 16:11 - 2014-04-20 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-11-02 16:11 - 2014-04-20 20:26 - 00000000 ____D () C:\Program Files\Advanced System Protector
2014-11-02 16:11 - 2014-04-20 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
2014-11-02 16:11 - 2014-04-20 20:25 - 00000000 ____D () C:\Program Files\System Speedup
2014-11-02 16:11 - 2014-01-25 18:59 - 00000000 ____D () C:\Program Files\DP1815
2014-11-02 16:11 - 2013-12-18 20:41 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-11-02 16:11 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-11-02 15:49 - 2014-01-25 19:00 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-11-02 15:41 - 2014-08-08 22:44 - 00000000 ____D () C:\ProgramData\ShopDrop
2014-11-02 15:29 - 2014-09-18 13:44 - 00000000 ____D () C:\Program Files\Bench
2014-11-02 15:29 - 2014-09-07 13:18 - 00000000 ____D () C:\ProgramData\BuitSoaveRo
2014-11-02 15:26 - 2013-05-31 15:12 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-11-02 15:00 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-11-02 14:55 - 2014-03-21 15:44 - 00000000 ____D () C:\ProgramData\SaveClicker
2014-11-02 14:49 - 2014-09-18 13:45 - 00000003 _____ () C:\Users\Pia\AppData\Local\proxy.log
2014-10-19 18:57 - 2014-09-09 13:10 - 00000000 ____D () C:\Users\Pia\AppData\Local\SWDS

Files to move or delete:
====================
C:\Users\Pia\AppData\Local\Temp\TasksWatch.exe


Some content of TEMP:
====================
C:\Users\Pia\AppData\Local\Temp\18be6784_.exe
C:\Users\Pia\AppData\Local\Temp\294823_.exe
C:\Users\Pia\AppData\Local\Temp\37758uninstall.exe
C:\Users\Pia\AppData\Local\Temp\58297uninstall.exe
C:\Users\Pia\AppData\Local\Temp\5xt2mwdw.dll
C:\Users\Pia\AppData\Local\Temp\BackupSetup.exe
C:\Users\Pia\AppData\Local\Temp\compatibility.exe
C:\Users\Pia\AppData\Local\Temp\dlLogic.exe
C:\Users\Pia\AppData\Local\Temp\EnableExtDll.dll
C:\Users\Pia\AppData\Local\Temp\FlashPlayersetup__5047_i238851730_il3.exe
C:\Users\Pia\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Pia\AppData\Local\Temp\ICReinstall_setup-vlc.exe
C:\Users\Pia\AppData\Local\Temp\installhelper.dll
C:\Users\Pia\AppData\Local\Temp\LyricsContainertmp.exe
C:\Users\Pia\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Pia\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Pia\AppData\Local\Temp\nsj22B1.exe
C:\Users\Pia\AppData\Local\Temp\nsj265A.exe
C:\Users\Pia\AppData\Local\Temp\nsk8FCA.exe
C:\Users\Pia\AppData\Local\Temp\nsk93C1.exe
C:\Users\Pia\AppData\Local\Temp\OpenCL.dll
C:\Users\Pia\AppData\Local\Temp\prefetch.exe
C:\Users\Pia\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
C:\Users\Pia\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\Pia\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Pia\AppData\Local\Temp\speedupmypc.exe
C:\Users\Pia\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Pia\AppData\Local\Temp\TasksWatch.exe
C:\Users\Pia\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Pia\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\Pia\AppData\Local\Temp\_isCF30.exe
C:\Users\Pia\AppData\Local\Temp\_isDBEC.exe
C:\Users\Pia\AppData\Local\Temp\_LrcsCtrUpdr.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-13 02:06

==================== End Of Log ============================
         

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-12-2014
Ran by Pia at 2014-11-13 02:09:12
Running from C:\Users\Pia\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Ads Clever (HKLM\...\Ads Clever11.041.44) (Version: 11.041.44 - M/s Tech AnB)
Ads Remover (HKLM\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - Ads Remover) <==== ATTENTION
Advanced System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12580 - Systweak Software) <==== ATTENTION
AllCheapPrice (HKLM\...\{5A1D3F9E-73B5-95EC-1233-6646E1358965}) (Version:  - "") <==== ATTENTION
AZ 6-1.kids (remove only) (HKLM\...\AZ 6-1.kids) (Version:  - )
BestSavveFoRYou (HKLM\...\{F6A71DC7-28F4-C6C7-8FA9-8A56C80FC96A}) (Version:  - BeStSaVeForYoU) <==== ATTENTION
buenosearch toolbar   (HKLM\...\buenosearch) (Version: 1.8.28.7 - Montiera technologies LTD) <==== ATTENTION
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
DealExpress (HKLM\...\{25F259ED-12F6-429F-5783-527C3E2F8586}) (Version:  - "") <==== ATTENTION
Delta Chrome Toolbar (HKLM\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (HKLM\...\delta) (Version: 1.8.22.0 - Delta) <==== ATTENTION
DoacsaCeonveRterr (HKLM\...\{EB0033B6-A734-7BFF-72E7-A3910B2566B5}) (Version:  - DDoeCisConverter)
DP1815 (HKLM\...\DP1815) (Version: 1.32.153.0 - mrlmedia) <==== ATTENTION
Easytoshoopa (HKLM\...\{532970A2-464B-73CB-BBC4-F209EAD3EEBE}) (Version:  - easytOshop) <==== ATTENTION
Edimax Wireless LAN (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Edimax)
EXoStraSeavinuGs (HKLM\...\{C637A71C-A4B2-4B47-1B2A-1042A8D525A3}) (Version:  - ExsttraeSAvinggs)
FindBestDeal (HKLM\...\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}) (Version:  - "") <==== ATTENTION
fst_de_2 (HKLM\...\fst_de_2_is1) (Version:  - free_soft_today)
Funmoods (HKLM\...\funmoods) (Version:  - ) <==== ATTENTION
Gameforge Live 1.10.1 "Legend" (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.10.1 - Gameforge)
GeoGebra 4.2 (HKLM\...\GeoGebra 4.2) (Version: 4.2.51.0 - International GeoGebra Institute)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
IB Updater Service (HKLM\...\WNLT) (Version: 5.0.1.7 - ) <==== ATTENTION
iLivid (HKLM\...\iLivid) (Version: 1.92 - Bandoo Media Inc) <==== ATTENTION
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
Internet Updater (HKLM\...\InternetUpdater) (Version: 2.6.52 - Parallel Lines Development, LLC) <==== ATTENTION
Lightspark 0.5.3-git (HKLM\...\Lightspark) (Version: 0.5.3-git - Lightspark Team)
LyricsContainer (HKLM\...\17ACF860-A2B2-722F-E846-928ADFCF3FF5) (Version:  - LyricsContainer-software) <==== ATTENTION
LyricsContainer (HKLM\...\854e4d75-e926-498d-a2ad-a3e5c9f68079) (Version:  - RYD Software) <==== ATTENTION
MaintenanceService-Funmoods (HKU\S-1-5-21-2940695343-952386912-1787405249-1001\...\Funmoods) (Version:  - ) <==== ATTENTION
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 14.0 (x86 de) (HKLM\...\Mozilla Thunderbird 14.0 (x86 de)) (Version: 14.0 - Mozilla)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Ominent toolbar   (HKLM\...\ominent) (Version: 1.8.26.12 - weDownload Ltd)
OpenOffice.org 3.4 (HKLM\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Optimizer Pro v3.2 (HKLM\...\Optimizer Pro_is1) (Version:  - PC Utilities Software Limited) <==== ATTENTION
PCCursusA (HKLM\...\PCCursusA) (Version:  - )
Platform (Version: 1.27 - VIA Technologies, Inc.) Hidden
Plus-HD-9.5 (HKLM\...\Plus-HD-9.5) (Version: 1.34.4.10 - Plus HD) <==== ATTENTION
PricePeep (HKLM\...\PricePeep) (Version: 2.1.293.0 - betwikx LLC) <==== ATTENTION
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
Registry Dr (HKLM\...\{13F65354-29C2-41B0-B0FE-E858FB622FDD}) (Version: 2.4.7 - EuroTrade A.L. Ltd)
SaveClicker (HKLM\...\{E96338DC-1468-4918-8EC2-8454BFFC5025}) (Version: 4.3.0.1648 - SaveClicker) <==== ATTENTION
SaverExtiEnsIOnu (HKLM\...\{274E3C5C-178E-EAE2-A52F-2863C0EECD46}) (Version:  - SSaverExtension) <==== ATTENTION
savingtooyoou (HKLM\...\{A2616871-3463-BCEE-5AFA-73773317A381}) (Version:  - seavingToYYouu)
savverneat (HKLM\...\{614925F9-841A-53FE-A28F-DC30FA07239B}) (Version:  - saiveernett) <==== ATTENTION
Search Protect (HKLM\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
Searchqu Toolbar (HKLM\...\Searchqu Toolbar) (Version: 4.1.0.3028 - Bandoo Media Inc) <==== ATTENTION
Snap.Do (HKLM\...\{D5E50D52-C658-4C16-9722-9F9B057B5F0F}) (Version: 11.74.1.17518 - ReSoft Ltd.) <==== ATTENTION
SpeedUpMyPC (HKLM\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.3.1 - Uniblue Systems Limited) <==== ATTENTION
Supporter 1.80 (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{40030ae4}) (Version:  - SaveClicker) <==== ATTENTION
SweetIM for Messenger 3.7 (HKLM\...\{7683B745-6060-41FD-AA75-0BBB383FEAD4}) (Version: 3.7.0005 - SweetIM Technologies Ltd.) <==== ATTENTION
System Speedup (HKLM\...\System Speedup_is1) (Version: 2.1 - systemspeedup.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update Manager for SweetPacks 1.1 (HKLM\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Updater (HKLM\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
ValueApps (HKU\S-1-5-21-2940695343-952386912-1787405249-1001\...\ValueApps) (Version: 1.3.1.1 - Conduit) <==== ATTENTION
VIA Plattform-Geräte-Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.27 - VIA Technologies, Inc.)
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Websteroids (HKLM\...\Websteroids) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

30-05-2014 14:10:05 Windows Update
01-06-2014 08:15:58 Windows Update
01-06-2014 08:23:36 Windows Update
01-06-2014 14:22:13 Windows Update
04-06-2014 12:57:33 Windows Update
29-06-2014 18:45:22 Windows Update
05-07-2014 08:25:49 Windows Update
05-07-2014 08:39:20 Windows Update
03-08-2014 21:37:42 Windows Update
02-11-2014 14:14:05 Removed Internet Explorer Toolbar 4.6 by SweetPacks
02-11-2014 14:38:49 Removed SweetIM for Messenger 3.7
02-11-2014 14:46:05 Configured Platform
02-11-2014 14:47:26 Removed Update Manager for SweetPacks 1.1
02-11-2014 14:47:41 Removed Update Manager for SweetPacks 1.1
02-11-2014 14:48:35 Removed Registry Dr
02-11-2014 14:58:31 Removed Snap.Do
02-11-2014 14:59:59 Configured Platform
02-11-2014 15:55:51 Wiederherstellungsvorgang
03-11-2014 16:00:14 Removed SweetIM for Messenger 3.7
03-11-2014 16:01:42 Removed SweetIM for Messenger 3.7
03-11-2014 16:02:24 Removed SweetIM for Messenger 3.7
03-11-2014 16:04:21 Removed Registry Dr
03-11-2014 16:06:24 Removed Internet Explorer Toolbar 4.6 by SweetPacks
03-11-2014 16:09:26 Removed Update Manager for SweetPacks 1.1
03-11-2014 16:09:48 Removed SweetIM for Messenger 3.7
03-11-2014 16:10:17 Removed Snap.Do
03-11-2014 16:12:54 Windows Update
03-11-2014 16:34:11 Windows Update
03-11-2014 19:13:30 Windows Update
10-11-2014 15:49:37 Windows Update
10-11-2014 16:23:31 Windows Update
12-11-2014 22:01:24 Windows Update
12-11-2014 22:21:55 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0DE782E2-A62A-4DC1-927E-EAC7F167CE6B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {1E8E2B19-E16D-4FEA-9BF6-D373DBC5F470} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-17] (Uniblue Systems Limited) <==== ATTENTION
Task: {282A803F-C9AC-43BA-9DA7-E612C21EE957} - System32\Tasks\AmiUpdXp => C:\Users\Pia\AppData\Local\Temp\nstF4FA.tmp\%LOCALAPPDATA%\13c341df-226d-4d4f-487e-9cbfd5376939\13c341df-226d-4d4f-487e-9cbfd5376939.exe <==== ATTENTION
Task: {34631B4B-15F7-4337-ACA0-59C09EC635A8} - System32\Tasks\Funmoods => C:\Users\Pia\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {5094BD4D-B5B6-4507-91C9-23EE34AB1E54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-11] (Google Inc.)
Task: {55DBB1F6-90AC-48E4-BD76-B8B5344E2559} - System32\Tasks\RegistryDr_Popup => C:\Program Files\Registry Dr\Splash.exe [2014-01-22] () <==== ATTENTION
Task: {5D7A5942-1626-48AD-B261-A446D126CB5A} - System32\Tasks\System Speedup_UPDATES => C:\Program Files\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {5DB193F1-660C-44FE-BA31-13A3977DC7C4} - System32\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-5 => C:\Program Files\Plus-HD-9.5\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-5.exe [2014-04-20] (Plus HD) <==== ATTENTION
Task: {66DC8E63-E313-44F7-BBCD-56C18063FF46} - System32\Tasks\DP1815-updater => C:\Program Files\DP1815\DP1815-updater.exe [2014-01-25] (mrlmedia) <==== ATTENTION
Task: {70824700-CE40-43CC-B813-5FFE3300DE46} - System32\Tasks\DP1815-chromeinstaller => C:\Program Files\DP1815\DP1815-chromeinstaller.exe [2014-01-25] (mrlmedia) <==== ATTENTION
Task: {75CF547A-C270-48DF-8804-8EEEB88602D8} - System32\Tasks\LyricsContainer_wd => C:\Program Files\ver6LyricsContainer\b3LyricsContainero.exe [2014-08-03] () <==== ATTENTION
Task: {7D80C34C-854D-4E4C-871A-B98CA1C8EF70} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {7F1EAF2F-1857-4A15-BE7F-5EA84DF92ED8} - System32\Tasks\LyricsContainer Update => C:\Program Files\ver6LyricsContainer\Z1LyricsContainerg16.exe [2014-08-03] () <==== ATTENTION
Task: {8EE27316-4FB1-408D-863D-0047F7A50361} - System32\Tasks\Advanced System Protector => C:\Program Files\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {A21E182A-927A-44A7-A5D8-E2EEDB6876E3} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-17] (Uniblue Systems Limited) <==== ATTENTION
Task: {A386A2EE-47F7-4113-A44B-6550DD68393E} - System32\Tasks\RegistryDr_Start => C:\Program Files\Registry Dr\RegistryDr.exe [2014-01-22] () <==== ATTENTION
Task: {A5682F11-5B0C-4B37-87F3-98A0FE617F25} - System32\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-4 => C:\Program Files\Plus-HD-9.5\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-4.exe [2014-04-20] (Plus HD) <==== ATTENTION
Task: {B36415D7-5D56-48A1-A360-036905E193AB} - System32\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-3 => C:\Program Files\Plus-HD-9.5\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-3.exe [2014-04-20] (Plus HD) <==== ATTENTION
Task: {C189C796-9546-4FF6-AC5A-D86F5A87577C} - System32\Tasks\DP1815-firefoxinstaller => C:\Program Files\DP1815\DP1815-firefoxinstaller.exe [2014-01-25] (mrlmedia) <==== ATTENTION
Task: {CA012F78-E2AA-421B-A216-40BD2627AB1E} - System32\Tasks\DP1815-codedownloader => C:\Program Files\DP1815\DP1815-codedownloader.exe [2014-01-25] (mrlmedia) <==== ATTENTION
Task: {CA3F24CB-E838-4FE3-B03F-7DE0A6313B60} - System32\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-2 => C:\Program Files\Plus-HD-9.5\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-2.exe [2014-04-20] (Plus HD) <==== ATTENTION
Task: {D5007C59-318A-4009-999F-9F8ABF9B98A8} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {D636AB43-5F5D-4EE5-9888-6B119E449967} - System32\Tasks\GoogleUpdateTaskMachineUA1ce5395d8449d83 => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-11] (Google Inc.)
Task: {DC7F6A26-0F8B-45EA-9CD1-D5B3A4E9ED7A} - System32\Tasks\System Speedup => C:\Program Files\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {E603258D-3323-4C2F-BBEE-FF7C545DE6B5} - System32\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-1 => C:\Program Files\Plus-HD-9.5\Plus-HD-9.5-codedownloader.exe [2014-04-20] (Plus HD) <==== ATTENTION
Task: {E65F64DD-92A9-4599-8DD0-1C5FFD81A600} - System32\Tasks\DP1815-enabler => C:\Program Files\DP1815\DP1815-enabler.exe [2014-01-25] (mrlmedia) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Pia\AppData\Local\Temp\nstF4FA.tmp\%LOCALAPPDATA%\13c341df-226d-4d4f-487e-9cbfd5376939\13c341df-226d-4d4f-487e-9cbfd5376939.exe <==== ATTENTION
Task: C:\Windows\Tasks\DP1815-chromeinstaller.job => C:\Program Files\DP1815\DP1815-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\DP1815-codedownloader.job => C:\Program Files\DP1815\DP1815-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\DP1815-enabler.job => C:\Program Files\DP1815\DP1815-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\DP1815-firefoxinstaller.job => C:\Program Files\DP1815\DP1815-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\DP1815-updater.job => C:\Program Files\DP1815\DP1815-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-1.job => C:\Program Files\Plus-HD-9.5\Plus-HD-9.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-2.job => C:\Program Files\Plus-HD-9.5\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-3.job => C:\Program Files\Plus-HD-9.5\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-4.job => C:\Program Files\Plus-HD-9.5\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-5.job => C:\Program Files\Plus-HD-9.5\fbb8cbc4-8376-404d-a6c0-2b9eff65e643-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Funmoods.job => C:\Users\Pia\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce5395d8449d83.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricsContainer Update.job => C:\Program Files\ver6LyricsContainer\Z1LyricsContainerg16.exe <==== ATTENTION
Task: C:\Windows\Tasks\LyricsContainer_wd.job => C:\Program Files\ver6LyricsContainer\b3LyricsContainero.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\System Speedup_UPDATES.job => C:\Program Files\System Speedup\SystemSpeedup.exe

==================== Loaded Modules (whitelisted) =============

2013-12-18 20:41 - 2013-10-29 14:08 - 04024648 _____ () c:\Program Files\Optimizer Pro\OptProCrash.dll
2014-03-21 15:44 - 2014-03-21 15:44 - 04367872 _____ () c:\Program Files\Supporter\Supporter.dll
2014-03-21 15:44 - 2014-03-21 15:44 - 00179536 _____ () c:\Program Files\Supporter\SupporterSvc.dll
2013-12-18 20:41 - 2013-12-18 20:41 - 00192664 _____ () c:\Program Files\Optimizer Pro\OptProCrashSvc.dll
2013-06-04 20:30 - 2013-12-29 11:12 - 01488176 _____ () C:\Windows\system32\dmwu.exe
2013-12-06 02:30 - 2013-12-06 02:30 - 00040448 _____ () C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
2014-08-03 22:30 - 2014-08-03 22:30 - 00162304 _____ () C:\Program Files\ver6LyricsContainer\i0LyricsContainerpp175.exe
2014-08-03 22:30 - 2014-08-03 22:30 - 00171520 _____ () C:\Program Files\ver6LyricsContainer\i0LyricsContainerpp175.dll
2012-08-10 18:06 - 2007-12-26 13:17 - 00053760 _____ () C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
2014-08-03 22:30 - 2014-08-03 22:30 - 00101376 _____ () C:\Program Files\ver6LyricsContainer\b3LyricsContainero.exe
2012-08-10 19:43 - 2008-03-17 10:50 - 00069632 ____R () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
2012-08-10 19:43 - 2009-01-06 10:11 - 00090112 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
2012-08-10 19:43 - 2008-02-14 06:57 - 00094208 ____R () C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
2014-03-21 15:43 - 2014-03-21 15:43 - 01257600 _____ () C:\Users\Pia\AppData\Local\Temp\TasksWatch.exe
2014-02-14 18:09 - 2014-02-14 18:14 - 01286784 _____ () C:\Program Files\Ads Clever\VideoUsage.exe
2014-05-29 14:29 - 2014-05-29 14:29 - 00046624 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00071712 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\srau.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00167456 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 02337824 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00068640 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\spbl.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00157216 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00015904 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\siem.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00067616 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\sppsm.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00698400 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00016416 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00080416 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00028704 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00060448 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\srut.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00030752 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\srsbs.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00067104 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00151072 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\smti.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00032800 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\srom.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00032288 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\smtu.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00040992 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\smta.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00047648 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\srbu.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00025632 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\sgml.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00063520 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00026656 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\srpdm.dll
2014-05-29 14:28 - 2014-05-29 14:28 - 00045088 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-05-29 14:26 - 2014-05-29 14:26 - 00026656 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00036896 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00195104 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\sgmu.dll
2014-03-12 18:26 - 2014-03-12 18:26 - 00061440 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-05-29 14:29 - 2014-05-29 14:29 - 00257056 _____ () C:\Users\Pia\AppData\Local\Smartbar\Application\srns.dll
2013-12-29 11:12 - 2013-12-29 11:12 - 00943408 _____ () C:\Windows\System32\jmdp\stij.exe
2013-12-29 11:12 - 2013-12-29 11:12 - 01150256 _____ () C:\Windows\System32\jmdp\lmrn.dll
2014-01-28 19:47 - 2014-02-21 21:06 - 01380496 _____ () C:\Program Files\Ads Clever\ProcessUsage.exe
2014-01-28 19:47 - 2010-03-30 14:29 - 00279955 _____ () C:\Program Files\Ads Clever\libidn-11.dll
2014-01-28 19:47 - 2013-03-17 08:42 - 00084992 _____ () C:\Program Files\Ads Clever\zlib1.dll
2014-01-28 19:47 - 2010-06-11 08:48 - 00148760 _____ () C:\Program Files\Ads Clever\libpdcurses.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2940695343-952386912-1787405249-500 - Administrator - Disabled)
Gast (S-1-5-21-2940695343-952386912-1787405249-501 - Limited - Disabled)
Pia (S-1-5-21-2940695343-952386912-1787405249-1001 - Administrator - Enabled) => C:\Users\Pia
udo (S-1-5-21-2940695343-952386912-1787405249-1000 - Administrator - Enabled) => C:\Users\udo

==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2014 02:10:49 AM) (Source: Windows Search Service) (EventID: 3090) (User: )
Description: Die Gathererdateien des vorherigen Prüfpunkts können nicht wiederhergestellt werden, und dieser Vorgang kann nicht abgeschlossen werden. Der Gatherer wird versuchen, die Dateien erneut wiederherzustellen. Wenn das Problem weiterhin besteht, starten Sie den Dienst erneut, setzen Sie Systemressourcen frei oder stellen Sie sicher, dass Ihre Hardware in Ordnung ist. 

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.   (0x8004117f)

Error: (11/13/2014 02:08:53 AM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: WmiApRplWmiApRpl8

Error: (11/13/2014 02:08:53 AM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16

Error: (11/13/2014 02:08:53 AM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16

Error: (11/13/2014 02:08:49 AM) (Source: Windows Search Service) (EventID: 3090) (User: )
Description: Die Gathererdateien des vorherigen Prüfpunkts können nicht wiederhergestellt werden, und dieser Vorgang kann nicht abgeschlossen werden. Der Gatherer wird versuchen, die Dateien erneut wiederherzustellen. Wenn das Problem weiterhin besteht, starten Sie den Dienst erneut, setzen Sie Systemressourcen frei oder stellen Sie sicher, dass Ihre Hardware in Ordnung ist. 

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.   (0x8004117f)

Error: (11/13/2014 02:08:17 AM) (Source: profsvc) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Das System kann die angegebene Datei nicht finden.

Error: (11/13/2014 02:08:17 AM) (Source: profsvc) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Das System kann die angegebene Datei nicht finden.

Error: (11/13/2014 02:07:39 AM) (Source: profsvc) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Das System kann die angegebene Datei nicht finden.

Error: (11/13/2014 02:07:39 AM) (Source: profsvc) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Das System kann die angegebene Datei nicht finden.

Error: (11/13/2014 02:06:49 AM) (Source: Windows Search Service) (EventID: 3090) (User: )
Description: Die Gathererdateien des vorherigen Prüfpunkts können nicht wiederhergestellt werden, und dieser Vorgang kann nicht abgeschlossen werden. Der Gatherer wird versuchen, die Dateien erneut wiederherzustellen. Wenn das Problem weiterhin besteht, starten Sie den Dienst erneut, setzen Sie Systemressourcen frei oder stellen Sie sicher, dass Ihre Hardware in Ordnung ist. 

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexserver kann wegen eines Datenbankfehlers keine Daten aktualisieren oder auf sie zugreifen. Beenden Sie den Suchdienst, und starten Sie ihn erneut. Wenn das Problem weiterhin besteht, setzen Sie den Inhaltsindex zurück, und crawlen Sie ihn erneut. In manchen Fällen muss der Inhaltsindex möglicherweise gelöscht und erneut erstellt werden.   (0x8004117f)


System errors:
=============
Error: (11/13/2014 01:59:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (11/13/2014 01:59:42 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/13/2014 01:58:42 AM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (11/13/2014 01:58:30 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: 

Error: (11/13/2014 01:56:13 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (11/13/2014 01:56:11 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/13/2014 01:55:10 AM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (11/13/2014 01:54:49 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: 

Error: (11/12/2014 11:27:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80073712Microsoft .NET Framework*3.5 SP1-Sicherheitsupdate für Windows Vista SP1 und Windows Server*2008 x86 (KB979911){B5095611-1BA7-4F18-A6EA-606DD530B20C}103

Error: (11/12/2014 11:27:12 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT-AUTORITÄT)
Description: Windows-Wartung konnte das Paket KB979911 (Security Update) nicht in den Status Nicht vorhanden(Absent) setzen.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-13 02:08:52.262
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 02:08:52.206
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 02:08:52.146
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 02:08:52.092
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 02:08:52.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 02:08:51.968
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 02:08:51.895
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 02:08:51.817
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-08 23:39:28.492
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-08 23:39:28.445
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Percentage of memory in use: 39%
Total physical RAM: 2046.58 MB
Available physical RAM: 1233.38 MB
Total Pagefile: 4337.71 MB
Available Pagefile: 3418.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:87.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: FB2888DC)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-13 02:39:05
Windows 6.0.6001 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\0000004e ExcelSto rev.P22O 149,05GB
Running: Gmer-19357(2).exe; Driver: C:\Users\Pia\AppData\Local\Temp\uwldapow.sys


---- Kernel code sections - GMER 2.1 ----

.reloc          C:\Windows\system32\drivers\acedrv11.sys                                      section is executable [0x95513300, 0x25D4C, 0xE0000060]

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Ads Clever\ProcessUsage.exe[652] ntdll.dll!DbgBreakPoint     77A97B0E 1 Byte  [C3]
.text           C:\Users\Pia\AppData\Local\Temp\TasksWatch.exe[3308] ntdll.dll!DbgBreakPoint  77A97B0E 1 Byte  [C3]
.text           C:\Program Files\Ads Clever\VideoUsage.exe[3320] ntdll.dll!DbgBreakPoint      77A97B0E 1 Byte  [C3]

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\fastfat \Fat                                                      fltmgr.sys

---- Processes - GMER 2.1 ----

Process          (*** hidden *** )                                                            [4] 83E54C10                                             

---- EOF - GMER 2.1 ----