| |
| |||||||
Log-Analyse und Auswertung: Sicherheitswarnung zu meinem Internetzugang durch die TelekomWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
20.01.2015, 12:02
| #16 |
| /// the machine /// TB-Ausbilder    |  Sicherheitswarnung zu meinem Internetzugang durch die Telekom können wir hier machen. Poste einfach FRST Logs von dem Rechner 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.01.2015, 12:55
| #17 |
 | Sicherheitswarnung zu meinem Internetzugang durch die TelekomCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Nick at 2015-01-19 21:48:56
Running from C:\Users\Nick\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3009 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
AVG 2015 (Version: 15.0.4253 - AVG Technologies) Hidden
Bad Piggies (HKLM-x32\...\{32941438-AD79-4EF4-B7E4-86039E41B4D3}) (Version: 1.0.0 - Rovio)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.19.331.104.16 - Infernum Productions AG)
BrowseStudio (HKLM\...\BrowseStudio) (Version: 2014.11.27.132145 - BrowseStudio) <==== ATTENTION!
CinPlus-1.0cV15.12 (HKLM-x32\...\CinPlus-1.0cV15.12) (Version: 1.35.11.26 - Cinema Plus1.0V15.12) <==== ATTENTION
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DeallsFiNdeRRPro (HKLM-x32\...\{779D1843-0043-65D2-D781-8614F17B6222}) (Version: - DealsFinderPro) <==== ATTENTION
DissccountLocator (HKLM-x32\...\{194FED75-9C74-BDB7-53F8-8CFFEF1AFEC9}) (Version: - DiscountLocator) <==== ATTENTION
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
FineDealSSoft (HKLM-x32\...\{0D566ABB-889B-AF39-7B6A-23D4C5D54542}) (Version: - finedeal) <==== ATTENTION
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Pokki) (Version: 0.269.5.367 - Pokki)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 7.48.4.1 - Iminent) <==== ATTENTION
IminentToolbar (HKLM-x32\...\IminentToolbar) (Version: 7.48.4.1 - Iminent) <==== ATTENTION
InetStat (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\InetStat) (Version: 0.5b - InetStat) <==== ATTENTION!
Infigo (HKLM-x32\...\Infigo) (Version: 1.26.0.4 - MAVIN LOG, S.L.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version: - BullPoint) <==== ATTENTION
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LEGO® Harry Potter™: Die Jahre 5-7 (HKLM-x32\...\{5C5A944F-096E-4ADD-B8E8-887F18BA6228}) (Version: 1.0.0.0 - WB Games)
leisss2pay (HKLM-x32\...\{82B558C7-2A69-D3D5-B65A-DCAB3B65AD02}) (Version: - "") <==== ATTENTION
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
MyBestOffersToday 014.2 (HKLM-x32\...\rec_de_2_is1) (Version: - MYBESTOFFERSTODAY) <==== ATTENTION
MyBestOffersToday 014.349 (HKLM-x32\...\mbot_de_349_is1) (Version: - MYBESTOFFERSTODAY) <==== ATTENTION
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version: - mystartsearch) <==== ATTENTION
NVIDIA Grafiktreiber 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OnlineLowDeals (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - OnlineLowDeals) <==== ATTENTION
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Pokki) (Version: 0.269.2.471 - Pokki)
Pokki Start Menu (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
RocketTab (HKLM-x32\...\RocketTab) (Version: - RocketTab) <==== ATTENTION!
shopndorop (HKLM-x32\...\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}) (Version: - "") <==== ATTENTION
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
speed browser (HKLM-x32\...\speed browser) (Version: 38.0.2125.19 - Smart Applications)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
StormWatch (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\StormWatch) (Version: 1.0.1.36 - StormWatch) <==== ATTENTION!
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
TheBestDeals (HKLM-x32\...\CAA771ED-22B1-BE22-7F3A-E8C5B78FCE10) (Version: - TheBestDeals-software) <==== ATTENTION
topdeall (HKLM-x32\...\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}) (Version: - "")
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wajam (HKLM-x32\...\WaInterEnhance) (Version: 2.21.2.31 (i2.6) - WaInterEnhance) <==== ATTENTION
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
Word Proser 1.10.0.1 (HKLM-x32\...\WordProser_1.10.0.1) (Version: 1.10.0.1 - Word Proser) <==== ATTENTION
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WowCoupon (HKLM-x32\...\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}) (Version: - WowCoupon) <==== ATTENTION
WSE_Vosteran (HKLM-x32\...\WSE_Vosteran) (Version: - WSE_Vosteran) <==== ATTENTION!
Yahoo! Search (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION
Zombie News (HKLM-x32\...\ZombieNews) (Version: 2.7.50 - Time Lapse Solutions)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4218249386-1005423115-940720447-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
17-01-2015 19:13:19 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {157DFB64-8E92-4028-89EE-1B2BD7BEA267} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-1 => C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-codedownloader.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {1ABC0DA7-CAE0-43AD-A1C3-DFD454A399FA} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5_user => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-5.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {2923779E-6EEB-48BE-A74D-8C074541E151} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {2AB72FC6-011F-42C0-A9AA-49D9CC180908} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-15] (globalUpdate) <==== ATTENTION
Task: {2DD51A4D-E0E3-4018-B0EB-D0EC10FA45C5} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe [2014-12-18] () <==== ATTENTION
Task: {33FE2C70-9111-4C75-AD5E-85C335A22F27} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-11 => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-11.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {4621F24C-2B09-4415-A9B5-59E80B23B1ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {48EB1898-CD3C-4E66-AB1A-2BDED249C2C3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-18] (Microsoft Corporation)
Task: {4E62FED3-787C-439E-97F6-62F4081149E0} - System32\Tasks\WSE_Vosteran => C:\Users\Nick\AppData\Roaming\WSE_Vosteran\UpdateProc\UpdateTask.exe [2014-11-27] () <==== ATTENTION
Task: {58DEB88F-EDE2-44EE-9F2E-C39A8FF5D367} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-4 => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-4.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {70DDE1F3-D130-4C28-93D8-5AE03649804B} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {73146D59-A805-49D5-8D19-E39497F43CC0} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {75537BF8-1C84-42D4-8E4B-B42466D102C3} - System32\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86 => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-15] (globalUpdate) <==== ATTENTION
Task: {7CC3A020-2B4B-420B-B12D-B45BF4A1101B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {7DDC3099-4D1D-43D2-AFC5-62D187E0BD30} - System32\Tasks\Yahoo! Search => C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe [2015-01-06] (Pay By Ads LTD) <==== ATTENTION
Task: {82180846-12C2-474D-8344-723CF1AB0588} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5 => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-5.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {964E3B65-B672-49A7-A6DC-1E565D500E2C} - System32\Tasks\ce3a5f13-686d-4a84-840f-755623fb3ddf => C:\Program Files (x86)\CinPlus-1.0cV15.12\ce3a5f13-686d-4a84-840f-755623fb3ddf.exe [2014-12-15] () <==== ATTENTION
Task: {97C397C4-4FAB-415D-813B-156FD3D89917} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {9C69700E-454C-44E9-AE1B-979A7E271C40} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
Task: {9FD03297-E1DE-495D-B47A-3BBC246BD50D} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AA9F1F0F-147D-4013-A93A-B1C5D81C0680} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {AF019B57-B9E2-4E99-B27E-A079836AF1C4} - System32\Tasks\2e8e0f02-dc74-4bb7-b50c-28e47040ba84 => C:\Program Files (x86)\CinPlus-1.0cV15.12\2e8e0f02-dc74-4bb7-b50c-28e47040ba84.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {B20E57C0-ED64-4033-A210-D66379C258C5} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-3 => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-3.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {B23F98AB-2E1D-410C-A96B-85B50D3F719F} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {CDEBDD6D-546D-4B01-A3C7-EB89455009E9} - System32\Tasks\RunTool => C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea\sysad.exe [2015-01-19] ()
Task: {DEBC6FDE-AAF4-4F6C-841E-77E82C66F076} - System32\Tasks\Yahoo! Search Updater => C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrsetup.exe [2015-01-06] (Pay By Ads LTD) <==== ATTENTION
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: C:\Windows\Tasks\2e8e0f02-dc74-4bb7-b50c-28e47040ba84.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\2e8e0f02-dc74-4bb7-b50c-28e47040ba84.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-1.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-11.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-3.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-4.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5_user.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ce3a5f13-686d-4a84-840f-755623fb3ddf.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\ce3a5f13-686d-4a84-840f-755623fb3ddf.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\TheBestDeals Update.job => C:\Program Files (x86)\ver9TheBestDeals\i3TheBestDealsm51.exe
Task: C:\Windows\Tasks\WSE_Vosteran.job => C:\Users\Nick\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-08-31 19:24 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-13 16:23 - 2014-11-13 16:23 - 00019720 _____ () C:\Program Files (x86)\Infigo\InfigoOperator.exe
2014-07-25 22:23 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-11-27 14:21 - 2015-01-12 18:39 - 00529648 _____ () C:\Program Files (x86)\BrowseStudio\updateBrowseStudio.exe
2014-12-17 18:54 - 2015-01-17 20:02 - 00529648 _____ () C:\Program Files (x86)\BrowseStudio\bin\utilBrowseStudio.exe
2014-08-21 12:33 - 2014-12-17 10:28 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-12-18 11:28 - 2014-12-18 11:28 - 01437696 _____ () C:\Program Files (x86)\Search Extensions\Client.exe
2014-08-21 12:32 - 2014-12-17 10:28 - 00733576 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2014-12-15 14:04 - 2014-12-13 16:19 - 03307176 _____ () C:\Users\Nick\AppData\Local\mbot_de_349\upmbot_de_349.exe
2014-02-25 21:14 - 2014-02-25 21:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 21:11 - 2014-02-25 21:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 21:17 - 2014-02-25 21:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-12-15 14:02 - 2014-12-15 14:10 - 00705038 _____ () C:\Users\Nick\AppData\Roaming\InetStat\inetstat.exe
2014-03-19 02:35 - 2014-03-07 17:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-12-15 14:04 - 2014-12-13 16:18 - 03977896 _____ () C:\Program Files (x86)\mbot_de_349\mbot_de_349.exe
2014-12-25 19:29 - 2014-12-24 12:29 - 03978408 _____ () C:\Program Files (x86)\rec_de_2\rec_de_2.exe
2014-11-25 20:47 - 2014-11-25 20:47 - 01465880 _____ () C:\Program Files (x86)\StormWatch\StormWatchApp.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-01-01 12:15 - 2015-01-01 12:15 - 00706560 _____ () C:\ProgramData\FineDealSSoft\XrFwQRosw6pEa9.x64.dll
2014-12-15 14:11 - 2014-12-15 14:11 - 00228352 _____ () C:\Program Files (x86)\ver9TheBestDeals\184_x64.dll
2014-12-23 20:19 - 2014-12-23 20:19 - 00701440 _____ () C:\ProgramData\DeallsFiNdeRRPro\Ptng2j2cMh1gjy.x64.dll
2015-01-06 11:04 - 2015-01-06 11:04 - 00701952 _____ () C:\ProgramData\leisss2pay\YTim8DmLxpIx6T.x64.dll
2014-12-23 20:19 - 2014-12-23 20:19 - 00701440 _____ () C:\ProgramData\topdeall\wdb8qXI8r4OBZK.x64.dll
2015-01-18 07:04 - 2015-01-18 07:04 - 00701952 _____ () C:\ProgramData\shopndorop\xp0gvHpGDNcMKP.x64.dll
2015-01-06 11:03 - 2015-01-06 11:03 - 00701952 _____ () C:\ProgramData\DissccountLocator\CyLh9NUE0jPOMh.x64.dll
2014-08-31 19:34 - 2013-10-01 10:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-08-29 19:00 - 2014-08-29 19:00 - 00100608 _____ () C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
2014-12-18 10:01 - 2014-12-18 10:01 - 00186192 _____ () c:\ProgramData\Interenet Optimizer\InterenetOptimizerSvc.dll
2014-12-18 10:01 - 2014-12-18 10:01 - 04125696 _____ () c:\ProgramData\Interenet Optimizer\InterenetOptimizer.dll
2014-11-13 16:22 - 2014-11-13 16:22 - 00047616 _____ () C:\Program Files (x86)\Infigo\EventsProvider.dll
2014-08-21 12:33 - 2014-12-17 10:28 - 00023944 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-11-13 16:20 - 2014-11-13 16:20 - 00098304 _____ () C:\Program Files (x86)\Infigo\InfigoSkin.dll
2015-01-19 09:15 - 2015-01-19 09:15 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-12-19 21:16 - 2014-12-19 21:16 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-12-29 13:25 - 2014-12-29 13:25 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2014-12-19 21:10 - 2014-12-19 21:10 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-08-31 19:21 - 2013-12-10 00:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-12-19 22:00 - 2014-12-19 22:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2015-01-06 14:55 - 2015-01-06 14:55 - 00306176 _____ () C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\mkgaiebg.dll
2014-07-25 22:27 - 2014-07-01 22:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2014-12-17 15:33 - 2014-12-06 20:57 - 01304064 _____ () C:\Program Files (x86)\speed browser\Application\38.0.2125.19\libglesv2.dll
2014-12-17 15:33 - 2014-12-06 20:57 - 00212992 _____ () C:\Program Files (x86)\speed browser\Application\38.0.2125.19\libegl.dll
2014-12-17 15:33 - 2014-12-06 20:57 - 09207808 _____ () C:\Program Files (x86)\speed browser\Application\38.0.2125.19\pdf.dll
2014-12-17 15:33 - 2014-12-06 20:57 - 00985600 _____ () C:\Program Files (x86)\speed browser\Application\38.0.2125.19\ffmpegsumo.dll
2014-11-27 19:28 - 2014-12-12 17:42 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-06 14:55 - 2015-01-06 14:55 - 00292864 _____ () C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\bebVFXgn.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Nick\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-4218249386-1005423115-940720447-500 - Administrator - Disabled)
Gast (S-1-5-21-4218249386-1005423115-940720447-501 - Limited - Disabled)
Nick (S-1-5-21-4218249386-1005423115-940720447-1002 - Administrator - Enabled) => C:\Users\Nick
UpdatusUser (S-1-5-21-4218249386-1005423115-940720447-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2015 09:34:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (01/19/2015 09:33:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (01/19/2015 11:24:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452fe91
Name des fehlerhaften Moduls: CinPlus-1.0cV15.12-bho64.dll, Version: 1.0.0.1, Zeitstempel: 0x548e181a
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0000000000068bc7
ID des fehlerhaften Prozesses: 0x2004
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (01/19/2015 09:12:07 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/18/2015 09:04:29 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/18/2015 08:23:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.6, Zeitstempel: 0x546963f7
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0x1bc4
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5
Error: (01/18/2015 06:48:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Battle.net.exe, Version 1.2.4.5383 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1614
Startzeit: 01d032e21d8c4e68
Endzeit: 24
Anwendungspfad: C:\Program Files (x86)\Battle.net\Battle.net.5383\Battle.net.exe
Berichts-ID: aa5627de-9ed5-11e4-8264-f8a963e5e11f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/18/2015 06:47:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.3.2000, Zeitstempel: 0x546c82a9
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0x9c
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5
Error: (01/17/2015 08:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1604) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU00214.log.
Error: (01/17/2015 07:55:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
System errors:
=============
Error: (01/19/2015 09:49:31 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.
Error: (01/19/2015 09:49:11 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.
Error: (01/19/2015 09:48:51 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.
Error: (01/19/2015 09:48:31 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.
Error: (01/19/2015 09:48:10 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.
Error: (01/19/2015 09:47:51 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.
Error: (01/19/2015 09:47:30 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.
Error: (01/19/2015 09:47:10 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.
Error: (01/19/2015 09:46:52 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.
Error: (01/19/2015 09:46:34 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.
Microsoft Office Sessions:
=========================
Error: (01/19/2015 09:34:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe
Error: (01/19/2015 09:33:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Nick\AppData\Local\Temp\octE4C5.tmp.exe
Error: (01/19/2015 11:24:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452fe91CinPlus-1.0cV15.12-bho64.dll1.0.0.1548e181ac00000fd0000000000068bc7200401d033bdbaaffef9C:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll5921e805-9fc5-11e4-8264-f8a963e5e11f
Error: (01/19/2015 09:12:07 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/18/2015 09:04:29 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/18/2015 08:23:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.6546963f7MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d1bc401d032e1fee77c3eC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dllf071784b-9ee2-11e4-8264-f8a963e5e11f
Error: (01/18/2015 06:48:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Battle.net.exe1.2.4.5383161401d032e21d8c4e6824C:\Program Files (x86)\Battle.net\Battle.net.5383\Battle.net.exeaa5627de-9ed5-11e4-8264-f8a963e5e11f
Error: (01/18/2015 06:47:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcerPortal.exe3.0.3.2000546c82a9MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d9c01d032e23a359cadC:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll86f83346-9ed5-11e4-8264-f8a963e5e11f
Error: (01/17/2015 08:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1604SRUJet: C:\Windows\system32\SRU\SRU00214.log-1811 (0xfffff8ed)
Error: (01/17/2015 07:55:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 50%
Total physical RAM: 8115.27 MB
Available physical RAM: 4049.61 MB
Total Pagefile: 9395.27 MB
Available Pagefile: 5031.44 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:914.95 GB) (Free:838.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E4D040D7)
Partition: GPT Partition Type.
==================== End Of Log ============================
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:45 on 19/01/2015 (Nick)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Nick (administrator) on NICK on 19-01-2015 21:47:39
Running from C:\Users\Nick\Downloads
Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SIEN S.A.) C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe
() C:\Program Files (x86)\Infigo\InfigoOperator.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella242.exe
(Weather Protector LLC) C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe
() C:\Program Files (x86)\BrowseStudio\updateBrowseStudio.exe
() C:\Program Files (x86)\BrowseStudio\bin\utilBrowseStudio.exe
(Word Proser) C:\Program Files (x86)\WordProser_1.10.0.1\Service\wpsvc.exe
(Time Lapse Solutions) C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Cinema Plus1.0V15.12) C:\Program Files (x86)\CinPlus-1.0cV15.12\2e8e0f02-dc74-4bb7-b50c-28e47040ba84.exe
() C:\Program Files (x86)\Search Extensions\Client.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella242.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Users\Nick\AppData\Local\mbot_de_349\upmbot_de_349.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(MAVIN LOG, S.L.) C:\Program Files (x86)\Infigo\Infigo.exe
() C:\Users\Nick\AppData\Roaming\InetStat\inetstat.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Pay By Ads LTD) C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
() C:\Program Files (x86)\mbot_de_349\mbot_de_349.exe
() C:\Program Files (x86)\rec_de_2\rec_de_2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Weather Protector LLC) C:\Program Files (x86)\StormWatch\StormWatch.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\StormWatch\StormWatchApp.exe
(Pokki) C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Cinema Plus1.0V15.12) C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bg.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
() C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [mbot_de_349] => C:\Program Files (x86)\mbot_de_349\mbot_de_349.exe [3977896 2014-12-13] ()
HKLM-x32\...\Run: [rec_de_2] => C:\Program Files (x86)\rec_de_2\rec_de_2.exe [3978408 2014-12-24] ()
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\RunOnce: [upmbot_de_349.exe] => C:\Users\Nick\AppData\Local\mbot_de_349\upmbot_de_349.exe [3307176 2014-12-13] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [RegDXVA1] => C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\abPhoto\SwitchUserVideoKey.reg"
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [SetAsDefault] => C:\Program Files (x86)\Acer\Acer Video Player\SwitchUserVideoKey.bat
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Infigo] => C:\Program Files (x86)\Infigo\Infigo.exe [621320 2014-11-13] (MAVIN LOG, S.L.)
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [InetStat] => C:\Users\Nick\AppData\Roaming\InetStat\inetstat.exe [705038 2014-12-15] ()
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Yahoo! Search] => C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe [634576 2015-01-06] (Pay By Ads LTD)
AppInit_DLLs: C:\PROGRA~3\INTERE~1\INTERE~2.DLL => C:\ProgramData\Interenet Optimizer\InterenetOptimizer_x64.dll [4302848 2014-12-18] ()
AppInit_DLLs-x32: c:\progra~3\intere~1\intere~1.dll => c:\ProgramData\Interenet Optimizer\InterenetOptimizer.dll [4125696 2014-12-18] ()
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe (Weather Protector LLC)
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
ShortcutTarget: StormWatchApp.lnk -> C:\Program Files (x86)\StormWatch\StormWatchApp.exe ()
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52754;https=127.0.0.1:52754
ProxyEnable: [S-1-5-21-4218249386-1005423115-940720447-1002] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:49665;https=127.0.0.1:49665
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gboxapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gboxapp.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=about%3Ablank&OSP=
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.iminent.com/?appId=44B60659-273B-47CE-98DC-BDD1B2A39958
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314
URLSearchHook: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
SearchScopes: HKLM -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggbc_14_48_ie&cd=2XzuyEtN2Y1L1Qzu0Fzz0AzyyCtA0EyD0EtCtC0Fzy0DtB0CtN0D0Tzu0StCtDyCtCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzy0F0Azz0EyEyBtGtB0BtDtAtG0C0CtA0EtGzztDtB0CtGtBzzzzyCtD0AtCyD0DtCtDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0CtD0BtD0A0A0AtGyE0DyEzytGyE0EyBtCtGzy0FtDtBtGtAzyzyyCtCtBtA0F0AtAtDyE2Q&cr=1929472343&ir=
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=44B60659-273B-47CE-98DC-BDD1B2A39958&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> DefaultScope {0ACE29CB-FD90-4D29-B601-A754BCF7A3CE} URL = hxxp://start.iminent.com/?appId=44B60659-273B-47CE-98DC-BDD1B2A39958&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {0ACE29CB-FD90-4D29-B601-A754BCF7A3CE} URL = hxxp://start.iminent.com/?appId=44B60659-273B-47CE-98DC-BDD1B2A39958&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggbc_14_48_ie&cd=2XzuyEtN2Y1L1Qzu0Fzz0AzyyCtA0EyD0EtCtC0Fzy0DtB0CtN0D0Tzu0StCtDyCtCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzy0F0Azz0EyEyBtGtB0BtDtAtG0C0CtA0EtGzztDtB0CtGtBzzzzyCtD0AtCyD0DtCtDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0CtD0BtD0A0A0AtGyE0DyEzytGyE0EyBtCtGzy0FtDtBtGtAzyzyyCtCtBtA0F0AtAtDyE2Q&cr=1929472343&ir=
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {5E7C58D5-E133-4A15-BA68-F2DD836147E2} URL = hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}&r=404
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
BHO: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll (Cinema Plus1.0V15.12)
BHO: FineDealSSoft -> {25977745-2d59-40af-b79b-2f6d19a7dcb0} -> C:\ProgramData\FineDealSSoft\XrFwQRosw6pEa9.x64.dll ()
BHO: TheBestDeals -> {4E4BD58E-9579-033B-30F7-59321AAE7A70} -> C:\Program Files (x86)\ver9TheBestDeals\184_x64.dll ()
BHO: DeallsFiNdeRRPro -> {6c05dd31-32ab-4e29-bb43-1346426334ce} -> C:\ProgramData\DeallsFiNdeRRPro\Ptng2j2cMh1gjy.x64.dll ()
BHO: leisss2pay -> {88eb4233-fc7c-433b-abbe-d554c87e5da8} -> C:\ProgramData\leisss2pay\YTim8DmLxpIx6T.x64.dll ()
BHO: topdeall -> {931fc224-b313-4450-a9ca-11810ce09a5f} -> C:\ProgramData\topdeall\wdb8qXI8r4OBZK.x64.dll ()
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: shopndorop -> {abc1eaf7-9b81-4b91-9fc0-0612010bed49} -> C:\ProgramData\shopndorop\xp0gvHpGDNcMKP.x64.dll ()
BHO: DissccountLocator -> {f6be017f-2579-4fe9-83c6-b011a1179f83} -> C:\ProgramData\DissccountLocator\CyLh9NUE0jPOMh.x64.dll ()
BHO: WordProser -> {F6F484C9-29B9-43EC-A924-DCBAAA86B31D} -> C:\Program Files\WordProser_1.10.0.1\IE\WordProserClientIE.dll (Word Proser)
BHO-x32: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho.dll (Cinema Plus1.0V15.12)
BHO-x32: BrowseStudio 1.0.0.6 -> {1e9e0e98-4ab7-40b0-a0ce-69105c1b7c92} -> C:\Program Files (x86)\BrowseStudio\BrowseStudioBHO.dll (BrowseStudio)
BHO-x32: FineDealSSoft -> {25977745-2d59-40af-b79b-2f6d19a7dcb0} -> C:\ProgramData\FineDealSSoft\XrFwQRosw6pEa9.dll ()
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: TheBestDeals -> {4E4BD58E-9579-033B-30F7-59321AAE7A70} -> C:\Program Files (x86)\ver9TheBestDeals\184.dll ()
BHO-x32: DeallsFiNdeRRPro -> {6c05dd31-32ab-4e29-bb43-1346426334ce} -> C:\ProgramData\DeallsFiNdeRRPro\Ptng2j2cMh1gjy.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
BHO-x32: leisss2pay -> {88eb4233-fc7c-433b-abbe-d554c87e5da8} -> C:\ProgramData\leisss2pay\YTim8DmLxpIx6T.dll ()
BHO-x32: topdeall -> {931fc224-b313-4450-a9ca-11810ce09a5f} -> C:\ProgramData\topdeall\wdb8qXI8r4OBZK.dll ()
BHO-x32: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: shopndorop -> {abc1eaf7-9b81-4b91-9fc0-0612010bed49} -> C:\ProgramData\shopndorop\xp0gvHpGDNcMKP.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DissccountLocator -> {f6be017f-2579-4fe9-83c6-b011a1179f83} -> C:\ProgramData\DissccountLocator\CyLh9NUE0jPOMh.dll ()
BHO-x32: WordProser -> {F6F484C9-29B9-43EC-A924-DCBAAA86B31D} -> C:\Program Files (x86)\WordProser_1.10.0.1\IE\WordProserClientIE.dll (Word Proser)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default
FF NewTab: hxxp://start.iminent.com/?ref=NewTab&appId=44B60659-273B-47CE-98DC-BDD1B2A39958
FF DefaultSearchEngine: StartWeb
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: hxxp://start.iminent.com/?appId=44B60659-273B-47CE-98DC-BDD1B2A39958
FF Keyword.URL: hxxp://rts.dsrlte.com?affID=pr_0955590a-be5a-4784-94b1-abd466ba4a9b&q=
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF SearchPlugin: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\searchplugins\dsrlte.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF Extension: Cinema-Plus-1.8c - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2015-01-07]
FF Extension: deALpEAk - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\CAZNd@v.org [2015-01-18]
FF Extension: CoupScanner - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\F@oxzo.net [2014-12-19]
FF Extension: toppdeal - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\g@9.co.uk [2015-01-02]
FF Extension: eassytosshoP - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\i@Mri86VdY.edu [2015-01-07]
FF Extension: 9b9d2aaaae264447a7a1633a32b19ddd - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd} [2014-12-22]
FF Extension: Iminent - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\firefoxmini@go.im.xpi [2015-01-07]
FF Extension: Locale Switcher - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2014-11-27]
FF Extension: BrowseStudio 1.0.1 - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}.xpi [2014-11-27]
FF Extension: Word Proser - C:\Program Files (x86)\Mozilla Firefox\extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6} [2014-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}] - C:\Program Files (x86)\Mozilla Firefox\extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\extensions\faststartff@gmail.com
FF HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Firefox\Extensions: [{62428898-9012-A545-C4F2-2462E54752A3}] - C:\Program Files (x86)\ver9TheBestDeals\184.xpi
FF Extension: TheBestDeals - C:\Program Files (x86)\ver9TheBestDeals\184.xpi [2014-12-15]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [ehhlaekjfiiojlddgndcnefflngfmhen] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nbljechdpodpbchbmjcoamidppmpnmlc] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 0c632643; c:\ProgramData\Interenet Optimizer\InterenetOptimizerSvc.dll [186192 2014-12-18] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 FCUUjqwoLq; C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe [2726256 2014-12-16] (Time Lapse Solutions)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-15] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-15] (globalUpdate) [File not signed]
R2 GlobalUpdater; C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [378152 2014-12-30] (SIEN S.A.)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-12-17] (Cherished Technololgy LIMITED)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [19720 2014-11-13] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 Internet Enhancer Service; C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe [312320 2015-01-05] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella242.exe [5382304 2014-12-30] (Iminent)
R2 SWUpdater; C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe [17584 2014-11-22] (Weather Protector LLC)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
R2 Update BrowseStudio; C:\Program Files (x86)\BrowseStudio\updateBrowseStudio.exe [529648 2015-01-12] ()
R2 Util BrowseStudio; C:\Program Files (x86)\BrowseStudio\bin\utilBrowseStudio.exe [529648 2015-01-17] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-17] (Fuyu LIMITED) [File not signed]
R2 wpsvc_1.10.0.1; C:\Program Files (x86)\WordProser_1.10.0.1\Service\wpsvc.exe [277584 2014-10-14] (Word Proser)
S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X]
S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 webinstrNewH; C:\Windows\system32\Drivers\webinstrNewH.sys [106456 2014-12-15] (Corsica)
R1 wpnfd_1_10_0_1; C:\Windows\System32\drivers\wpnfd_1_10_0_1.sys [58240 2014-10-14] (Word Proser)
R1 {b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}Gw64; C:\Windows\System32\drivers\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}Gw64.sys [48784 2014-11-27] (StdLib)
R1 {da0b130f-7ef7-4a5c-97ff-4239bbc3502d}Gw64; C:\Windows\System32\drivers\{da0b130f-7ef7-4a5c-97ff-4239bbc3502d}Gw64.sys [48784 2014-12-04] (StdLib)
R1 {da0b130f-7ef7-4a5c-97ff-4239bbc3502d}w64; C:\Windows\System32\drivers\{da0b130f-7ef7-4a5c-97ff-4239bbc3502d}w64.sys [48784 2015-01-09] (StdLib)
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-19 21:48 - 2015-01-19 21:48 - 00096394 _____ () C:\Users\Nick\Downloads\Gmer-19357.exe.crdownload
2015-01-19 21:47 - 2015-01-19 21:47 - 00031858 _____ () C:\Users\Nick\Downloads\FRST.txt
2015-01-19 21:46 - 2015-01-19 21:47 - 02126848 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe
2015-01-19 21:44 - 2015-01-19 21:45 - 00000470 _____ () C:\Users\Nick\Downloads\defogger_disable.log
2015-01-19 21:44 - 2015-01-19 21:44 - 00050477 _____ () C:\Users\Nick\Downloads\Defogger.exe
2015-01-19 21:35 - 2015-01-19 21:35 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-01-19 09:25 - 2015-01-19 09:25 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-01-19 09:25 - 2015-01-19 09:25 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-01-19 09:17 - 2015-01-19 09:17 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-01-18 07:04 - 2015-01-18 07:05 - 00000000 ____D () C:\ProgramData\shopndorop
2015-01-18 06:54 - 2014-12-31 12:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-18 06:49 - 2015-01-18 06:49 - 00003754 _____ () C:\Windows\System32\Tasks\RunTool
2015-01-18 06:49 - 2015-01-18 06:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea
2015-01-18 06:48 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-18 06:48 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-18 06:48 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-18 06:45 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-18 06:45 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-18 06:45 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-18 06:45 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-18 06:44 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-18 06:44 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-18 06:44 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-18 06:44 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 21:01 - 2015-01-19 21:47 - 00000000 ____D () C:\FRST
2015-01-16 21:00 - 2015-01-16 21:00 - 00000000 _____ () C:\Users\Nick\defogger_reenable
2015-01-16 14:36 - 2015-01-16 14:36 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 22:24 - 2015-01-15 22:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG
2015-01-15 22:23 - 2015-01-15 22:23 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg
2015-01-15 22:22 - 2015-01-15 22:24 - 00000000 ____D () C:\ProgramData\AVG
2015-01-15 15:03 - 2015-01-15 15:03 - 00000000 _____ () C:\autoexec.bat
2015-01-15 15:00 - 2015-01-15 15:01 - 00000000 ____D () C:\sh4ldr
2015-01-15 14:39 - 2015-01-15 14:39 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-15 14:06 - 2015-01-15 14:06 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG2015
2015-01-15 14:05 - 2015-01-15 14:05 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\TuneUp Software
2015-01-15 14:04 - 2015-01-17 15:22 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-15 14:04 - 2015-01-15 14:04 - 00000000 ___HD () C:\$AVG
2015-01-15 14:03 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-15 14:02 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-15 14:02 - 2015-01-15 14:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg2015
2015-01-15 14:02 - 2015-01-15 14:02 - 00000000 ____D () C:\Users\Nick\AppData\Local\MFAData
2015-01-09 16:37 - 2015-01-09 03:24 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{da0b130f-7ef7-4a5c-97ff-4239bbc3502d}w64.sys
2015-01-07 13:02 - 2015-01-17 19:43 - 00000000 ____D () C:\Program Files (x86)\Iminent
2015-01-06 17:06 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance
2015-01-06 17:06 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WaInterEnhance
2015-01-06 11:04 - 2015-01-17 19:44 - 00000000 ____D () C:\ProgramData\leisss2pay
2015-01-06 11:03 - 2015-01-17 19:44 - 00000000 ____D () C:\ProgramData\DissccountLocator
2015-01-03 17:58 - 2015-01-03 17:58 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WB Games
2015-01-03 17:38 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WB Games
2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Rovio
2015-01-03 17:10 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
2015-01-03 17:10 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\Rovio
2015-01-03 17:10 - 2015-01-03 17:10 - 00001094 _____ () C:\Users\Public\Desktop\Bad Piggies.lnk
2015-01-01 12:15 - 2015-01-17 19:44 - 00000000 ____D () C:\ProgramData\FineDealSSoft
2015-01-01 12:02 - 2015-01-17 19:20 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pay-By-Ads
2015-01-01 12:02 - 2015-01-06 14:55 - 00003482 _____ () C:\Windows\System32\Tasks\Yahoo! Search Updater
2015-01-01 12:02 - 2015-01-06 14:55 - 00003478 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-12-25 19:29 - 2015-01-17 19:43 - 00000000 ____D () C:\Program Files (x86)\rec_de_2
2014-12-25 19:29 - 2014-12-26 13:27 - 00000000 ____D () C:\Program Files (x86)\MyBestOffersToday
2014-12-25 19:29 - 2014-12-25 19:29 - 00000000 ____D () C:\Users\Nick\AppData\Local\rec_de_2
2014-12-25 00:25 - 2014-12-25 00:25 - 00000000 ____D () C:\ZombieNews
2014-12-24 20:24 - 2014-12-24 20:24 - 00001270 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-12-24 20:24 - 2014-12-24 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-12-24 19:42 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-12-24 18:25 - 2014-12-24 18:25 - 00000000 ____D () C:\Users\Nick\AppData\Local\Blizzard Entertainment
2014-12-24 18:24 - 2015-01-19 20:13 - 00000000 ____D () C:\Users\Nick\AppData\Local\Battle.net
2014-12-24 18:24 - 2015-01-17 19:44 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Battle.net
2014-12-24 18:24 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-12-23 20:19 - 2015-01-17 19:44 - 00000000 ____D () C:\ProgramData\topdeall
2014-12-23 20:19 - 2015-01-17 19:44 - 00000000 ____D () C:\ProgramData\DeallsFiNdeRRPro
2014-12-23 11:59 - 2014-12-23 11:59 - 00000000 ____D () C:\ProgramData\OnlineLowDeals
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-19 21:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-19 21:39 - 2014-11-27 18:57 - 00000000 ___RD () C:\Users\Nick\OneDrive
2015-01-19 21:38 - 2014-11-27 18:59 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{21898380-5491-4791-BB9B-793C6C26EEF0}
2015-01-19 21:37 - 2014-11-27 18:55 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4218249386-1005423115-940720447-1002
2015-01-19 21:36 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Skype
2015-01-19 21:36 - 2014-08-31 20:16 - 01538564 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 21:36 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-19 21:35 - 2014-12-15 14:04 - 00000000 ____D () C:\Users\Nick\AppData\Local\mbot_de_349
2015-01-19 21:35 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-19 21:34 - 2014-11-27 18:52 - 00002293 _____ () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-01-19 21:34 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pokki
2015-01-19 21:33 - 2014-11-27 18:50 - 00000000 ____D () C:\Users\Nick\AppData\Local\clear.fi
2015-01-19 21:32 - 2014-12-15 14:08 - 00004496 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-4.job
2015-01-19 21:32 - 2014-12-15 14:08 - 00003126 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-1.job
2015-01-19 21:32 - 2014-12-15 14:08 - 00002448 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5_user.job
2015-01-19 21:32 - 2014-12-15 14:08 - 00002448 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5.job
2015-01-19 21:32 - 2014-12-15 14:08 - 00001430 _____ () C:\Windows\Tasks\2e8e0f02-dc74-4bb7-b50c-28e47040ba84.job
2015-01-19 21:32 - 2014-12-15 14:07 - 00005186 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-11.job
2015-01-19 21:32 - 2014-12-15 14:07 - 00004160 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-3.job
2015-01-19 21:32 - 2014-12-15 14:07 - 00000996 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-19 21:32 - 2014-12-15 14:07 - 00000632 _____ () C:\Windows\Tasks\ce3a5f13-686d-4a84-840f-755623fb3ddf.job
2015-01-19 21:30 - 2013-08-22 15:46 - 00022695 _____ () C:\Windows\setupact.log
2015-01-19 21:30 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-19 21:29 - 2014-12-18 18:23 - 00000000 ____D () C:\ProgramData\WowCoupon
2015-01-19 21:29 - 2014-03-18 10:54 - 00029258 _____ () C:\Windows\PFRO.log
2015-01-19 21:29 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-19 20:08 - 2014-11-27 19:08 - 00000298 _____ () C:\Windows\Tasks\WSE_Vosteran.job
2015-01-19 14:18 - 2014-12-15 14:13 - 00001000 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job
2015-01-19 13:59 - 2014-11-27 19:09 - 00000000 ____D () C:\Users\Nick\AppData\Local\CrashDumps
2015-01-19 12:46 - 2014-11-27 19:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-19 10:21 - 2014-12-16 10:44 - 00000000 ____D () C:\Users\Nick\AppData\Local\ZombieNews
2015-01-19 09:08 - 2014-11-27 20:08 - 00000198 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2015-01-19 08:55 - 2014-11-30 15:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-18 16:13 - 2014-11-30 15:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-18 10:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-18 08:47 - 2014-12-15 14:07 - 00000000 ____D () C:\Program Files (x86)\CinPlus-1.0cV15.12
2015-01-18 08:24 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-18 07:05 - 2014-12-18 18:23 - 00000000 ____D () C:\ProgramData\39eba0e3893754d0
2015-01-17 20:02 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini
2015-01-17 20:00 - 2014-11-27 19:07 - 00000000 ____D () C:\Program Files (x86)\BrowseStudio
2015-01-17 19:54 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick
2015-01-17 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-01-17 19:47 - 2014-08-31 19:30 - 00000000 ____D () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701}
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-01-17 19:44 - 2014-12-18 10:01 - 00000000 ____D () C:\ProgramData\Interenet Optimizer
2015-01-17 19:44 - 2014-12-17 14:07 - 00000000 ____D () C:\ProgramData\Browser
2015-01-17 19:44 - 2014-12-17 10:29 - 00000000 ____D () C:\Users\Nick\AppData\Local\Weather_Protector_LLC
2015-01-17 19:44 - 2014-12-17 10:28 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-01-17 19:44 - 2014-12-16 10:40 - 00000000 ____D () C:\ProgramData\OqQeGinkA
2015-01-17 19:44 - 2014-12-05 08:24 - 00000000 ___RD () C:\Windows\BrowserChoice
2015-01-17 19:44 - 2014-08-31 19:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Temp
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\install_clap
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-17 19:44 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-01-17 19:43 - 2014-12-17 10:29 - 00000000 ____D () C:\Program Files (x86)\Wajam
2015-01-17 19:43 - 2014-12-17 10:29 - 00000000 ____D () C:\Program Files (x86)\StormWatch
2015-01-17 19:43 - 2014-12-17 10:28 - 00000000 ____D () C:\Program Files (x86)\SupTab
2015-01-17 19:43 - 2014-12-15 14:12 - 00000000 ____D () C:\Program Files (x86)\ver9TheBestDeals
2015-01-17 19:43 - 2014-12-15 14:05 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2015-01-17 19:43 - 2014-12-15 14:04 - 00000000 ____D () C:\Program Files (x86)\mbot_de_349
2015-01-17 19:43 - 2014-12-06 09:34 - 00000000 ____D () C:\Program Files (x86)\Infigo
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee.com
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-17 19:43 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-17 19:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration
2015-01-17 19:24 - 2014-09-01 04:36 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\winrm
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Vss
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\vpnplugins
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-RS
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\spp
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\networklist
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MsDtc
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Licenses
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SystemResources
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\slmgr
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Media.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spp
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spool
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Speech
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\networklist
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MsDtc
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Licenses
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\SMI
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-17 19:22 - 2014-12-05 08:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-17 19:22 - 2014-11-27 18:50 - 00000000 ____D () C:\Windows\oem
2015-01-17 19:22 - 2014-09-01 04:29 - 00000000 ____D () C:\Windows\NAPP_Dism_Log
2015-01-17 19:22 - 2014-03-18 10:45 - 00000000 ____D () C:\Windows\SKB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\Configuration
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\InputMethod
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\IME
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Speech
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Resources
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PLA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Performance
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\InputMethod
2015-01-17 19:22 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing
2015-01-17 19:21 - 2014-12-17 10:29 - 00000000 ____D () C:\Users\Nick\AppData\Local\StormWatch
2015-01-17 19:21 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla
2015-01-17 19:21 - 2014-11-27 19:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WSE_Vosteran
2015-01-17 19:21 - 2014-08-31 19:50 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-17 19:21 - 2014-07-25 22:28 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Globalization
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Branding
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ADFS
2015-01-17 19:20 - 2014-12-17 15:33 - 00000000 ____D () C:\Users\Nick\AppData\Local\speed browser
2015-01-17 19:20 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Local\Skype
2015-01-17 19:20 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla
2015-01-17 19:20 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages
2015-01-17 19:19 - 2014-12-16 10:39 - 00000000 ____D () C:\Program Files\WordProser_1.10.0.1
2015-01-17 19:19 - 2014-12-14 11:12 - 00000000 ____D () C:\ProgramData\Battle.net
2015-01-17 19:19 - 2014-11-30 18:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\CyberLink
2015-01-17 19:19 - 2014-11-29 15:04 - 00000000 ____D () C:\ProgramData\Skype
2015-01-17 19:19 - 2014-11-27 19:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-17 19:19 - 2014-08-31 19:50 - 00000000 ____D () C:\ProgramData\CLSK
2015-01-17 19:19 - 2014-08-31 19:34 - 00000000 ____D () C:\Program Files\Realtek
2015-01-17 19:19 - 2014-08-31 19:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-17 19:19 - 2014-08-31 19:21 - 00000000 ____D () C:\ProgramData\Intel
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:23 - 00000000 ____D () C:\ProgramData\WildTangent
2015-01-17 19:19 - 2014-07-25 22:22 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\OEM
2015-01-17 19:19 - 2014-07-25 22:20 - 00000000 ____D () C:\ProgramData\acer
2015-01-17 19:19 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-17 19:19 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-17 19:19 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-01-17 19:18 - 2014-12-17 15:33 - 00000000 ____D () C:\Program Files (x86)\speed browser
2015-01-17 19:18 - 2014-12-16 10:39 - 00000000 ____D () C:\Program Files (x86)\WordProser_1.10.0.1
2015-01-17 19:18 - 2014-12-15 14:07 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-17 19:18 - 2014-11-29 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-17 19:18 - 2014-11-27 19:36 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-17 19:18 - 2014-11-27 18:50 - 00000000 ____D () C:\Program Files (x86)\OEM
2015-01-17 19:18 - 2014-08-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-17 19:18 - 2014-08-31 19:46 - 00000000 ____D () C:\Program Files (x86)\Spotify
2015-01-17 19:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-01-17 19:18 - 2014-08-31 19:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-17 19:18 - 2014-08-31 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files\Intel
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-17 19:18 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\Foxit PhantomPDF
2015-01-17 19:18 - 2014-07-25 22:26 - 00000000 ____D () C:\Program Files\Acer
2015-01-17 19:18 - 2014-07-25 22:24 - 00000000 ____D () C:\Program Files (x86)\WildGames
2015-01-17 19:18 - 2014-07-25 22:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-17 19:18 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-17 19:17 - 2014-11-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Brick-Force
2015-01-17 19:17 - 2014-07-25 22:57 - 00000000 ___HD () C:\OEM
2015-01-16 05:19 - 2014-07-25 22:58 - 00000000 ____D () C:\Windows\Panther
2015-01-15 17:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-15 14:13 - 2014-11-27 19:10 - 00000000 ____D () C:\Users\Public\OEM
2015-01-15 13:59 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator
2015-01-13 16:42 - 2014-11-28 17:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\.minecraft
2015-01-06 01:08 - 2014-12-05 08:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-12-05 08:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-03 17:10 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\VirtualStore
==================== Files in the root of some directories =======
2014-12-15 14:08 - 2014-12-15 14:08 - 1545696 _____ (Cinema Plus1.0V15.12) C:\Users\Nick\AppData\Roaming\EJSP.exe
2014-12-15 14:07 - 2014-12-15 14:07 - 2031584 _____ (Cinema Plus1.0V15.12) C:\Users\Nick\AppData\Roaming\FYIKETTA.exe
2014-11-27 20:08 - 2015-01-19 09:08 - 0000198 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2014-11-29 10:08 - 2014-12-17 10:08 - 0000001 _____ () C:\Users\Nick\AppData\Local\DSI.DAT
2014-11-29 10:08 - 2014-11-29 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup1444812342.exe
2014-12-02 14:08 - 2014-12-02 14:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4180595462.exe
2014-12-17 10:08 - 2014-12-17 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4535986252.exe
2014-08-31 19:34 - 2014-08-31 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-06 09:34 - 2014-12-06 09:34 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.dll
C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.exe
C:\Users\Nick\AppData\Local\Temp\58A0271C-DAA9-E0B9-2984-AC25A29A9884.exe
C:\Users\Nick\AppData\Local\Temp\ICReinstall_adobe_flash_setup.exe
C:\Users\Nick\AppData\Local\Temp\ICReinstall_FirefoxSetup.exe
C:\Users\Nick\AppData\Local\Temp\oct8D03.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octE0DF.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octE4C5.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octF576.tmp.exe
C:\Users\Nick\AppData\Local\Temp\optprosetup.exe
C:\Users\Nick\AppData\Local\Temp\rt-update.exe
C:\Users\Nick\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nick\AppData\Local\Temp\sysad.exe
C:\Users\Nick\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Nick\AppData\Local\Temp\System.Data.SQLite3c77ea22-6f8d-4996-b236-dc6fe42eecea.dll
C:\Users\Nick\AppData\Local\Temp\updatecertmanager.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-03 20:14
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-19 22:17:12
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002f WDC_WD10JPVX-22JC3T0 rev.01.01A01 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Nick\AppData\Local\Temp\ugldqpoc.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\nvvsvc.exe[1016] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007fffa0e6169a 4 bytes [E6, A0, FF, 7F]
.text C:\Windows\system32\nvvsvc.exe[1016] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007fffa0e616a2 4 bytes [E6, A0, FF, 7F]
.text C:\Windows\system32\nvvsvc.exe[1016] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007fffa0e6181a 4 bytes [E6, A0, FF, 7F]
.text C:\Windows\system32\nvvsvc.exe[1016] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007fffa0e61832 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2176] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506 00007fffa0e6169a 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2176] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514 00007fffa0e616a2 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2176] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118 00007fffa0e6181a 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2176] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142 00007fffa0e61832 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[4432] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007fff84e81f6a 4 bytes [E8, 84, FF, 7F]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[4432] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007fff84e81f82 4 bytes [E8, 84, FF, 7F]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4552] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007fffa0e6169a 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4552] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007fffa0e616a2 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4552] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007fffa0e6181a 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4552] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007fffa0e61832 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4336] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506 00007fffa0e6169a 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4336] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514 00007fffa0e616a2 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4336] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118 00007fffa0e6181a 4 bytes [E6, A0, FF, 7F]
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[4336] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142 00007fffa0e61832 4 bytes [E6, A0, FF, 7F]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [632:648] fffff960008f9b90
Thread C:\Windows\System32\SettingSyncHost.exe [1308:5632] 00007fff8c1d6da0
---- Processes - GMER 2.1 ----
Process C:\ProgramData\IePluginServices\PluginService.exe (*** suspicious ***) @ C:\ProgramData\IePluginServices\PluginService.exe [1452] (IePlugin Service/Cherished Technololgy LIMITED)(2014-12-17 09:28:53) 0000000000270000
Process C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (*** suspicious ***) @ C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [1496] (WindowsProtectManger Service/Fuyu LIMITED)(2014-12-17 09:28:45) 0000000001190000
Library c:\progra~3\intere~1\InterenetOptimizerSvc.dll (*** suspicious ***) @ C:\Windows\SysWOW64\rundll32.exe [1724] (FILE NOT FOUND) 0000000074bf0000
Library c:\progra~3\intere~1\intere~1.dll (*** suspicious ***) @ C:\Windows\SysWOW64\rundll32.exe [1724](2014-12-18 09:01:47) 000000006eec0000
Process C:\Users\Nick\AppData\Roaming\InetStat\inetstat.exe (*** suspicious ***) @ C:\Users\Nick\AppData\Roaming\InetStat\inetstat.exe [4720](2014-12-15 13:02:54) 0000000000400000
Process C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe (*** suspicious ***) @ C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe [4952] (FILE NOT FOUND) 0000000001120000
Library C:\Users\Nick\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe [5928] (Chromium/The Chromium Authors)(2014-12-31 22:57:14) 0000000060900000
Library C:\Users\Nick\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe [5928] (ICU Data DLL/The ICU Project)(2014-12-31 22:52:38) 000000005cbd0000
Library C:\ProgramData\FineDealSSoft\XrFwQRosw6pEa9.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2 00007fff8c5d0000
Library C:\ProgramData\DeallsFiNdeRRPro\Ptng2j2cMh1gjy.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2014-12-23 19:19:27) 00007fff8c4d0000
Library C:\ProgramData\leisss2pay\YTim8DmLxpIx6T.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2015-01 00007fff8ae00000
Library C:\ProgramData\topdeall\wdb8qXI8r4OBZK.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2014-12-23 00007fff85cf0000
Library C:\ProgramData\shopndorop\xp0gvHpGDNcMKP.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2015-01 00007fff81c00000
Library C:\ProgramData\DissccountLocator\CyLh9NUE0jPOMh.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2015-01-06 10:03:51) 00007fff81b40000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
bitteschön Gruß Anja |
|
20.01.2015, 18:01
| #18 |
| /// the machine /// TB-Ausbilder | Sicherheitswarnung zu meinem Internetzugang durch die Telekom Holy Crap
__________________ Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
20.01.2015, 21:01
| #19 |
| | Sicherheitswarnung zu meinem Internetzugang durch die Telekom So schlimm BrowseStudio konnte ich nicht finden Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malware Protection, Starting, Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malware Protection, Started, Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malicious Website Protection, Starting, Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malicious Website Protection, Started, Update, 20.01.2015 19:57:25, SYSTEM, NICK, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, Update, 20.01.2015 19:57:26, SYSTEM, NICK, Manual, Rootkit Database, 2014.11.18.1, 2015.1.14.1, Update, 20.01.2015 19:58:10, SYSTEM, NICK, Manual, Malware Database, 2014.11.20.6, 2015.1.20.8, Protection, 20.01.2015 19:58:10, SYSTEM, NICK, Protection, Refresh, Starting, Protection, 20.01.2015 19:58:10, SYSTEM, NICK, Protection, Malicious Website Protection, Stopping, Protection, 20.01.2015 19:58:10, SYSTEM, NICK, Protection, Malicious Website Protection, Stopped, Protection, 20.01.2015 19:58:14, SYSTEM, NICK, Protection, Refresh, Success, Protection, 20.01.2015 19:58:14, SYSTEM, NICK, Protection, Malicious Website Protection, Starting, Protection, 20.01.2015 19:58:15, SYSTEM, NICK, Protection, Malicious Website Protection, Started, Detection, 20.01.2015 20:15:46, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.BrowseStudio.A, C:\Program Files (x86)\BrowseStudio\BrowseStudioUn.exe, Quarantine, [3b6d8f6ac3c6330388a788648b7639c7] Detection, 20.01.2015 20:15:50, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [733549b0ef9a0b2b2d8f1e3be91a08f8] Detection, 20.01.2015 20:16:11, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [733549b0ef9a0b2b2d8f1e3be91a08f8] Detection, 20.01.2015 20:16:14, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [733549b0ef9a0b2b2d8f1e3be91a08f8] Detection, 20.01.2015 20:16:18, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [733549b0ef9a0b2b2d8f1e3be91a08f8] Detection, 20.01.2015 20:16:32, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [733549b0ef9a0b2b2d8f1e3be91a08f8] Detection, 20.01.2015 20:16:36, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [733549b0ef9a0b2b2d8f1e3be91a08f8] Detection, 20.01.2015 20:18:00, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantine, [792ff9005f2aad89077b0c497a89df21] Detection, 20.01.2015 20:20:34, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SpeedBrowser.A, C:\Program Files (x86)\speed browser\Application\browser.exe, Quarantine Failed, 5, Zugriff verweigert , [2088c534e2a746f0a43c6403c14228d8] Detection, 20.01.2015 20:23:01, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [733549b0ef9a0b2b2d8f1e3be91a08f8] Detection, 20.01.2015 20:23:31, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, Quarantine, [7d2b9f5a7e0be4523b81e3766e957789] Protection, 20.01.2015 20:25:07, SYSTEM, NICK, Protection, Malware Protection, Starting, Protection, 20.01.2015 20:25:07, SYSTEM, NICK, Protection, Malware Protection, Started, Protection, 20.01.2015 20:25:07, SYSTEM, NICK, Protection, Malicious Website Protection, Starting, Protection, 20.01.2015 20:25:08, SYSTEM, NICK, Protection, Malicious Website Protection, Started, Detection, 20.01.2015 20:26:18, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine, [8d1ba059f198fc3aedcf5009ac57cb35] Detection, 20.01.2015 20:26:42, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Quarantine, [6f39faffcebb48ee922a481140c33dc3] Detection, 20.01.2015 20:26:42, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Quarantine, [fdab6e8ba2e71a1cd2ea3a1f669d42be] Detection, 20.01.2015 20:26:42, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Quarantine, [7d2b33c60c7df83edce078e1a261df21] Detection, 20.01.2015 20:28:19, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\msvcp110.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden. , [6f39faffcebb48ee922a481140c33dc3] Detection, 20.01.2015 20:28:19, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\msvcr110.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden. , [fdab6e8ba2e71a1cd2ea3a1f669d42be] Detection, 20.01.2015 20:28:20, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\windowssupportdll64.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden. , [8d1ba059f198fc3aedcf5009ac57cb35] Detection, 20.01.2015 20:28:20, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\windowssupportdll32.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden. , [7d2b33c60c7df83edce078e1a261df21] (end) Code:
ATTFilter # AdwCleaner v4.108 - Bericht erstellt am 20/01/2015 um 20:42:06
# Aktualisiert 17/01/2015 von Xplode
# Database : 2015-01-18.1 [Live]
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Nick - NICK
# Gestartet von : C:\Users\Nick\Downloads\AdwCleaner_4.108.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
[!] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Infigo
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\MyBestOffersToday
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\RocketTabInstalled
Schlüssel Gelöscht : HKCU\Software\Search Extensions
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\StormWatchApp
Schlüssel Gelöscht : HKCU\Software\BrowseStudio
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\MyBestOffersToday
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\supWPM
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBrowser
Schlüssel Gelöscht : HKLM\SOFTWARE\mystartsearchSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\BrowseStudio
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZombieNews
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speed browser
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17416
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v34.0.5 (x86 de)
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.1betXNgUu0ry1KV3.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazo[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22DE%22%3A%7B%22ALL%22%3A%5B%22anastasiadate.com%22%2C%22option[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.crossrider.bic", "14a4e125e47398c82eba5714449bbc3c");
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.BirthDate", "1420632139");
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.adapters", "{\"de.iminent.com\":{\"CountryCode\":\"IT\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"14206321657618[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"urlhxxps\[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
*************************
AdwCleaner[R0].txt - [22738 octets] - [20/01/2015 20:34:38]
AdwCleaner[R1].txt - [7243 octets] - [20/01/2015 20:39:36]
AdwCleaner[S0].txt - [14499 octets] - [20/01/2015 20:38:31]
AdwCleaner[S1].txt - [5817 octets] - [20/01/2015 20:42:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5877 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Nick on 20.01.2015 at 20:46:43,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4218249386-1005423115-940720447-1002\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\Nick\AppData\Roaming\mozilla\firefox\profiles\1fes414j.default\prefs.js
user_pref("extensions.0NG6EAy41KJKq8PO.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnale
user_pref("extensions.ZGyzPlc8FlL8RbbK.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnale
user_pref("extensions.cNJOTCNSXDHbnXh9.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnale
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.01.2015 at 20:49:33,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015 Ran by Nick (administrator) on NICK on 20-01-2015 20:58:22 Running from C:\Users\Nick\Downloads Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Pokki) C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor) HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM-x32\...\Run: [mbot_de_349] => [X] HKLM-x32\...\Run: [rec_de_2] => [X] HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] () HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications)) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [RegDXVA1] => C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\abPhoto\SwitchUserVideoKey.reg" HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [SetAsDefault] => C:\Program Files (x86)\Acer\Acer Video Player\SwitchUserVideoKey.bat HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Infigo] => C:\Program Files (x86)\Infigo\Infigo.exe onrun IFEO\ContentExplorer.exe: [Debugger] TaskList.exe IFEO\internetenhancer.exe: [Debugger] TaskList.exe IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File) ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:58526;https=127.0.0.1:58526 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=about%3Ablank&OSP= StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default FF NewTab: FF SelectedSearchEngine: FF Keyword.URL: FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Extension: Cinema-Plus-1.8c - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2015-01-07] FF Extension: 9b9d2aaaae264447a7a1633a32b19ddd - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd} [2014-12-22] FF Extension: Locale Switcher - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2014-11-27] FF Extension: BrowseStudio 1.0.1 - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}.xpi [2014-11-27] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated) S2 FCUUjqwoLq; C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe [2726256 2014-12-16] () [File not signed] R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X] S2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-20] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation) R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X] S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-20 20:49 - 2015-01-20 20:49 - 00002016 _____ () C:\Users\Nick\Desktop\JRT.txt 2015-01-20 20:46 - 2015-01-20 20:46 - 00000000 ____D () C:\Windows\ERUNT 2015-01-20 20:45 - 2015-01-20 20:45 - 00005981 _____ () C:\Users\Nick\Desktop\AdwCleaner[S1].txt 2015-01-20 20:34 - 2015-01-20 20:42 - 00000000 ____D () C:\AdwCleaner 2015-01-20 20:30 - 2015-01-20 20:30 - 00006148 _____ () C:\Users\Nick\Desktop\mbam.txt 2015-01-20 20:16 - 2015-01-20 20:16 - 00003112 _____ () C:\Windows\System32\Tasks\{5EE2478D-F235-4D61-88B7-D5096E360D17} 2015-01-20 19:57 - 2015-01-20 20:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-20 19:57 - 2015-01-20 19:57 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-01-20 19:57 - 2015-01-20 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-01-20 19:56 - 2015-01-20 19:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-01-20 19:56 - 2015-01-20 19:56 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-20 19:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-20 19:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-20 19:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-01-20 19:54 - 2015-01-20 19:55 - 01707939 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe 2015-01-20 19:53 - 2015-01-20 19:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-2.0.4.1028.exe 2015-01-20 19:53 - 2015-01-20 19:54 - 02186752 _____ () C:\Users\Nick\Downloads\AdwCleaner_4.108.exe 2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\shopndorop 2015-01-20 19:09 - 2015-01-20 19:09 - 00000000 ____D () C:\Program Files (x86)\leisss2pay 2015-01-20 19:05 - 2015-01-20 19:05 - 00000000 ____D () C:\Program Files (x86)\FineDealSSoft 2015-01-20 19:04 - 2015-01-20 19:04 - 00000000 ____D () C:\Program Files (x86)\DissccountLocator 2015-01-20 19:02 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files (x86)\DeallsFiNdeRRPro 2015-01-20 18:56 - 2015-01-20 18:56 - 00001284 _____ () C:\Users\Nick\Desktop\Revo Uninstaller.lnk 2015-01-20 18:56 - 2015-01-20 18:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2015-01-20 18:55 - 2015-01-20 18:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nick\Downloads\revosetup95.exe 2015-01-19 22:20 - 2015-01-19 22:20 - 00000865 _____ () C:\Users\Nick\Desktop\Downloads - Verknüpfung.lnk 2015-01-19 22:17 - 2015-01-19 22:17 - 00009537 _____ () C:\Users\Nick\Downloads\Gmer.txt 2015-01-19 21:51 - 2015-01-19 21:51 - 00066046 _____ () C:\Users\Nick\Downloads\FRST.txt 1.txt 2015-01-19 21:51 - 2015-01-19 21:51 - 00040394 _____ () C:\Users\Nick\Downloads\Addition.txt 1.txt 2015-01-19 21:48 - 2015-01-19 21:49 - 00040394 _____ () C:\Users\Nick\Downloads\Addition.txt 2015-01-19 21:48 - 2015-01-19 21:48 - 00380416 _____ () C:\Users\Nick\Downloads\Gmer-19357.exe 2015-01-19 21:47 - 2015-01-20 20:58 - 00016855 _____ () C:\Users\Nick\Downloads\FRST.txt 2015-01-19 21:47 - 2015-01-19 21:52 - 00862496 _____ (CoinisRevShare) C:\Users\Nick\Downloads\adobe_flash_setup.exe 2015-01-19 21:46 - 2015-01-19 21:47 - 02126848 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe 2015-01-19 21:44 - 2015-01-19 21:45 - 00000470 _____ () C:\Users\Nick\Downloads\defogger_disable.log 2015-01-19 21:44 - 2015-01-19 21:44 - 00050477 _____ () C:\Users\Nick\Downloads\Defogger.exe 2015-01-19 21:35 - 2015-01-19 21:35 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk 2015-01-19 09:25 - 2015-01-19 09:25 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud 2015-01-19 09:25 - 2015-01-19 09:25 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk 2015-01-19 09:17 - 2015-01-19 09:17 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk 2015-01-18 06:54 - 2014-12-31 12:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-01-18 06:49 - 2015-01-18 06:49 - 00003754 _____ () C:\Windows\System32\Tasks\RunTool 2015-01-18 06:49 - 2015-01-18 06:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea 2015-01-18 06:48 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2015-01-18 06:48 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2015-01-18 06:48 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-01-18 06:48 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2015-01-18 06:48 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2015-01-18 06:48 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-01-18 06:48 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-01-18 06:48 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-01-18 06:48 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-01-18 06:48 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2015-01-18 06:48 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2015-01-18 06:48 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-01-18 06:48 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-01-18 06:48 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-01-18 06:48 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-01-18 06:48 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2015-01-18 06:48 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-01-18 06:45 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-18 06:45 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-18 06:45 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys 2015-01-18 06:45 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-18 06:44 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-01-18 06:44 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-18 06:44 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-01-18 06:44 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-01-16 21:01 - 2015-01-20 20:58 - 00000000 ____D () C:\FRST 2015-01-16 21:00 - 2015-01-16 21:00 - 00000000 _____ () C:\Users\Nick\defogger_reenable 2015-01-16 14:36 - 2015-01-16 14:36 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-15 22:24 - 2015-01-15 22:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG 2015-01-15 22:23 - 2015-01-15 22:23 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg 2015-01-15 22:22 - 2015-01-15 22:24 - 00000000 ____D () C:\ProgramData\AVG 2015-01-15 15:03 - 2015-01-15 15:03 - 00000000 _____ () C:\autoexec.bat 2015-01-15 15:00 - 2015-01-15 15:01 - 00000000 ____D () C:\sh4ldr 2015-01-15 14:39 - 2015-01-15 14:39 - 00000000 ____D () C:\Program Files\Enigma Software Group 2015-01-15 14:06 - 2015-01-15 14:06 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG2015 2015-01-15 14:05 - 2015-01-15 14:05 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\TuneUp Software 2015-01-15 14:04 - 2015-01-17 15:22 - 00000000 ____D () C:\ProgramData\AVG2015 2015-01-15 14:04 - 2015-01-15 14:04 - 00000000 ___HD () C:\$AVG 2015-01-15 14:03 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-01-15 14:02 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\MFAData 2015-01-15 14:02 - 2015-01-15 14:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg2015 2015-01-15 14:02 - 2015-01-15 14:02 - 00000000 ____D () C:\Users\Nick\AppData\Local\MFAData 2015-01-03 17:58 - 2015-01-03 17:58 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WB Games 2015-01-03 17:38 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WB Games 2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Rovio 2015-01-03 17:10 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio 2015-01-03 17:10 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\Rovio 2015-01-03 17:10 - 2015-01-03 17:10 - 00001094 _____ () C:\Users\Public\Desktop\Bad Piggies.lnk 2014-12-24 20:24 - 2014-12-24 20:24 - 00001270 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk 2014-12-24 20:24 - 2014-12-24 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2014-12-24 19:42 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft 2014-12-24 18:25 - 2014-12-24 18:25 - 00000000 ____D () C:\Users\Nick\AppData\Local\Blizzard Entertainment 2014-12-24 18:24 - 2015-01-20 19:24 - 00000000 ____D () C:\Users\Nick\AppData\Local\Battle.net 2014-12-24 18:24 - 2015-01-17 19:44 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Battle.net 2014-12-24 18:24 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-20 20:56 - 2014-08-31 20:16 - 01793945 _____ () C:\Windows\WindowsUpdate.log 2015-01-20 20:53 - 2014-11-27 19:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-20 20:53 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru 2015-01-20 20:52 - 2014-11-27 18:55 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4218249386-1005423115-940720447-1002 2015-01-20 20:44 - 2014-11-27 18:57 - 00000000 ____D () C:\Users\Nick\OneDrive 2015-01-20 20:43 - 2013-08-22 15:46 - 00023043 _____ () C:\Windows\setupact.log 2015-01-20 20:43 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-20 20:42 - 2014-03-18 10:54 - 00041090 _____ () C:\Windows\PFRO.log 2015-01-20 20:39 - 2014-11-27 19:09 - 00000000 ____D () C:\Users\Nick\AppData\Local\CrashDumps 2015-01-20 20:18 - 2014-12-15 14:13 - 00001000 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job 2015-01-20 19:52 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pokki 2015-01-20 19:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF 2015-01-20 19:28 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-01-20 19:01 - 2014-11-27 18:59 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{21898380-5491-4791-BB9B-793C6C26EEF0} 2015-01-20 15:08 - 2014-11-27 20:08 - 00000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG 2015-01-20 14:53 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Skype 2015-01-19 21:36 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer 2015-01-19 21:35 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2015-01-19 21:34 - 2014-11-27 18:52 - 00002293 _____ () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2015-01-19 21:33 - 2014-11-27 18:50 - 00000000 ____D () C:\Users\Nick\AppData\Local\clear.fi 2015-01-19 08:55 - 2014-11-30 15:18 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-18 16:13 - 2014-11-30 15:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-18 10:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-01-18 08:24 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp 2015-01-17 20:02 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini 2015-01-17 19:54 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick 2015-01-17 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices 2015-01-17 19:47 - 2014-08-31 19:30 - 00000000 ____D () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701} 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera 2015-01-17 19:44 - 2014-12-16 10:40 - 00000000 ____D () C:\ProgramData\OqQeGinkA 2015-01-17 19:44 - 2014-12-05 08:24 - 00000000 ___RD () C:\Windows\BrowserChoice 2015-01-17 19:44 - 2014-08-31 19:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee 2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee 2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Temp 2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\install_clap 2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Macromed 2015-01-17 19:44 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep 2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee.com 2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee 2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee 2015-01-17 19:43 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP 2015-01-17 19:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration 2015-01-17 19:24 - 2014-09-01 04:36 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\winrm 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\slmgr 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\winrm 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Vss 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\vpnplugins 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\th-TH 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-RS 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\spp 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Speech 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\networklist 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MsDtc 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Licenses 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\IME 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\he-IL 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\et-EE 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SystemResources 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\zh-HK 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System 2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\slmgr 2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Media.Shared 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\uk-UA 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\tr-TR 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\th-TH 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spp 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spool 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Speech 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sl-SI 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sk-SK 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ro-RO 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\networklist 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MsDtc 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lv-LV 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lt-LT 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Licenses 2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\SMI 2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe 2015-01-17 19:22 - 2014-12-05 08:24 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-01-17 19:22 - 2014-11-27 18:50 - 00000000 ____D () C:\Windows\oem 2015-01-17 19:22 - 2014-09-01 04:29 - 00000000 ____D () C:\Windows\NAPP_Dism_Log 2015-01-17 19:22 - 2014-03-18 10:45 - 00000000 ____D () C:\Windows\SKB 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\Configuration 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\InputMethod 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\IME 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\hr-HR 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\he-IL 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\et-EE 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\bg-BG 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ar-SA 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Speech 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Resources 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PLA 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Performance 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\InputMethod 2015-01-17 19:22 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup 2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism 2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing 2015-01-17 19:21 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla 2015-01-17 19:21 - 2014-08-31 19:50 - 00000000 ____D () C:\Users\Public\CyberLink 2015-01-17 19:21 - 2014-07-25 22:28 - 00000000 ____D () C:\Users\Public\Foxit Software 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Globalization 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Branding 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ADFS 2015-01-17 19:20 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Local\Skype 2015-01-17 19:20 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla 2015-01-17 19:20 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages 2015-01-17 19:19 - 2014-12-14 11:12 - 00000000 ____D () C:\ProgramData\Battle.net 2015-01-17 19:19 - 2014-11-30 18:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\CyberLink 2015-01-17 19:19 - 2014-11-29 15:04 - 00000000 ____D () C:\ProgramData\Skype 2015-01-17 19:19 - 2014-11-27 19:36 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-17 19:19 - 2014-08-31 19:50 - 00000000 ____D () C:\ProgramData\CLSK 2015-01-17 19:19 - 2014-08-31 19:34 - 00000000 ____D () C:\Program Files\Realtek 2015-01-17 19:19 - 2014-08-31 19:24 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-17 19:19 - 2014-08-31 19:21 - 00000000 ____D () C:\ProgramData\Intel 2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki 2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki 2015-01-17 19:19 - 2014-07-25 22:23 - 00000000 ____D () C:\ProgramData\WildTangent 2015-01-17 19:19 - 2014-07-25 22:22 - 00000000 ____D () C:\ProgramData\CyberLink 2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Package Cache 2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\OEM 2015-01-17 19:19 - 2014-07-25 22:20 - 00000000 ____D () C:\ProgramData\acer 2015-01-17 19:19 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\Reference Assemblies 2015-01-17 19:19 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-01-17 19:19 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default 2015-01-17 19:18 - 2014-11-29 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-01-17 19:18 - 2014-11-27 19:36 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-17 19:18 - 2014-11-27 18:50 - 00000000 ____D () C:\Program Files (x86)\OEM 2015-01-17 19:18 - 2014-08-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-01-17 19:18 - 2014-08-31 19:46 - 00000000 ____D () C:\Program Files (x86)\Spotify 2015-01-17 19:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros 2015-01-17 19:18 - 2014-08-31 19:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-01-17 19:18 - 2014-08-31 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek 2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files\Intel 2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-01-17 19:18 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\Foxit PhantomPDF 2015-01-17 19:18 - 2014-07-25 22:26 - 00000000 ____D () C:\Program Files\Acer 2015-01-17 19:18 - 2014-07-25 22:24 - 00000000 ____D () C:\Program Files (x86)\WildGames 2015-01-17 19:18 - 2014-07-25 22:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games 2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2015-01-17 19:18 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\MSBuild 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-01-17 19:17 - 2014-11-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Brick-Force 2015-01-17 19:17 - 2014-07-25 22:57 - 00000000 ___HD () C:\OEM 2015-01-16 05:19 - 2014-07-25 22:58 - 00000000 ____D () C:\Windows\Panther 2015-01-15 17:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2015-01-15 14:13 - 2014-11-27 19:10 - 00000000 ____D () C:\Users\Public\OEM 2015-01-15 13:59 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator 2015-01-13 16:42 - 2014-11-28 17:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\.minecraft 2015-01-06 01:08 - 2014-12-05 08:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-06 01:08 - 2014-12-05 08:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-03 17:10 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\VirtualStore ==================== Files in the root of some directories ======= 2014-12-15 14:08 - 2014-12-15 14:08 - 1545696 _____ () C:\Users\Nick\AppData\Roaming\EJSP.exe 2014-12-15 14:07 - 2014-12-15 14:07 - 2031584 _____ () C:\Users\Nick\AppData\Roaming\FYIKETTA.exe 2014-11-27 20:08 - 2015-01-20 15:08 - 0000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG 2014-11-29 10:08 - 2014-12-17 10:08 - 0000001 _____ () C:\Users\Nick\AppData\Local\DSI.DAT 2014-11-29 10:08 - 2014-11-29 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup1444812342.exe 2014-12-02 14:08 - 2014-12-02 14:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4180595462.exe 2014-12-17 10:08 - 2014-12-17 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4535986252.exe 2014-08-31 19:34 - 2014-08-31 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-12-06 09:34 - 2014-12-06 09:34 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Some content of TEMP: ==================== C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.dll C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.exe C:\Users\Nick\AppData\Local\Temp\58A0271C-DAA9-E0B9-2984-AC25A29A9884.exe C:\Users\Nick\AppData\Local\Temp\ICReinstall_adobe_flash_setup.exe C:\Users\Nick\AppData\Local\Temp\ICReinstall_FirefoxSetup.exe C:\Users\Nick\AppData\Local\Temp\oct8D03.tmp.exe C:\Users\Nick\AppData\Local\Temp\octE0DF.tmp.exe C:\Users\Nick\AppData\Local\Temp\octE4C5.tmp.exe C:\Users\Nick\AppData\Local\Temp\octF576.tmp.exe C:\Users\Nick\AppData\Local\Temp\optprosetup.exe C:\Users\Nick\AppData\Local\Temp\Quarantine.exe C:\Users\Nick\AppData\Local\Temp\res.dll C:\Users\Nick\AppData\Local\Temp\rt-update.exe C:\Users\Nick\AppData\Local\Temp\SkypeSetup.exe C:\Users\Nick\AppData\Local\Temp\sqlite3.dll C:\Users\Nick\AppData\Local\Temp\sysad.exe C:\Users\Nick\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Nick\AppData\Local\Temp\System.Data.SQLite3c77ea22-6f8d-4996-b236-dc6fe42eecea.dll C:\Users\Nick\AppData\Local\Temp\updatecertmanager.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-03 20:14 ==================== End Of Log ============================ Gruß, Anja |
|
21.01.2015, 11:20
| #20 |
| /// the machine /// TB-Ausbilder | Sicherheitswarnung zu meinem Internetzugang durch die TelekomESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.01.2015, 15:49
| #21 |
| | Sicherheitswarnung zu meinem Internetzugang durch die TelekomCode:
ATTFilter # OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c6ba19ccf5d7194a8a64219db5b37533
# engine=22073
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-21 01:55:12
# local_time=2015-01-21 02:55:12 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 15700 12152831 0 0
# scanned=223211
# found=539
# cleaned=0
# scan_time=5241
sh=EDB6E1477166B32FE95301005E15A4EEB8BCF137 ft=1 fh=d29cf5027c7fc6c4 vn="Variante von MSIL/Adware.PullUpdate.H Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Browser\prompt.exe.vir"
sh=C0291FA8B4BF212D40322E152989120E5B309AD0 ft=1 fh=c71c001117fadf1b vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\topdeall\wdb8qXI8r4OBZK.dll.vir"
sh=9FF3042B3BC1AC3256934DE5CE162BFC3B591C06 ft=1 fh=7f32323435353b0c vn="Variante von Win64/Adware.MultiPlug.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\topdeall\wdb8qXI8r4OBZK.x64.dll.vir"
sh=F9F67A6E75A5053CB5FB436BBF762AC1ADDCEA51 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\CAZNd@v.org\content\bg.js.vir"
sh=382B389FE9DE0F54F1C3330FD1311B296E1FDA75 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\F@oxzo.net\content\bg.js.vir"
sh=EBE76420394A7545D6D0A97E126F946E2F8990F0 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\g@9.co.uk\content\bg.js.vir"
sh=60B6CBD0C737FBC376708AB7361CD23471E6BC3D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\i@Mri86VdY.edu\content\bg.js.vir"
sh=BFA7F8511FF3D51E0606BC065F0C09902BB6E6FF ft=1 fh=c5b494ba53b97366 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung" ac=I fn="C:\ProgramData\OqQeGinkA\dat\FTDKEgsb.dll"
sh=F3477DD97CF2D7579053B5DF73C184CBD99AC414 ft=1 fh=6ea5772ba487bdc4 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung" ac=I fn="C:\ProgramData\OqQeGinkA\dat\hTXFJlWZJbc.dll"
sh=BFA7F8511FF3D51E0606BC065F0C09902BB6E6FF ft=1 fh=c5b494ba53b97366 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung" ac=I fn="C:\Users\All Users\OqQeGinkA\dat\FTDKEgsb.dll"
sh=F3477DD97CF2D7579053B5DF73C184CBD99AC414 ft=1 fh=6ea5772ba487bdc4 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung" ac=I fn="C:\Users\All Users\OqQeGinkA\dat\hTXFJlWZJbc.dll"
sh=FDEC456186BB1B53CA715B0F45E56FD63E6EE18A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\007D60E9B48C26C7D91D0EDD09F9A493946615B5"
sh=98A4F1E41F2C433237B2B7A6A0469B75E283FCCF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0085085170513A939809A3D15C5A3DC1427BE5A0"
sh=B0E2EE664E4FAD7F30DDCB311B135692BC2D7982 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\00B4E21F8C86763BC1673709DFC75E9B3D70BFA2"
sh=F7347652C7B4F362F1424FD949E4D7ABA7D9E87B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\00C7EF19D9285CC4E500EB53EC7F4952E565B43C"
sh=8A774182B7011E730973EF8B3185C12BB99DE203 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\017B2F0A39638D191A0D477C1A743AF692C7D9BF"
sh=15454288325C40F98F56E89B601C45E7C9775D8B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\01CD67F5DC2D0D70E03FD878EDCE20A51DEA8D57"
sh=B904B6FFE3EB8E111C1EFFBAEEF3CDDEB057526C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\029E128C491BA7001A6EC1677BFAED838B93A43E"
sh=E81FBC66871AE3685DB0A35F9EEC2351C1CE6D91 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\033E65593C9DF6D61453CFA2B01E2C6A7AFD5F04"
sh=18B72B4EB9C1774875F9F15D8C8CA19DD3A630BB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\039DB49338FFFACC1EE87FA2D2FA74C2B8F899D7"
sh=7E5B23021FD98736B8574DC667A36683CC3B54A0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0515699FA709A0297EDF2BA68CABE2530C926146"
sh=732AC9C73ABBD079104C5274F215535EB0BCD0CE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0543114483624B182A5100C11E366848E3FD4B19"
sh=3E2307C1602C36DC098BBC34217AE12893266B4C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0557C9369D8268C6CD7406D02DB66D45D0D21F04"
sh=7EFECB1500ED6E220B14269ED9FED37A163D7854 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\068F8A0A098E02975CB452A2ED6C8CF6430C84EA"
sh=2C9B6E7D37C320780A5AB3B8D26096130F1E0A17 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\06BEE3A76DC4C60BF9147F8F0360EDEDE5486F9C"
sh=903F220174F45D0D62B4FB87CC22CAECDFCDC19B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\06D7F075623A4EF96DAD62FB89A72D2F3CCE0B51"
sh=8E297A0A85D4B282169972A3A28BD5A17F9BA7FA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\06E2811A415DA2418D2132D8DB931176977FE5CC"
sh=71BF1FA296982F1733CEF789955F173AD2E6D1D1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0718201824309E616EBCB3FA6EE66B78A2D2B933"
sh=A0BFB52CD2A3D9266CD11E780C190BD3A1EDE66C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\07AF1403C4C78742C6BE08309B214B6B1A8D8AC3"
sh=EF49E5B2DFCCB6A52E0B2F2BD559D4BDEC21DC60 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\088C0B54DE5E3FAA68072FE2DBF4623C9135F094"
sh=90BB31695B1B1287AA199AE38945444BAC46DC0F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\089DD1D801E118C3E34E824F14EC50618258358E"
sh=AEF55B297D6F2E321AA4094FB2B04389C5C302D1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\09885047F658A478670D82441A0D426F7DEFAF1B"
sh=A13646DE857DFFFCE20AE930A09FFF40D5EF46AE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\09F2471886641AFF09FD0A62015DDB5E202833AA"
sh=A24500BB498AABB2BEEE8B6FC0C70D9E5FA15FDC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0A4AA7602CF3F3E8BA21CDE6B74860E69F4F17C3"
sh=EEE891C3BCB0DD11AD5BFEE0AE9CE4FDE5046E1E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0AAE8A582AB5A99E7D67C87C5FA491410CD41A77"
sh=932C23156B7BFAF6D95A64C847829A7D3566AA23 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0ACD4D559C2509DA92E3FB6F4DE5C5C4792030E4"
sh=24376607FCDB9548D82177C706AB4F38DAF256A3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0AD64587B8BDD7D01E884990B642E324B0A6176B"
sh=F39B441795EF6AD4E119584D8CA23540704976B3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0B19E9E6AD98F9DB70018D5F0554E6726FDC52E6"
sh=B2F1E1AE449B1BD5F93FA50EC3FC456F736CF126 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0D433B7D31C8778725F07F1CA10F71B6BC6EC014"
sh=017AD1FBA71D63738EB33D5373D792DA96640350 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0E1DCBA8491F3ED42D9D128CCD793050DA90B378"
sh=58B66FB56559CAF7E8D63B7CFD8F066B02C53CBD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0E2ECF756D33D41D2B1F04D8E2B05CD0DEA98462"
sh=A537E5E7D98F2651E192611ABDF0668CA56DB692 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0FA8F505545DAB373C7C2380973884EF9E8CFCDD"
sh=7897396F9AA07DC752E39647E076E38497A3FC46 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1059BBD9FE84E2DD91FDA2131FE63B4A7D40973E"
sh=FAD2D51C4DB6C459305A6257CEA1707C0FFDACA6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\114B3DF2975055374A8DBBE29C46BEE834C8BAC0"
sh=6D2269841AC822BA0821D7070347F119613C405B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1198B828F9CF6CCDF925C42882ED59261267D656"
sh=289F0E8483A7558AD4F87573B0FE18BE5935E784 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\11A78ADF5D0F2D9ADA0A74C37F5D6279494F2357"
sh=25F5E7BB4ED0C2AA7202A397B88B39080626A14E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\11FA233D34069BDC8F281EC9BE63FD7AAF302D6F"
sh=6C875FCCA8AF81893E9AC9A19EE84FFAAE7BB903 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\12CBCF01D228372B2D3E4CA6F1B0108DA8B99C46"
sh=415BF199638E798038DEE7471E0C5E02830BA149 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\12EFFD6E04F8E776B9EE17F7CAB3440AB12A3B8F"
sh=42EE91C5370FEE66314404C0DD6E1261BCBD0C55 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1372D4AFA9F3911B788560B37A3B9EFD323DC471"
sh=377368CA6FE503EA96F76597041A3EE3619E88C6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1458F7268A2464893CB7E3C62DBCB236676652D4"
sh=3CD9A6C7F7F82694DBFCBA0537B6B6E6159FB37A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\14BA69CB99820A6C73522D584E713EEFECA38BD6"
sh=D5600F2EFADBAD4AA09D4F745040716A02DEAF85 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\14EED579A61A82194A5DC1B6D684EBAF7CC01B1E"
sh=4C56AA1E737DEA62F8B5924C06A9AA0777937285 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\15B26218B316804C8F942389E662D8946C5F8186"
sh=3EB39FAC598A8EFC6514DC4256B9E4837F14C1E6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\15E2F7922D9E5B27F0A1D5CF7ED2CD1385346EA5"
sh=D903D7D5C0CB90D30642AAD41622887818D65D4D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1611DA395455BA75E7D690AB2D613D099E6CE41C"
sh=E668EC9A89B105A211361992869B1EAB80B6E667 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1631B4E8EC37BA88BA88DE96EABF3CD031A20424"
sh=C28ED3C476684AE1ED2FD9C52B7881B55FA47BF8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\163466BC91C5D0BC01507E7CDE963A2E357008DA"
sh=B775700F9BB16198B4A304D88D1287C0A4E06834 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\164AAF1A99C501A00F3453695008321FC041F0EC"
sh=E3835D468DB3A6BB6C54D91AA2767A9DEF527894 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\16835B1454C59356A732A229E59C009943FDF1F3"
sh=44DF2DE905F87EB8AF8C1F260ED2BDE5AF19B085 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\16AA0515DE50661963708F53618033498D218103"
sh=B2ECA129B47AB6BE926727D66646786E0B7BF0C5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\16B9DB5998CE1B983F2816F71C9E1A768B570453"
Code:
ATTFilter sh=7E42EB512F78FEFE695BDA9178778324FC08760D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\177D8EBFE7DE817AC0D53D64E4E8E2F1F591D732"
sh=AE47D03E4616FF32B65D1C146B2C9CDF8F36478B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\17FDEDD43CD366F0C973E46C473996A6C719BA16"
sh=7F3104AFD9A171880E640129068979029B5213AA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1800E5B6B4630AAD2CB92354B63435DEBA8D949E"
sh=3E46EA68B12B04583E31B9A63A8D980B56CFE265 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\18125276954D2AEC4346C5D8A60305D9CF4020CD"
sh=5F35F4679EAC72018DE2B7E18FAC36969784D15B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\183093EC8962F9AA055266680526D39AC13270B9"
sh=7E87083F7CE417C20E35F1C7B4D83DA900F0B119 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\19FFB305462E597736674B30CF89F59E7415DA83"
sh=8D5871EF8E32DC92B455B084319315776C547E3D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1A3E21AFCDC416F10F9A9BC13FE43EB62F08F7E4"
sh=243B9566D8C1FA0D84F1F3947B709E743CA41A45 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1A91631559C7EBF7B4A1261E30A9A17CCE0D4F74"
sh=E5642D4F2238CF4D837DAE0C6906709BBE323D33 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1B475B255401316522F19A3FFC360D598EFEC40B"
sh=1660F8525908C2942EF0EF8F59EB10649CC19A51 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1B88B261FB8E7828422C0E2B6F2FDBD949DE7C3F"
sh=9AEF572D2D69149679CA89FC6133ED9B1DFC34EF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1CC65D77559F791000048886392BC519E85B68AC"
sh=DC740617B99919594E62C27F13C2791326A6240F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1D0A4A446A6F83BEA4F137D01C69E2584B1C2967"
sh=CE9AEE635E4EEFF096831AE159B89C99A6057F30 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1DDB3E9EAF83CBF59A929A675CC34805D237DFED"
sh=C68F40FA38C1B5A84C76BB142599A00C03BF6F56 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1E5B1D6DFF22104C03BA01E7C176604235F4D7E3"
sh=13DFDAC6CF85A0ED124B583DBD00B85A5B90F4BA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1EB62DBF5BB3A19D8CF21EF602E7BFFB672F4B76"
sh=25061F89FC3AD2D3E6B6277CD9EEEC5759C8306A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1F356595D24D5B9C7D37B305285320B8F18F3B39"
sh=F37E90469901466732132052390574C4CC014A6B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\212778B161E14DB5CE6DFDA4CF7549F942584C0F"
sh=2ED2D8248A29F1F2A6BA0D9A6AF445DDE5EA8F88 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2171B1EBAD13FE4E414E3DA7DA1611295EABA4A7"
sh=2ECA4C795EE9A9135DD209663D0E56974C988195 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\21FF4FAD5162A1E6B9F8FD8B817A48D2D0C301CD"
sh=1311DFB529C44044C0B08AE5E9EC7B7CBE565DD5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2252EAF3D2533760D6DCA5ABE2E4C57037CFA0D9"
sh=F3CB33FA193DB39CDDD41A890373F4E114068F0B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2268BAA5A24CA21C1DB05C6543676D27673DABB5"
sh=33D7BB371B4FEE8899F0CCB0FC9EAA6C30386C66 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\234855CB41D7ACA4F993F577A7431D93EA80FEF2"
sh=EE7B4E8638F7231799D2BBB5785EB0AED2C8C00D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\23A1ADF0A1C31072F384048AAEAE8B9719F0604A"
sh=3EA3695513051C839A6D56ABAFE843C1F8D65D48 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\23CA7DEE2147102782466345682469E5280678AE"
sh=30B93917EE513A512B8F385FEFC9BA21E8B5EEC8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2433A44A7E5FFFE446FB4E1EA0C0542938F63F07"
sh=B721E83F317965CBD7E2AFBAE45BA3FAEF738146 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\246635FDCADC4AB47DE0C09D3744C221C449CB6D"
sh=27E5FA35EECB3AF59DFE867494C3F1AA59606B98 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\24CDD1C49BA8368395223669044FD2FBB33ACCB5"
sh=75FAC7375BE2B9852253A7ACC7C40A8F5A07A149 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\24DD106177566DE2CD967E965AF6D799F2A5204A"
sh=532AD51B4D25DD9CF48F47076B7F9882D59B6EE8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\25E20DA040A1200DB4F7F1126C2E0C94C4BE7E4C"
sh=8E9BC9275710E53E2BB75A0C0B54C9D8ACBF2369 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\26E9837EFF80B958E0E604C7D9242A2E535CAA92"
sh=D5713081B68C8F88CDF8F272E5A92A38CC94016C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2757565D002031D58D3F846CD72D3ED070499C2B"
sh=9C47BC457163209E49F50E4C44DE04B073C356A9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2772057B937B8E233B2B322D4BAAF9A758D53B32"
sh=8A7E028DD1700B1E4F0D2C9AC1F7D0EB37CE10D2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\277273E799B030CBD48C5473C80D7F4D7FEB8E51"
sh=8C4AC9C1CF32B06310FC4BECE09993351015B756 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2798BC1E89720C2E22557BDB898ED45B4E563606"
sh=FABE282AC538BF18E42C6B0AC399CE4F39BCDCF2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\280B5A5C5948A08CD59A84939B9FFAFFC174B86B"
sh=991A0FE1C9DA8361A28219757A6EB3467A281B87 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\283555C6731878B25C12A26A31A0AD9CC375938A"
sh=31238BDDD32E159E7BE4B6438F6438ACC03B6A93 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\286E248C07447012F1509C04FC17E165AB1D3971"
sh=3F654458F030934301E8F54BB24B981F8ABF9E3F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\28916F1E357EA229C87058EEADAF32935F299D9C"
sh=45F874B3B1BFEEE9E4AFEF62752E8D3FB0008D78 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\292C4CCEE1AFFC6C32E04AE6FCA871F2E1256AE5"
sh=24F11262057E77FAEAFD6F6D84CC832865740F2E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\297FC29F31B1457BD20A6F36A58C384C7C801602"
sh=0E956A98F7899FF638A517EFE0D222C4B7229540 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\29A30A0AA88C7DCC3D92CDE51E97FB6049F5E1A2"
sh=2CA9AC15D98F0B5CAC8FA8A2B6184B75EB448FAE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\29F3DC9D328C1C4FC89B7476F4A9036EFDD14798"
sh=F862E6D3ABA8D23BA074951700DEE980B786CCF1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2A7EC9506517C59961F0AF5E5487CF14A7B35721"
sh=0AA579B30470BF5660CD073718D2A3FA137A63C8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2ABAD093E31F64E1FC3EF2B2BED5CC40BD001B0F"
sh=5DA90CAED7DF8AFB4FEFE67DA8620F7861A20D84 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2AD770EC2277F058B4A9D5B960CFD6532795938E"
sh=63D571E87C9BD43A4E333633A589A25E744AA136 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2BAD84A1E31E77744475E4BA4C646D12316EE00D"
sh=44DE51139C8984FFD2BB4B292BE1B252FDE36B7D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2BDF0406B29FC6FC20400ED30B3151C18BC98649"
sh=55DE27BF328904066D25B779BE0B08445B233FB0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2CA2D9436D084C7EB48A0CF09505AC1CD708F5B2"
sh=123A523D939297F387CE257543FA57185E6DCD5A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2CCDA214546F6441ED3EE082D3BAF08B1E131AD6"
sh=78D131FE5153A2C2CA3214119DDB2C8854441BCA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2D6BD9E817ADEC1C2718E3CE2E1950DFF3C0CF80"
sh=17ACFBD90BE054DDAB29E122255A0A8AE06EA9ED ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2D8B4B6F0F19D96459BCFC31391A858526E37610"
sh=B581C243227932C9602EF49A38683066341F33BE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2D960AB963EC3634866A1627E6411F4A45A85BBB"
sh=0632DE93006DE6BFF2286745B8A6869222A79BAD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2DEEA83C1D22B2FE9D089C12E52BD4DBFD7AB78E"
sh=958CF55EC36DD03C61E77C26C023285933384D04 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2E456B6092024CAD83FF1490B6B28A8D6083D2AF"
sh=AAAF37605AED5A9582694C3891659EF82850495F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2EB1DB62858E8944341ECE6B87F760C49B55500B"
sh=5CAEBF05C839D1055A0D03D8DB5789CBB3A601C2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2FEBBAFA2D60024768EEC8F1833EC5360A722D4D"
sh=A9306C31018C7C1D64D6C9AEF28C6561914AFDEC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\313D0F957A9D511427ED06538232E6834AA64D2C"
sh=F80DDD605D882EE5AEED593CBFFFF9580F9FE272 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3167B295CE6572D6F798EFBACB6D66E64716B292"
sh=BB0D73DCE8D07FF6F96F87F299C3CF35899C63ED ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\33DBA4A8BE1423DAE6B5F659E2C7AF110AAFE297"
sh=F51C549A0DD353379762E48B9F4F33525EA885DC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\349691DC3E0A9758AC5821D9DF92E849E40B56B3"
sh=1B8A17C739E0FFD625020D67181BCE2F1D4D2176 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\34CF8CA844BBBB8ABDD4DD16F93865235FBEC447"
sh=2AC336B8A052E85EF2C9ED9A19C461E2961AFD1D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\35018E0C29C7A76D77A771B1EA77C7EEFC8C495D"
sh=4081B7BA217F445EA1A661F8A9C95E70C4556959 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\357FC1FB72BC5F7BB7623BA761A1947E17EF8CAB"
sh=2385A26F82BB55A25D2774FC6C4906FAE1B72670 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\36583CAEBC9345EDA6CC07BDD7B309B41BEBB838"
sh=7C0B5003164E19FB255AAA27842AD69FF7FEDAAB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3735C20CF4FE71D3E0F3AACC05280D136F4666DB"
sh=64D97BF278574B8DD0BBF969CC0E1771E55546AB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\375C1049475B3C44EFD1B427FDEE9BF92DE4C9FE"
sh=0F50314675C7466240052916224A53500EB73A3A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\389270ABE4DF866E69A9DD5102DD274F71268EF2"
sh=E3E55B8ADCB3B84900488B9ACF5964E50B50BBAB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\39134B593DD6F8FDFD34A0D2544F494B0F8B3D3A"
sh=2E20CD526A94F0FCC2E923E60A5E42DD5BDFDC73 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\393D84E62EECA3265F7A5957C1CC559A75999E39"
sh=306FA48FD27D120013F315B80E6ECAC2F222E1E6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3975BCFCF5E2DC8A4ABBAF15A9E2B416725773A0"
sh=640106D76DFFE961F8BCB9CCB77B82052D848A17 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\397A795D2C962587FB418A69ECA21B62B4D477EE"
sh=CDEC201639BE2BA644AD62F3B96226AC80A936FF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3A1BC7719D596BF13F6870EB371AC56A56FFFE5E"
sh=E13776A803AF81F9466595A97C1AEDB7EAF307E6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3A88770CA137D9A40E0F34497A2AD5351D4C1B4E"
sh=E3C019B4174572179F949C96571B8FBAAE942BBF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3AE0B18CE9FB18B4BEC91840A0466D63B882C2EF"
sh=A5920D7EAB1BFA164C519E934B6AD92E421CE349 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3AEEA26B79CF092AF3D38C214647EA007F736132"
sh=003E00A3F5C47DC3C3A13955CEB79CFAF1CDB1AF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3B846155C756098D0F267002A546957DCFBD0988"
sh=9579CCAA69DE2E3FBC29E3A9FF936229DBBDC14B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3BA547B0D2F9B9F8C38EC9573531E856A97ED25E"
sh=9A94B69B4D2E2AEA10FBAFBD0AE6AC08AAD5CB74 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3BC70605261A2BF29C447C5D036A14D4F2FCA2E1"
sh=2BD8B4DC88D12483B9C56C5993E1B4391A917C5E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3CC06073C5016D0AE4E1E5477C03B7D3E21E93F8"
sh=E49C1C36B9432743DF90B6A053F57652CA690FB5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3CC09B87F52C2D046400C610B97EA92896BA858D"
sh=8E73C3CF9CF7600021EDB9889199CE0C014A01C0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3D7D2BF1F0D78789B3E3AAF4CF0025766CF61656"
sh=5C95EA342BB9BE0C17383C9EB69EA6A5DAEF1EC3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3DF810AD61EB6529C08EDF2E5FEDD48C0453313D"
sh=72A8E0A5AA9F795D4A0DA11D8DAA3E8C2D251E1B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3F06EFA0F75B3FE76DE02EA23A36DF6804BAB10E"
sh=CADCFED7A7E1CBEFF67B3C5F88BABD7F80369BFE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\41A65DE6852BC46A5711DAB1C0A42EE812754521"
sh=35CE0112CD9D6AA64BDF154BE066ADA3913B695B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\41DD7E9161699E7935AFDB800714DC0E51E77DBA"
sh=483024F73AB6CE0881AB1783D545867A35F79510 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\421800C366C3DF89AFD9866044B0F31570D96574"
sh=99525592670B03E44BC52704863399A01C4BD1EB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\427BCD54F15768282C36D7EBBA7BBB11B7493DA4"
sh=B43A316B67A3E4EAFAE0E035ED34DDC7B2E1BEA8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\42C9EF4F3FEC65461D5C538AAEEFD6FD1A2BDE37"
sh=EC0A644E7F0C12AFD82F4E91D3C34472D695516B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\43800A70CB97360969294EE7E283866E7EF0F910"
sh=1E558EA59A02AA4C8242812BC4B636CAF6E05BEB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4463F650A0CCA370753318F31E74FB77A82F8CA8"
sh=149A8A0E1FC6944BAA630996AB4D02DBC8FFE737 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\447FFF68764C86B14877F9C0C3C79516D6D482D2"
sh=5AA686371115A0532E79931A31E7AC51587AD796 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\457C568A8F730A0C1802A26CC564D315FD87F6EC"
sh=E396F31FCE2E8380DC99AF6564B067A8F187E361 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\45C35B4611B43F10DCC8A9A5F37655EA11B4561A"
sh=CDD27A5562015D22F8EB5EC9BA0D6E7E57BBAA74 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\45D78202B2FCD70BD7D39442AA15CC01859E7FC3"
sh=2CA5758A0D97EB962160FA4DA0D4063369FEF060 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\461944333D90432B7C5065DA191146F2ACDCD8CC"
sh=16F9514E53C6BA6321A6540D4B4BA7CD4D9FB62E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\463D8F2F464FDBA6F84D3103335C74AB5EA8F344"
sh=269CAAAFB6D877E7498C45F0E3FD5332321CF78E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\472A5F5242F9377120A2D96990E56C99F421C129"
sh=D29774E03F9D8BD098F19190AA661A395D5F443D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\47FB6004E5A2D35BB4E80C384B93744FAC7E6915"
sh=7F3625E7BBBBA77BCCE919E8002A8F3B26BE1AC3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4A1659F2A5C0478DBA39166112B8DC7C03724B1C"
sh=1E225D706EB83EF25F822668D05C164E4EC2602F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4BB842D4B36056FEFAE1E7A0F62AC18C2A9A22CC"
sh=438CC55747370BBC7D67022837603B6892395F54 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4BCA982F9D278F3E6A68AD16A319A386F4BEC9CE"
sh=E88CE4E7E387B1AB879331BA76A2597705B94F72 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4BD5DE24072EC982E90757C3B70DD6C3306B2731"
sh=0D93DC60AE3F3F8C1C93A0FA8ED94CFED4D1BFC7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4CD1708658AD2E478BAE80996E47F2B712050EE6"
sh=53B720538C0AD4B9FC8C4403CD8A0734ED8794FF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4CEDE5BD84C5A3CE5D015F42FFFE283B94A80B8D"
sh=A4BC93CA8BFC1EB9E496D76E9675D927A08B75B5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4D60620EF7111ED1F73355EF8A967931EFF64595"
sh=ED361305A112BBB3805A73E5319EFC9197E89BC0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4E28938708801758522D2C2676B0E3D99D9A73FA"
sh=357F6217C657126BB0C38B501BBBCAACABE0634E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4E6CFB3F400EDE824552529F9656ABE8AE8E3293"
sh=5C18A53D0FB9105CEFFBD6108714DD0FAFE43C35 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4EA24238863C58A4C912CA985ED0506106C9FCE0"
sh=CE1B3A1BB47C0D8A9E8D1298AE2C136E4C3E8E72 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4ED17B5336C488B6CEC54414304887250919BF53"
sh=98102F4944C4E2F4B1DE33493B70E7AEF55CF08F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4EE04272FF07B8370035CA639D7C636E74005324"
sh=5B4411AC13A34E8D932BBD3302A9DF660B6E30E7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4FA6F6ABDD909F7E2068F5E6E4AB9887FC15E124"
sh=91EC861EBEB146E2B01345320B1A7C4266139935 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4FF2C806AD0F6652CEDCBA29651E7A81F3E35F47"
sh=51BA357DB75770B2EE602A4B6016650C05B70EAA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\50B93E9983577F268864CAE839837551CA6446BD"
sh=2082254CE29ECEEC623D3C2A0EDE73D7B5580F24 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\50C799347F1015DAE961ADEE0231EA898E5676D2"
sh=F6D79D02AC069772481115DDE8ABED90D347138E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\527DB0BCCD97C366187855DBB6A92F3E84884C99"
sh=8B50DC65D9447AD9542644412156B35523F92611 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\52E1E6D6A1D1C777F720FC43167FC5636A17EE12"
sh=C67950B95246EACEF9A9358E0C0CDAB355491744 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\530BF413AB9B4D3E563494176BEC09137387FBD6"
sh=5ED0A961DF5EDBEFC2143131232F582B16A19ADC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\55BC9CA52C39515B7C46349CA0B7CEF61D48B98F"
sh=127C588FD8F268B3FF92F83296DB519F67E9E149 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\562882AC2646640C04065E59E821C813E0E57EF0"
sh=081EA52C8FFB14C0EB385AFE0F2283A857183253 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5644FC42DFFE15DA8844719271683410A6585492"
sh=D5C8923AE72CFD69CAD41F0667EB616E83FA3276 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\567261101B2C6F4922F86F96179B04BB5E6DF41B"
sh=008B59AF4C0F1D94BFCC3B4971DE704664F187FF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5687421A78D2F1560DFC8A0FEC1812B65375A9BD"
sh=DD282F4DF37629450766DDD8FC05B46AB9D7AD10 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\57487B6FC77AF3918F346052F39D0856E3352D6B"
sh=151C4E322D8AB9854DA45DFF005B613EC9D62241 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\58407B9359310A806522C56FD07143835C99B555"
sh=9A81C31F5FE702EE7A4796FC8AC253769E6FBF23 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\59D457912B45466DDCAB8217431E5454EB9D5284"
sh=B3429BC284D6D699723E5E9B376540CD2A4D85C0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5A1C95AEB2797EFEAD8D545474A45D5A395F9A6B"
sh=9C0FE0B3C5EB6FDFBAEC0267B581687F8A2B4127 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5A9A0F013E4C573945BD865273EEE5ACE3A2756B"
sh=AA6C94A5352E4F539605E8C39F3491DFDF4602F8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5A9F315FBE50D3F9EAF54535750023694416C55F"
sh=6CC44C7ADBB9551D10848AF4F54C5DCD6062AD4E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5AD901C8BBD1322C479E21AB711989838E4AB6AB"
sh=79085A989B19DC9206CF45B59F9F45F69F20300E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5B3C8C9325E1D242C17792D52A3365EC43336521"
sh=836C2E609EA9B0F2E45D268BB144C9C57960787A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5C13C632985935AFDFD480DF60C10FEECB3B08E4"
sh=08A48EEC75E61C3E1214A96964D3C8C6D774AEC2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5C32E7D59AD4E570E3C7BD6A3162A0DB9CD67C73"
sh=D2D3E7032B345D9D2024F63589A895C812FE3E10 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5C8F17D604B19824007C1FE3AFD947BE27FF49B3"
sh=EB0C0A10C866A61BA3C7AF70C3E694E7B6D86014 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5D1B9B8AD7C9E1818F3FC39E996CE396A6E8F55F"
sh=11CFFABD4D930F478216B7DE7CE7F3B4E7B135DB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5D521E87A47F64A78703E149670D398DDCBB951F"
sh=66BE44B5482C43F4660037FC095E38AE9FF83DBA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5D52FAED9DB01AB1E6D5AFAEF79DD4ADD5E461E0"
sh=55D7AEDDDF9F0A2116AECA797B4E9055DE89E500 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5DA2D3E2E8A893C33C7981753B0CF6173CD30C0D"
sh=4AF70D5903C1C892000CB2FFFFC16F93FD3FCB7A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5DB3653A3C9BCC133F39786CF79DE68AA90F3129"
sh=9A0277A5AF939611E6536E8AC00DF118D7F04869 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5DDD2C8E60D23234314EE8BC6A7C323AD149F720"
sh=22C5800BC12C1C5410C700E6841F7E837C45358C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5E1DA627EB2DAAC16EF36F6938A36A7559DE226A"
sh=782764BE26D1AD964F3C5671AFFD6858BDB0766A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5E28D5DC732762B269A3A668908C45C010E31973"
sh=B7B9C038A5CD6517672F0EA89361FA8B97920385 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5ECE2AE0E012957AC943ED1CB845CEF500FB2078"
|
|
21.01.2015, 15:52
| #22 |
| | Sicherheitswarnung zu meinem Internetzugang durch die TelekomCode:
ATTFilter fes414j.default\cache2\entries\5ECF9368A9A82A03832B1FC6F33EB1A114B160B3"
sh=27C897E10FB3B3D52DADD7EF8E6B7C89B0918549 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\60273EF5F3754FFEB0CB2E4F36135695812BB949"
sh=996EBBCC32F02C29B9C886FAFC5C52474FF1970F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\607BF6CADA38849CC0707741308659BD97E467A0"
sh=AEE5E9BC62F5A80CB31F28B2D6831E392182D81D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\60BE0CDB89FDFB62915D3C4C8F157ABB5B5432EA"
sh=A6C0444937B56318C52B2A9FF27D3BA2A924D0AE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\60CDDC1B958F22D4C5FF785D5B9A4C2F0C40E00E"
sh=E6361AAE52B6E4FD02AF27A39F61B21D8BA54AC5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\614790F0D202F706514222570F0859F62B190BE0"
sh=1C640B1589F701698EFDD82FFA88D941A78273FE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6148DA7553A6C12D94CBA36109F6A4C9D8DECFDC"
sh=AFBE8D4ABABB0F15098ECC5EC7CEC322F2A377F6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\617F4B4FC85211C1373C5A86DF64870ABF5002E2"
sh=EDE90C823AF6F4D54E511C621850D17916463BF3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6287D9B9DE7E756161135475AAD10E9043E79799"
sh=8759E2A814025DBC3F91094BE8510990EAC547B2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\63003C765A55C454CE99BC020C7BF85D987F3B27"
sh=2F526BBB6D00DB03DECE4FA0F5DECF169D7E18C6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6369B1A107FDDD7282F11FB98922D40F317FE188"
sh=E5175226768B98641A4B2BAEC44C27E9B299E741 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\64878877630D1388CBB5C7EFD145614EF3B99AE4"
sh=6EDD9800A01ABB4FE2BE15AE328D57DB9AEF2B76 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\648AAE6B25D011C1F06E3866210A81122F5D6895"
sh=0E294BC58B8D576BB73F8E9AE44731F8D1852B30 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\65018C36C1F4E0B60A2C4EFB5DE23F011C3C8364"
sh=FAA09CFC6E51C7DEFB0CD3A53571529C0A9CEFDE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\66044255C14701C66479F44F84E98965D00DA204"
sh=E49E569FD11E4115A9C6F4971950E66BA513EB74 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\66C42420B4FD7043E9D7F8C22436809FF578279F"
sh=F173757F21C5994ACF8B9E13FF0A9864B294E234 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\680760F23A8793434F2643D4B5C62B5055A2CDB8"
sh=79B1D4DC7C123B7B1AFFDA8C66543F7B12A14D84 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\68FA153CC314A91392FD7A61990EF71444C3B22E"
sh=F3830801CDC90BF0E9253498B86F12E035A668ED ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6AC56F45022B109B9D1A9A10A5D68B67DB3002D6"
sh=120D03E3D69073BCACE31148DCD6D2EA8397548B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6B99A40DBCED402A599A738962ED59711DCC23F2"
sh=78EE5D0BDBCD65B8AB19192D6237910000CD7829 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6C815CD144BE840A0B373EF16F89F8E38C0E7CA9"
sh=45658457AABBEFCB7EA271C53605D2CBB09417A3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6C8C478C69C62C2E1C877499AE4AD82C468D1775"
sh=EE0700481BE331A19361AF07414F3F50F98039A2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6CC2116A42AAD88479FE79E09B7EBFE22C8D564A"
sh=20C6584BA6C5007F312896C22DB3D51D9BDB618D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6CD8238C48C20FEAAD78E27F50536BD412287868"
sh=6D5C7D601B90889FACFFCCAE974DD6244E70224A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6DA9AC4D3F0CA7B744D7008399BAA8F4919EE8F4"
sh=589F7E0B654C97710E7DAD3949E5D6417DF63DB4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6EA0F6C115ADC02920123F0EDCAA628615D155C3"
sh=D699387FE5EC71EC994AE10F3C0E05A0EF573F19 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6F7468E2943254A60E7B8144D757097EA7770BC0"
sh=1F3120D23817FF37BEC619A407F2AC414FC2946B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6FD87BFEB12A149933DC7B0DB9CC688DDE3B31BE"
sh=12FE66BAD724D4224F197E537EB8208A45F525DF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6FFACEFDBEA4044C62A34659E4D0888F87CC46DF"
sh=B1CEB71A8DBE3C60CB9BA786E80F6FD28FA30CAE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\70103C006F7F53FBCA52F73CC24285A41FAA8354"
sh=894BB15C524EEA0BD4A5ABEACB2F30EDF30BF622 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7012EDF026B8220831FED7B5ABAC6C07510E2E7C"
sh=CDA2930D8F4661B3E67EC2006BAB6E9B66F4439D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\705CB1F22C052FBF5F99AB2F219567D961268C8D"
sh=A61301F0726B588A826C9418447B061B3C6F2727 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\707A8F21ABCB8971003C4D0C1B3E1BEF620B7BA2"
sh=2EC0A43AD56885300A487020146E52F0176943A1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\70900A60A8BF6F0305F3DA703E6A5E085E699BBD"
sh=D9E2210914C878FCFD93E2571B9128E3D5D0190A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\709DFC9AAF63537392DAF7EF91B48EB26D458A80"
sh=DB4B0CA2D2F6984AE55CEA852490E192F788F589 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\70D20C85234FA1F9909FBAB8468792A4DA4BBCC5"
sh=7AA7DC754459E4ED6BF983A95DB130EB0D72EA6C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\70E2849A97E71865EE8071B64736C442478213EC"
sh=8B7E1CF8CE1B2063A70E81DE33AF32F366148C5F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7189196B798F47A22224A9185764BE740F17945E"
sh=79213CCC57BF4E88ABBCFD8141D2BDF4ABE8A144 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\71C02E5542D0ED2CB6F722CD8F711B7782E15A32"
sh=DD0700B5A5E378D2AEAE9A0E4E4A8A7A647FD5BC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\71DD04030DA814AC8F724463D455032BAD10D564"
sh=8080610865A6C969A8649034F5C45770C7FF01A2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\72737E52C8B554B3111DF963CD777E396BA0ADC4"
sh=9621DF6C04708D95C9B71EF1E61FA69E3FF5F9FC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\72A74597B3507D4B5E6F4E3B9B80122EA31766F0"
sh=7740C4DB2119553ABB3D16324C2FFE0A62E6F2AC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\72F19C5ADC201FE656831094A8DC51E39ED6A936"
sh=02D3730EFC95E4E74703FB329A6BBFA4B62C64F9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7367E293D9ECE4B0F9112F667C8021C9F1E81005"
sh=1D1E7537E0531043387F842FE89215B9E6E22F1F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\73A194F8DB5F2331684EB60E38CF5195A378FDDE"
sh=0F4C9C9DAAFBB88CEFD2DC8F3D2BF6B982F8C297 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\73EE51D55ED3F562A691D144582F8EBDA751EECD"
sh=FB3E2BB53288397012BDEB969F5F414746AF27B8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\75257CD7AB3B5281A8477A407E9C105756B9B40C"
sh=E9CFED695C42B5B534C9145EDAF62C58DF660B95 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7563BB7C2336DCAA369954EC7C9FAA07035DCA5D"
sh=6B00CC2343A6E79F93A9C17C1BE2F57CCC121935 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\75C2B89E220409A533D867FB3F9730700FB488CF"
sh=5BEFB2040DC1CD4EB2588930DAB2A9E77114B605 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\760147A28CCE4530119BC186A240E620C372FE63"
sh=CDC7C4431692CF5A9EE2711E6B820EB6D0F82D80 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7624992AFB6A1E6B8E141FAAF28961B34006AFA4"
sh=317BB6AE104BE6307619A9870016F5481DE5E837 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\76FEAE8C81BFCCBC587C2B886AE49F9B5FC01FFB"
sh=53DA680CD922AF0B74E2AEB863D7BA2D97A23E9A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\772247A1E2D49E1169709ACB7A319BE2784EEBCD"
sh=95EC4C0FFE75346AA2657741D62229A7221C8BA9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\776BC86F93C6D7D425BBBCFAE3B1655F6E3C4108"
sh=7B80056F089681D1D0D5223D8CCF5D4862B3305E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\77B96B8E375324D2A2776B539AC5BC0AA0EE20C2"
sh=397F86BF7D2EF28A075D3F57B4383FC29AB35A13 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\77FAA2CC932C584AF56642E141AED1570DA631D0"
sh=D1FB23F16B1CA75D8B867683A82ED4772B139191 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\788F6D805CB483CD41D9A3B34C3A2B1160D586E3"
sh=87B08E2B794F60E44EBAEB29D8451F32D8A1F6C5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\797EA20BF1ACF8DA52263B42EB4595D170618759"
sh=5725ED67FC748835B84E117C16C94C354C420B5E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\79FB808BED22FD36728BBA296BA1792D375567E4"
sh=FED08AA9B0F9D78F0AD9653B68EB0025C1E412CD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7A868B2DBB640182858943D45C16D3F53FC402F4"
sh=B52FEF5F4994A0C2F58613E6099FECEA1D970ADF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7B80540914DFBA6E49E4B801E65F1C007BE30206"
sh=3EE43A6B9BE7E7DBCEBFEF2BD62A02CC7BE15F96 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7B83F7F972AEBD28B5924DED55ECAFA8B97A4BD7"
sh=3F250982013AD14FD0A3D63C0291A92F2C860C74 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7BCDD075129A0AB8491A15E1D7CA7D7D11F75DAB"
sh=E737906294584E5F3AFC2E11D552A90978AE001B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7C142610A0288C1C0EA601CB46BABF3E27E29CF3"
sh=791B95F4ACDC77AE49C3644B4ACC0B5F57E1C98B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7CF116AE6CB83665743B3684004A5632917572AE"
sh=225D9181904FA22C707A6C05E3009205B32FCEC4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7E0AE82BB4061AAFC2861832D66B1C3637476BB0"
sh=8C66137FF3A2E55C795AEA27B54275033D8E2F13 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7E3D9D02EE95C724BBC72BF0191E361F846E4436"
sh=E8B03CBB5A10B4BD24F794F307C0A8D4B7C7A58D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7E992A5AE53A3991D1CE3642E7ACF21051469298"
sh=50A9E6A9921471D132D20A99CE5011867F4ACAD6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7EBC099B599D6629FB0F99BAE583755A202D73C4"
sh=511750E2D00D69DF2FFF1CE13078665AFFB00D1C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7F3F1AA55A4683F69E07500447A330905C7999F1"
sh=33F2E624FC8E84E80CACC14471A99B1BEFBE7113 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7FDB1D84F0730E4AD2ADD25FD4FADE4E8035C304"
sh=6E8CF766745098E6949FC86D905D63BEE27CDA5F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7FE1C76DCBB4F7AE61926FC3058248805891713D"
sh=1301A6C00592366C1F8823A7945C6A62A6D8996E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7FE77A5AB6012A6C9EF938AA6A0DBF3E9AA9EC3C"
sh=B5BFDBB94E60EAD89F067394A1AE294EF09FF93F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\80FEE608DCFAFDA91967ED75A8848EC93393E1BC"
sh=257E17255DE184EC7E87C0DE3AFF5E70BEE5FCAD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\810D64CB5FBEFD8D419D18F56BA9F78D89D50722"
sh=37A029D54FABD29A0E11571C6B2C16E690FF9BEF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\814DCF1A11BAC41D0024ADAE012C1C2B090AB574"
sh=904095369E8CE5FA5A0B16E75A8A776E2912BCEC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\821415902E9DCF6AF1C99D03E648178E1FD6E72A"
sh=E19540C0736C472615D07E05905BBD828B13CE3A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\83196C54F519D28334B5F512FE1A02A0C9E7CE8F"
sh=6A2017F498E6F6D37433F601101F07AC89020398 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\834CD8D6A69F128E9E99ED3E0E50DE1BC61E403A"
sh=4E50245622277512C2968C00E03C6D4753216DCD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\853F242359AEF8E74C55DA6B369711B46C8C3B1B"
sh=21693490BDD0AB8F4A765982695430C1855D6557 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\85641138EB62B45375F8E8D7F6ACE2392C5C6E64"
sh=B1B4FFDA977A7F3B6B60A690C564604D2ED02693 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\858BACBA7F0D1932E84736A9D32C077B4DD96FFF"
sh=F6A47B63DBAF3B88B08ECCBE57D21F4784D686B1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8632032D5127D6815B7570065273E5864F80F650"
sh=730AC25D056D7FF7C4138F368BC5201B861C9F2D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\86346F9D55C0D3F04F58E9B46379EA59C7B073D6"
sh=82287BF63E6C235B0442ADA2D1B52630AAE9D06B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\86AD6A25AA4DF05091BB3D64449F3439ACC9FC77"
sh=55937E6D7680BB766B7058E9A0F3BF64FEB9960C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8757A46566C9635B0CF101DB695DA90152C44568"
sh=4148BFE9997DABAE993293FDC6C2F4E485B8B016 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8778999362FABF1B6AAD0284214FD7ED8574462D"
sh=51E79C69F8F2F8052D3B00AA4FBDF193A773CB4D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\880728BE4B94AD59C6BEC70FFC3BF9FA762CA0C4"
sh=EB030450ABCD2C45AB7E17906D6BE8582BDF2DD6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8852E062EB1B496E5E7295B47FCDAB5F2111EB19"
sh=F74FA868955829FC198CD5E22359C5200810597F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\88D0C30D47691312815D40D64D2D1FDDFCCE5AC2"
sh=EFBFA27C8FF313D112AE0A3D198D26F7D11711B5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\897216F7E4111B06828C9414F1659B9545B3522C"
sh=89D2D415F68D00C587202430205D041FFA50D3A4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\89E009D78A90879C43C590A9FDB44EA78F7024AF"
sh=2387A5FB3B77CDCD7298026FA2E4E7D098B16CBD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8A88546EB79D89CE912AE32DC84310CB0F9EAA63"
sh=4889C24C922ABA1902492D3183E558ACD3B5D5C2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8ADE109406F5B65D3589D477CD899EA1800CD344"
sh=0E5AD43AED50CA29224034CA33A48B79920225A6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8B640C60C666BF21FA41CEDB6C65088552E8279A"
sh=31D685F1F795BE79B36C8C1591B6896B1B0C9748 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8B7AB19321732A3C066A743780606CE1BADD5BF2"
sh=A459781C58F501C712664929AD7EBEDA94290E77 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8B9BD1EA28956A6C0633E0375909B77048276CB1"
sh=C048969FA58B2C8225904ECC6143EC8CBA285901 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8BE51C210D12D678915B03685A604C0BF977709D"
sh=E97B1687FB3F938C1CA3D5FBCC732F5A3AA46A2A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8BEE176BB5724A2477E3A64230E9A6D81D952567"
sh=46BA88E5414F15EABD6409BD916A9D0F2ECD6497 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8C24DF1795CAE1721D6A6DE84FDF862498F48E7D"
sh=0AA33D872C39B530F60741453EEDA7234B8145B9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8CB000341FBECCF66B0C218A331CB45251976BFC"
sh=17D461338D25B933D3A6E1FAF2D4CD573E7E5CA7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8D0A639B9BF18F4D7886DC8002A3C8C7B50C3D33"
sh=07C56596C2AE277331A767D7E3A5D3F897FFE13E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8D3212D626C7362A517070D81BE76E7B9E1974E9"
sh=0040B5105542BA7EF9E9FC5DBC5B6C1F4D0D1575 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8DAAC0E0A4D51EE7E8792557D0819E6D2BFBD78F"
sh=49E1857B6697100E3C152C02A6B4EFE8A9DA21AA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8E80850F312F93A4FAF98273CFCB7DEEB6782E87"
sh=4D97F722DD421116CB56AFCB2189C41923632D1B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8EA531775D02274BC47245E8B3118C7763DD7231"
sh=9E486F45DDBFA50AED40FC8A5BC4E91B62B095B4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8EA62A5AFB6B85128E27849474F5D451F8F22A23"
sh=AF3EADD8D4CD9F3E5E9575FD70B97574CF259E59 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8FB3438945D21A03835628F6EE602EFEB7A81291"
sh=F4C497A6D3916CFB293B80298D00489680FD2B18 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\903376718A7360FFF6C1D4AC4029AED908B484AA"
sh=4BB3E86D5AB531F3269D4743CD8BAD4B02CC96DB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9085587F6E577B81D566DE3547BAD0FB211BCE9E"
sh=7C0172AB20B97C4FCE919B11C5E2B274EC4E94A0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\93D3B07EC8B1F16F2E7850E2538B264A289D07CA"
sh=B16148BA26B676B8765244DA3AF81209F338885E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9442F89CA93F6B2396A764AAC4EA7988FDA681F7"
sh=C507FF2C1E308F2CDC788FA3AFDAFAC22A6C6C78 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9466846131D8173A164DFFFF1F4EB52F74CAFB2F"
sh=7CC6D70E279F057C0F712B5D956F3ECDD2829D6D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\94AD3B48176F6D2A362E6A4120EEDB489E1C5401"
sh=A5B122B0A1D1B3137B6432962C4413E044D441A2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\94D99EF949C678DF91AE883BD7377812B1602421"
sh=3ADAF6841D82993C167D942D25E2B2EEACD16A7F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\95620BB352FA844D4F44277D2FE7E09036AE1CBC"
sh=BFC21C68B59C50BEA043221F4C73283814D4B496 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\95EF512213BEF9C8390204CEBF92CB11CAE88279"
sh=5C8A56DCB6E3D6DA90D8630783394DB3708B42E2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9605C6722D4011E7036562D1098F88FC1C7A790F"
sh=EB10743CD225BD93DF7F178409BB22D98EEA815F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\960EDBDFCE3DFC94E8B0CB79922E2E6AD320A2F6"
sh=85D51348F26459E473AA1F41B9D37AAC4509D41E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\961E1128B277ADE66F560054B870B0BCF371114C"
sh=C7B2D7B8F7C958FFE888239F6E7B2BAEA9F8D93F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9674218D56909D01FC1BEEEA4DD3914AA7EFC544"
sh=DC88CE6150FF6038735BE1BF1F7F626370405C2B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\96AE0D963A73E1EF138718A9851848FE01DABA59"
sh=4B5CD204AE3E3E486AC771785A09C64EA852F57D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\97091C6D02296ED8FFEFFB2524C2E663F3E186F7"
sh=277A6DDD4401453B45A519B31E17B9DFEEBBA89D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\977F3219A16A1E4D750088B555A02450AB04D116"
sh=B6E5329A7957C1BB4D4AB74BACBDFC21879AC2D7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9780215673AE45B855002F51F940D9BAE4E9763B"
sh=D2CE9013B3138CE066511D34E154F1E2D87E63D1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\97DBA2CB2679F4A5AB8EB37CECCD5D8ACE51BB06"
sh=D996089D60E810F4E22C612D864FA7708B87B275 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9835F2D9D13049F37D2A72A81BAF20534CEED81C"
sh=0E9AE74DE69254BDFDF97B9EAF14AE1695B657AD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\98E64B11BFC146FA0680D6629620E0B59A2F740C"
sh=B7640C5B6B51167CE6B177FEEF883E771E13F440 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\99D79CD3F9FDE3D4D94902483A541483F599A6B5"
sh=8F4EDF6F8AEC867AF241D61C4994CA24A5B1899F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9B3B9150630035A66D8AB8AEE22E6DB4AF5B3A5E"
sh=19C79C5C4C1290782033F0C41FF36FD30A707993 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9B64A0AD81C6DC2818E09FA17F5C6232E88CF183"
sh=057F4637CCFBFC08F866B5BF43227E4D79F06289 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9B7FF429BB2EF2B1DE3C3DC5BA68D7BA373F27C7"
sh=97F89187561A00B327C27ADDE1FDF4BCE93D9921 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9C3DFDD938801CB5195613E486B01184C4C9953D"
sh=30C8A0856D6D18F0091BAF55F36A9B2A575A0233 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9E42784AC3FFB887860D11D845410E96EA1E93E8"
sh=D57B315861B7225FB0339C7DAB7A74D75A1DB990 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9EC9D9822523F53779B16EFBCEA25FA0D7C4042C"
sh=4675A330B7A7C286AB6298C3B0D0884AE5E27F4B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9FA6A59E369618E6CA903B45DE8AEFE0011B7581"
sh=8E518A2DB0287638BF649FFB2C668DA3A65E1BD9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A052B414148608BA6205ACF0A037E7D46107220C"
sh=00435088CE544F31F9B0375D1163EAADCF4D7811 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A0C217DCFC61C505BFCF7B4552EE8FCC11A22926"
sh=45FEEC5CEE20BA4AFB4486EA855C23D146BED3A9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A0DC358F41EE07D32B2ECDFEAD8A3C293620E7BE"
sh=4CD930E69CF4898275ABDBCB124762137FA8C4D6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A0E005612A893D8785DAB73A2FAC4F5B30ED94B7"
sh=77B9A12202D6538157E4BABD3B3E83F01A4B5A98 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A0F91A62F087FB3370FEA11BC4827B17A575AF04"
sh=FA3755C0DCB59F3A85F7385CE17C96065E888259 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A1D21114B78BB1C16A179AA5F60161F6178A05B3"
sh=C9ED80FE935D33D870EABD4EFAB9FD935AE90F1A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A1D92C1AC677068EEB0B6B678ADEA9BCED89D387"
sh=8FDEA7668A690C6FB770241E0305426D1F0CE7B2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A208D4E128ACB44A118BBE297D946740BD1B069B"
sh=28A53DA776C52BFD0B10DEDC42C4EA2362669C99 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A2FB5DD8894B8045580F10A8340AFB7574AF5536"
sh=B84BEBC3085C5117C878B06F4905084F20100DEC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A3CF64CDDB907BE41F2C5140B73CD063AF2AE422"
sh=E7BBFAB05621F46542DFBC2529974A16B01E49A6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A4638CB7579587EE1F4361D10AC689403F898692"
sh=03F91EC9C2F3D0821C8FA0D78563C38428B50995 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A4739B0E062C9C26241FBCB847FD8E60B743AB07"
sh=4F81C731FC62994D09115A0D7F72D169563A801F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A4AA64B36736B567944542A4329E2F418156B3E7"
sh=51EFBDB5514619115C7C43871C1816D58E2EAA0C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A52AA3D52890565CDFC1374F2F2EA3D53D59330E"
sh=3ABCE3FE29877BA366614BF25269F969C39D6E57 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A6426BDDC43C4ACDD4DBB4EF3B5273D13C4ED8B6"
sh=6D9E31DFEF6012107897A8074967659E889597FB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A70F1CB4138902B504899BC727C564858DB73FCF"
sh=E3773436F332F25B9E14DC15C77103D07C6161E9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A7131200079CF25997C4648BA930C81EBDF0D779"
sh=54B475DD1C1CD2912C47AA65D5F1BEA782B89A7F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A7E555F8FE625E74501412A8C43A5FF1920729BC"
sh=620D610D11FF79D92D6B9D7E88AF21880BF6150C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A89392029D5A0900B9B0976B315CA4D4B774DCE3"
sh=5FB03A8CEB49597BAE27AB20A781A97E1EC8685F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A8D5E86A2414C642DB1C7450E1AC1CEF46C9DC4C"
sh=119CFE070F733256F4048B52946411A2BC20A024 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A8DF579D7A3E2D13F096C5B8703F2BA688B3E2DF"
sh=4EAEEBD6000A3053E074D2FAE8F6FCDBB3862678 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A975A4347A79C45A5E2BE9439A0C1BB2C868F0AB"
sh=36F2F1F6A38F7681B324EA24A0E82AD619969570 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AA8CA97B914E16D3CABC9536C6DB367F109151B2"
sh=111FEA0D52AD8509750D29635374E27D1901DEA9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AB114F7A334D23F3401BDCBD26CB2AC9E09D5812"
sh=5C3EDD3676D4452D2525D816BACD4DC9AAD52A8F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AB61CAA354919EC457734F363C64FD5088708658"
sh=AB76348908EFF3239EE60BD74E6E20A1E9F9279F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AC2E1498CFA423661A43D6ADF9E5392C6FC4A90E"
sh=C66B4DFE2EBD3072B626F8922AB2C6F803112169 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AC5753CB8668DDD9543C28967FA0609ABC7856CD"
sh=B8CC6D24ED8F385AAF32BC56991E66855D778EC2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\ACE44A664793D3C472C00CE3DDFF3743E57F0E72"
sh=8513B3BFFD558BF23081D2DE002D6F64A0D32B6B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AD379CC90DF352CC3C2B9FA902012C0744282682"
sh=D51704038E9A6BD11BCAE5DBB3F4950A56253543 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AD7A989CCF673B83F1C6964846C35572DC9162AA"
sh=D2689ED49B4EB1FC9A8E0C761C58B742FB4FDC6C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AD8A8AB50BF4610A4C1E112F44EF13B5A30984D7"
sh=F5A053F3A45D1935D017D29A37F5D9BBBE2B6470 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AE232353E04AD4879C36DDD7A9C68118024609B7"
sh=16DD1E5ADC955D3C2655C24EB75BD5ECCF569736 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AE2B5709A8E837A1A6F27F94F406A68F699CBF0C"
sh=D6374105216A93C918F878D073BAB5F7C8CB76F6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AE6859D49FC5DCA533FDA9EEE59CBFD8267462F7"
sh=0E0D9FDCDC9FDF209B590A3347DCD8C10CF0CCD0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AE7AE1F8FCEB85FC78CFA715EED091FDC74A7728"
sh=35ED17CAFCD3D7EDB6032FE79FAE34CA39503340 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AE7DB82BFEEABB4FCF39DDAC761270B4B6E64AFF"
sh=302DAFA2CB4169D8CF0EB6876AC790C55395D288 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AF1F84D6E84F34CE6A36B765A6390A3009651230"
sh=350335DA7B947F4D0B2A80FB09C9592DA8B2C4FC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AF40E06CA855DEC43015BBD3154C258409C734DA"
sh=55E783F481A860DFC0A5FD792A86A065A955E1A0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B0078B1E1CF08EE12BA39B4135974F3BDAE6DCD3"
sh=FD47CC02CAF6A78593E285EBEB73207332E190BC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B01D242A2517CF842E1954C5D97E7EA4F5621687"
sh=238E7FC39BF26CF88A3313131C516659FC68E121 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B067CA37AAEB202D210A331BEF386B6DF2E24EB4"
sh=A1D5A9B466E35C0092EE77C9366096EB497052A2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B0C46045105B6409A1EEC0AFA33BD8DE4F0D8EDB"
sh=45740161BD3EFECA1C7EFA841A00B248DC870237 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B0EF4DB9DC2E1AE86710973B8CB17711DE36EEE5"
sh=C4EC33929397F5D513129E47122B5DD7C595F5BF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B46FCE45C5FC413BE53F63D5737E88C06A301431"
sh=40B2BA4026BF629C6FFBD64F50C53EE7A455C11D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B498B516751D7F30FA77DAC6E887EA3613823F8E"
sh=152845CA3E229A68AAEFCCE293B3F6841ADAF7D0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B5415A58AC634ED6D9B69D23FA4C992CE0DA62CB"
sh=F10CE0167891053338303BE20F002C412DF6ADD4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B60831EFF1194A745FDAA3B7F4A13C0040D772F8"
sh=6A075C319157FD288F25ACAFD3570B1F0C1079C8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B647894E1919BDF6151C5D05E377764A9F7D8DF8"
sh=B672BBCDE1679A1F65E76B7C25F4009B9017ECE8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B653158EBD44ECA4C75361DCC2B9073EBAF0CE65"
sh=673FC9BBBCD328A8A003890314AEB2D66DEE6D37 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B7716B86A906C1DCF992D45750FD2511DE374967"
sh=E2E5F174CC4307DA865A0E3B8FB40C149482134A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B7D1AC0D064E0ED4C06D11C3DEF65B4813EB6872"
sh=7E4D972986164D8892A177BCF0ECA38B115E2319 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B7D53A3E676A4BC3E8CED873CD16ADC7B1071C34"
sh=4BEB399E5A98167F7CC506C5E7CC21433AC69320 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B904EBA7E464DB6E4E3942434D92BB355DC0489E"
sh=CCD040490B9A7C5F30C1FDEE54333E5C8E4A945F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B9C22164A682FE97074FFEB9BE65DB69164242B3"
sh=1E87FF8CADC595C23144121ED8F795B2FC6F4D1C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BC3E8FEEE738BE72BA716BF4C7298F2F147164B1"
sh=E7FAE689038144440A884795C1DB239ED4F62BA3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BC61869B59DA0AA1FF12D1DE7EE1357EA0ADF584"
sh=8B7BCD3E05BEBF5B4849B211BBA4C68B4142F104 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BC75A54892E5058F0F0FD845498C06F8D5BD9AA5"
sh=DB72B0DBB0C7ED15D0E8AB082825AD8B48A01E1B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BCAC4AE10F5274E9237D5C939179C97E9B53A57D"
sh=4A908CCC877ABC7E0E36FE70C9CD5E2A12C0EBF6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BD62E096497CCF44F74632CB1E6509FD68A56609"
sh=1A952390A030F19574D13F12D5BD02DDB3244E60 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BE24F98DF8E62A92D4164506BFE9CB527BD772E0"
sh=8AE61EBBFA52A286FEBC3B3F40F7EF43641D7B0D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BE5E0AFF3D47E24E2539001169C8C824F58290B5"
sh=DD7E7233F2673DEF0722654246C4FA1856A04D7B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BEA3E3C581AF5D404F064BDA91341FD64701A501"
sh=BCD47F53E59897EEFB7AFE0511283583582B88F5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BEF798E312411546A8CB202B38AD62DB46CE4048"
sh=A27DE8007436F0A43A972F2172DBF44133856D6B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BF6242F41898002E2F2A902A43758DE0A069CADE"
sh=10395A6A42C824FBB7C64735179A27D8F98B6093 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C02BED78FD8B11701700161518D4DD6941218445"
sh=9817E877158B6158C039A2537AB0B8028A2820A6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C02C04498279AE0E42996C8D210552E460211A25"
sh=892F331DD8C0B77DC825D066EC5FA2813E993864 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C08CE7D041731C1D77D5F2CD2BB038512BB377FC"
sh=93C8D18E90984E02D66E05CBF35E9F6BA95A4D69 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C2F37FAE502C88B601137ED534ADE836C21AC668"
sh=1FE1D1954CB2C0784762DE05D5161E7978D06B04 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C36891903015CC6F2DE1ABBC51A5B3328EB2BC08"
sh=401A85ED767B3409FE88E0737D64A908DFC7DFD0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C3D13794B1DB2D2920F02072DB45B232E626F954"
sh=02A4D1E86F4434E5B35B00C1CB19A97254DF32A8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C3DB00F68BFE6C83D7C0314732886C65F23A6DD7"
sh=1C6D9D37DA3688F28258C6A326108E7AC3AD30A1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C52AD17D3F32CCD212F6CD0876FC42384AB4D7B4"
sh=B0528EFA4626D79D2B5D79BAE026E4B650FBA74B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C663379E6A2AB451634B613CBCE1A84380C59EAE"
sh=F385144A3585895A1EEA01CB75F90BD88F43DF7C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C67597E2593C06DFB0F5B96653549B0459B04E59"
sh=CC04E704F2D41A5FCBA57FFA75C3C76B1B8BE6B0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C806492022423BE9038B2D968A1908AE29C2C695"
sh=51C21D19777E34E76131A6295748C0DB3135CE70 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C824DCD0DEB209D8864CCEE8E421FFA29872D007"
sh=7781438C1FF94F33293D1B56B1607A0234195C78 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C9689C68DE690CB542FBECAEB9D54F8DAB79D864"
sh=72408728271B6742BD26119B4AA97B5F23C78B63 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C9B0F7A635D3FF70CB764D7210793C71325AB7B4"
sh=F78369B4F34147960D3A74783F6922F9F897862C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CA0B2E16B4428A0AAAF42DAF9A0B0B1D03056F2A"
sh=C25B68AC9C688673F26D1414F1FDE1890D165569 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CA9D9A2DD0C3A2BD366F00C6516BA8BD066FA7C0"
sh=79C80AB22ED9A213B5D35C1C4ABFD5E9FC54D356 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CAF3F1650FB41C75EB003CE6669F0540C4DF4824"
sh=6044F0541DCCB594B6FAA9D35915E3E382F4F212 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CB88E3152A8F2E2998D80BD42874177DFC463AAC"
sh=492B134BB8CBC11F263435BCDB9BDD62F82906FC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CBD15AC610BFFE5130D5A70534ECF3C15FD5A42D"
sh=79E941A38ED129601DFAE043196CF3E5735F80FD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CBDBD603FFD547DC5EB924723FFB7AC45210D830"
sh=1658921C48815AB39861D548EDE4F9D50CA5B7EC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CBFA6876FC206419128B38BB7842C8D3EB41623C"
sh=B425A17174F0F31DEA808CC0500058437C99ACE1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CBFFAB26B495787408D0E85213BEDFACF03D6A98"
sh=2F60BE202E38609A801321B228D01CFEEB83B2AA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CD2FE2DCDD1729F575910799739F2143E8A0B565"
sh=EFD57B470E105E081432735F9213E8CD58C6A37B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CD6D82A076C4D357EC5C659B40C2C112D3A0E665"
sh=D7F242FDA2EBC342D6BB702C76BE93B1FB5876A8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CDBD57EC4E8ED6E1FB7D184DECE9FD92F67B1B0F"
sh=2D585B1537EC81BF5BE71AE58A1DB4E399E4F1F4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CE07121D75BFC1A96293D0A3E29626527173244F"
sh=0678D3D77B9D6571D901229257287F7DEAD282A0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CE70A97B6C372E691853BAB1947B5576A66E4A91"
sh=6B7FEE5DBA599DC02A459C3C8C653A2FB2672F39 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CE7B87FCC62B4E8F31102CC8FA3174E48AB1ABD7"
sh=BAC890ABE2EDBEBE95378E55ED0906329954C193 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CEB49E79C3D045B33B28A084D908EF1B0A3FFBE6"
sh=F33D310A7D19099EC045103F94444E66467503D7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CEF61D551FE638890654921971BD9CAD9C48FD5E"
sh=D0153230A83B19B21C4B8C4BE304B912B1FB12F9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CFD754915D9E57E5C7CE5AD8551EF6EE2FAAC00C"
sh=EDD4BBD913D9B5C46B3AD5521B06046B8E3BDE52 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D063438AC2AB215FCB65840B4F013D55640F0774"
sh=9FC1E8848FF1D7F73A8FE10A19EEDCE52E0210A8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D1085B439AA590F6E5D56FBA35AE0ACFDD72E7EA"
sh=8391484E820775CEC81C0DAB1D4F1EDB60C3A997 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D11369C4A9A8FB8BDFB51B69A4E0581D061E7F44"
sh=60F42588D23E3C50C4E27A8D8596E234612314E3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D1979C513484C138D0C137FD284EAA6FBCDC43A0"
sh=AC71A7A782D9E45AA411C454E5E2BE79615EE298 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D260E35D5D706455256391813D7608FD1D4D6361"
sh=6877E9108A68B25CFDB1B31B376D3B0A167E8E22 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D2D8CBBB20D6985DDDBB6F8BABACF42E31BB389B"
sh=C0CB58276754FE63F2ED9D227E21360DA06AB0D7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D2E8C06C5B10CF6C0211BA4049BBECCE2AFC7F14"
sh=6BE83F9D30B7AF584712E1C60FBEF75729E77A62 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D37AD3A417F04789B69B5186D1F7D359E205ECB8"
sh=FD2FAD777E367AB7F1EB684682BC527B139BA323 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D3F779415FB74D1183337A85830F5F3D41EA2187"
sh=56AD0CFD13D0C90062A410B06EC3D9E2B19A1DEC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D42C952E3D9CC3D2B2BAC7EC6CFCD117BBDFC88A"
sh=8D6807771576A5D1A65CB43F05EE5A65D493F9B8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D491C2C6AA61F2EAB85CBDBC494F71605198E44C"
sh=6BB4BA34E28B114F1B65899A190500844BDC90AB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D5178C6AD4028641371926E55096C68A1E8DEF03"
sh=CF88F769C7E3E891C002D0A54EA611994FC978AB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D5DFC767F2D1E1A11CE1ECC5E1DABF78622EFC90"
sh=82904781A165FEAEDEB264FE00C58AF9E5339DA8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D75D9202431042EEDA73DFC7C59C4025CF8B38C6"
sh=9A78113924D1498B555E8DD6776200F31CD07F79 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D7A0904900520A125062883184F1AED3EE1C803D"
sh=2C082D629A4DA79A710F2D5F2C02F18BB3863D16 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D81D3FF2A7B3CA0061AE0257C3D4057FF9877381"
sh=79606C89547CBB2A97CFA1305F553E4E050AC107 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DA6626396C67E3E97104CAD6CEF355B5258C24DF"
sh=3DE1396D14F9D2ECE923CA12291AF1F865E2A1CD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DAE14D2CD9FBE902830994C76EA7C7B19BDBFE29"
sh=A46B48862B6DD13B5659A6CA87E000262042476E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DB14367A22C20B3BDBFF224543BD452672963A76"
sh=F8C91A779D3AB610BD0858E2C216D1AB3A7AA4D9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DBC0B9D9A6FDDEFC61AF653EAB6540B5F85CAB5D"
sh=A5E6D464FF1E4D15206D50FECC40D326488108A3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DBE1A4750CBBC686CBF1A3C7A484798404ED82BD"
sh=DF28E8F45D5DBCC079B7D08258B66711C9F4DFAC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DCE561FF3DA7A65FD04EEE7F5CF72115A2DD4A9F"
sh=D8B46EFE4F0FFAD02B8141116391CB57E258672A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DD055D5C7CE04821F04A4A3407850626CECBC7CC"
sh=E5560A40499FBCD18A1C038CA4F769257DF8EEBA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DD158C82F4426864C2640D777713AFE624A8E5ED"
sh=FD4BAC1EFDE2E965E4A4CE34879E5F4B0D9C5956 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DE6B20110F437F1A92AA6F1697C9A76650B3F4C5"
sh=674E4DD9CA5C5DC6D9FEB85C83C3BEF853F9B502 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DF24B13F56B1EA29F88164DB07927F373825BBF2"
sh=78A5B24E5826481F27F6105EF10B4ADDA43DA642 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DFC5A3244ABA46F6B7C56C6ACA0BC4D9BA4FFF37"
sh=A99BF8EED82EA6972EA6707381EFCBD69FEBB7AB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E09442348FBD6312CB4D965565BB02144FF05B3B"
sh=D588B198E21A61A38A89F47C7E7DA993BEECF356 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E0C443B5A3188B0AD9D62D3110D3573BD36ADC35"
sh=CD410BC45E7CDBD89F1B4CDCB38375769B2C23E0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E0C6C0F2694DC321A18B7525CF5907866D85D8EC"
sh=14131C245D32C670D876AD2F0D656BE8E39E273A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E1B61B670A1132D9F95784ECDDD774020DC756C0"
sh=475EC5667C5EF5AA50F740ADC3E9CBBBDDC72C39 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E1FE1D55B5FD7660D38494B6A1ECE92230498EE3"
sh=E3FB25F54A951C539749DF073FAA472EA1144F83 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E31B665EC69C2FBC287776215C39BDF7FBD73296"
sh=5BC9CC74AC0097B762A5677C532760B85B48C5FD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E5707FF97CAA538F3F480931C0F1B6F9C19B8AC4"
sh=5BB021C9C4D031E0226C422210F75062C583A21C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E58AFEC0036E7D7C13BBFF03F49C7C0B36559C80"
sh=819EAEF1DDA45755EDFA80918CFFA512EC050EDD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E594B37C7180BFBA8BE486A1E5A1752703D6DDF2"
sh=38EFC9E89DFDEF07FE22E42D73ADBA72B51B3714 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E59A2FDF36438D6D6AD27484101B1E2DA5D92AB3"
sh=9675F0353189576AE83E2CC0795AC56354597A45 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E63BE7DDBF3043763D44ADED83C9BB64386265D4"
sh=51E90DC283D5C52E7783126D544BE1B9AFC845B9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E6642010514B6B5FE93F225179BAF5D428248D49"
sh=50E6EC08B0D515B352F18A1FA6E695A0DCBEED9B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E6E4688799F7977FA06E905E0CEE4F06457ADB5F"
sh=B56E5EA6E29C04934EBF9062636F23BD577D6E72 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E73F9D1823096268C4BEDF85B33E98A7F6F0BA0B"
sh=97F71E7A8030FDA3815E87EE925B8FF563082386 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E74D9BFF45FE956164791142D01543B42A7B1C8E"
sh=4BFC6A07D1C4FF130E018995886345F010C7C2FF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E75E0882DBD2500CB23481186519EAB61CE36789"
sh=0571B4982C788AF6C86307E58412A0213B326A1F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E78CEE488837BD364CD8EE76B6848AF52DC92CA8"
sh=83EC0DFAE9E5DA2F817E4295937C12770BB9E150 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E80BA584C196A156F2AAE26DDA22991F31FFEED4"
sh=CA914937C454AAEB756F47ACFF1B01B5A7CC2E75 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E8B4BB94D943EC0E7DA62588E369863F6047756D"
sh=2CB563489C9C13A79EAB8E5F02358E886242015B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E8F114105E7DE8DDA975EBA3AA96F0650FCFE329"
sh=8B3DA6A0717FDD9AB80B0661A481DE650D461BD0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E9DFE6ED68987A97719DAD602B2878579B055A3C"
sh=6B015BDB8DDE52BE363ECE5D621C9996C3A876C9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EA27D56AB7364792FC6723F35A3F06C1B977A52B"
sh=3F923BC73093D0BD6FEF2577DDE6796364DF5BD9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EADABAF5A63F30EDCF27C3707CD4BA81DCCAF249"
sh=0803A4C464F33C386988D5A648D038B0B60A8D0B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EB0DB111F54934D3598E33ACB15871EFDCA9D2E0"
sh=303CD4D04B8F0955B21C8772BAF6A4CC76EA8E5C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EBE602EAF58FEF2058334E52E3FA55DD439E3F11"
sh=7CBE4A29597AA782C66F32A76240521A35A14440 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EC6AC54C45653BA9E0B3F15397B42127F3A76612"
sh=4150C763CBAE44D126EA5D17E8271E8232822679 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\ECEE1052C096D4E1D45621B6D065195D06B21C36"
sh=C99CD73C2D0495A097D82E620B9EB715D6F8A25F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\ED630E53DAA6633B64357F07783C7783091974D2"
sh=D04208C3E197D7E09971EE4886A83543E44B7B6A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\ED638900B00B3D4FA148EB10348520C72030EB96"
sh=DC0EAA5D608ED7AD46F093FA02C2FB69DD7EE7F4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\ED9B0D7611CEAD86518FF98688FAF4F7B83A1CE4"
sh=6AA9349C9AD478BA03EDDD6507A36DDB6F33C481 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EE38B3E469CC0BA2591899E48CF5171E2084AB36"
sh=1D4A993215C2FE9DF95A076901B9A51A08531625 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EF14BAF903D8220813CA4237D32A58D3F36C205C"
sh=591384773386599AF05B62A440C538444BB26172 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EF5C21F54D8A0D45A1A9956CD828F46DF0BF8AF5"
sh=4493D727E0F1130B1D97A3C055497B4D99D66249 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EF7A2E82E8777DF28501CD2E3958238DEE463356"
sh=12E6409F200BDC8B1A14ECBCF6BC7BD98B81EA42 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EFED024656E93B7E320B8AA6F4BF4F46DBF578E1"
sh=9C81BA7E6C56CCA7C5B521A369D9AAF8B5A51558 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F023CC1C1FD02566FEDC45D719A04BF9583BB02C"
sh=D77C321354CB17B252B3CB04CC3CDD43000A84AE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F107FD0797AD21A14829C520A074E505CCEE42B1"
sh=03E1CB19C39E7EF3EEA79B90677FC40947C0BEEC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F12CA666884E95784D4618E6B79AA0D83CB35A36"
sh=856309EEA2D06E8EE201BDB4B12AFE1819F4EB22 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F19492A1C5A1331821B925F20E52EA766868681E"
sh=49FDBCBE3CC3CF3AF7A7BB7AD0A7072337D4173E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F23DBC08095BEE665117154C844E48069EED2350"
sh=56AF7E0D4495079DA38166C1C98FBC8ED394A8BA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F2B739D0FBFAB811673DFFEF740DB6C6508423FE"
sh=EADA07C321C73FE96258CF1B5C3B02CC0F3D438E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F3A85E535A3E5273EB0FB32F1B50010E7BF30340"
sh=8AC189153CEA2C25E5D14A5502F9D39E41CC1AF9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F4A9496FACBEB4171E233A8C8530EECD85432766"
sh=17C0043A8FB92897F83ECB9F8A56F3B720FD4853 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F53CA0500C793485237DDA80C506EB4F0803A5C7"
sh=0218302F165CD87F0347B87B6FF235A45997F1B7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F60DFE9C556340BC3376B62FA9FBD5C676EF2974"
sh=7E09B73F2D67D2817206297167965A706A71478F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F66273AD3AB1B40DF35E32D674AC1260DB48E759"
sh=9620920CAAD70732184F152C8002F07232C6FD14 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F70B6F4421D4A82DD21D3237B6A72805CE8CD16E"
sh=B803646472A2B6902F8AFA03CEC6EB2B1A6CE2C0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F8117478077C78A2046B76D4FD7E2C9E3C0CFC11"
sh=AEBAEE7DCACA76FC8D665FE8E579875C1314A9CE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F86A892B3CC5AC4E7CBB2BFA75797DFA60B2B2A7"
sh=B7863B6D997728A4644FFD246F0AD46E895ED0ED ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F87402F942B2073538DB6C044D7F149609AC98C1"
sh=8F0EA293725B2375EAAF451F2EB3FD90BEC1AB91 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F8C3D91E9ED91827B75B4DD051AECAEF2AF4A52E"
sh=CE9AB571CA796F887E40689F271769C6A0FAAAEE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F8CDFD215E4BE1B7A08262862D02FCB4CC8FFE54"
sh=00AA6C6EDA4AAC083F1B93F9E4DD36AF991E5C9D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F9960E970F11007C5906F728AFFFEBE4ACA69F6C"
sh=21F6C83A548133FC9A363BDA1604EFF9B537B237 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F9BA84D822E32CC7E33E12E1CD92C5E2059608FA"
sh=4902FD15123A01388C5F611009972BFF2E8E7ACD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F9FE0D7C456B9F41FC9891D729B734F5DA433B84"
sh=7CC6D703F5F02238A02D0857C3F80AEE2A4CD583 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FA798ABE1077227723411A07156AAE86E092B922"
sh=F325C115FF6AB489E4DAE1AE2E5059C82AF30DC4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FC2896034470B8C504E399DF83D3B08E24CA6AC3"
sh=2E4CD03C5F06D2E05C33191BC23561B25FF4BF0F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FC5A949C891636E6BC9698234C3CE9625D33FCFD"
sh=DD9532CF682F49A9540A513C290EA39AC76008A7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FC7598CF95F95FE40D9199244B813169F1FE093E"
sh=A537C9BD687DE8CB7384568FF0E36C5BA0EE41BE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FC92F04FC953CF9199615D5A164C82C2A5230E5B"
sh=25BB502207717F25CDA866EB2BF0925DA43759B5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FD4231CB3407B9F57E7F729D7ED1B7784BFC2BC3"
sh=12A8CAE5797B4217E3BF59C982DE0EB85D3515DF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FDF01AC3A831C698FD8F235F81C0B978B192D88F"
sh=8F5E77C96900A2EEF4B9B2289E0AC2EDE6095BBB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FE42736830CB3EB136C08BC97DD9A13800919BD7"
sh=1FA9E4991983CD603A82C71CB9BDFC8F1FF6033C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FE6CD2612E89751F9EF556D986FB68CF12FBBAB7"
sh=77CBBE955BC94014E8987CC35A0C7F4596169E57 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FE9E6BA7903C188BEADCF7761746D0E8BB1F4C3A"
sh=D54C070584E28D77B48D60B44FBB57CA6411E693 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FFAA5AAEA7978E3514A38017BFFC3088F5F89B5B"
sh=E8538BFB67DEF1093ACDA7376A5CDA4C797F8DC5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FFC40BDE3C9C03260EC09032AB641025DC90BAFA"
sh=EF8BE769E13FEC1AF13566D9243CE291F1629B02 ft=1 fh=c71c001139d66c4c vn="Variante von Win32/Adware.AddLyrics.DM Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.exe"
sh=82ECE47BD6D99912A9EA4DA49395D3438B6240B8 ft=1 fh=c71c0011c30f928e vn="Variante von Win32/Adware.AddLyrics.DM Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\58A0271C-DAA9-E0B9-2984-AC25A29A9884.exe"
sh=68B53E6C7C6DA98C863C424911BA547B9A3AA088 ft=1 fh=871fbe96a53e35ba vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Nick\AppData\Local\Temp\optprosetup.exe"
sh=3AC609F0348D290AB3B759692CA911085D3F0ED8 ft=1 fh=87f90cf552b989a6 vn="Variante von Win64/Adware.MultiPlug.E Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\tmpC7DF.tmp"
sh=EE1380F943C34F2603B930EA38DA2D09B39DC0E9 ft=1 fh=5c81a560761e8801 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\is-82CL4.tmp\gentlemjmp_ieu.exe"
sh=ACDCAAFF0692644579F107FF46C8113A07187AF6 ft=1 fh=8e981c71d7929e16 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\is-LUJ14.tmp\gentlemjmp_ieu.exe"
sh=397486B997D573746926ECE174BE876CE18BF703 ft=1 fh=37fb9881b5cd0eb0 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\is-PMDET.tmp\gentlemjmp_ieu.exe"
sh=586FB793296100C4133E6218B1B1E4E6F33A9933 ft=1 fh=f00aaed3a520e181 vn="Variante von Win32/AdWare.SpeedingUpMyPC.N Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\is1488139799\4BA5C890_stp\OptimizerPro.exe"
sh=62115FB02BA5411A8306E3BF85672BD56F504379 ft=1 fh=4c1c25f2b01e5d41 vn="Variante von Win32/Adware.AddLyrics.DM Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\n2151\9020-8000_TheBestDeals.exe"
sh=342C49244A0766A6E5ED7DAD1F23823C41DBA467 ft=1 fh=1811f9329b63c89b vn="Variante von MSIL/Adware.PullUpdate.A Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\nsf1C4.tmp\Helper.dll"
Code:
ATTFilter Results of screen317's Security Check version 0.99.93 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 25 Java version 32-bit out of Date! Mozilla Firefox (34.0.5) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter <<Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Nick at 2015-01-21 15:27:58
Running from C:\Users\Nick\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3009 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
AVG 2015 (Version: 15.0.4253 - AVG Technologies) Hidden
Bad Piggies (HKLM-x32\...\{32941438-AD79-4EF4-B7E4-86039E41B4D3}) (Version: 1.0.0 - Rovio)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.19.331.104.16 - Infernum Productions AG)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Infigo (HKLM-x32\...\Infigo) (Version: 1.26.0.4 - MAVIN LOG, S.L.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LEGO® Harry Potter™: Die Jahre 5-7 (HKLM-x32\...\{5C5A944F-096E-4ADD-B8E8-887F18BA6228}) (Version: 1.0.0.0 - WB Games)
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
NVIDIA Grafiktreiber 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Pokki) (Version: 0.269.2.471 - Pokki)
Pokki Start Menu (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4218249386-1005423115-940720447-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
17-01-2015 19:13:19 Wiederherstellungsvorgang
20-01-2015 18:59:21 Revo Uninstaller's restore point - CinPlus-1.0cV15.12
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2923779E-6EEB-48BE-A74D-8C074541E151} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {35DF10D6-DAF6-4F38-BCD9-4C7CCBE9ED8C} - System32\Tasks\{5EE2478D-F235-4D61-88B7-D5096E360D17} => pcalua.exe -a "C:\Program Files (x86)\BrowseStudio\BrowseStudioUn.exe" -c OFS_
Task: {4621F24C-2B09-4415-A9B5-59E80B23B1ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {5235A662-426F-4225-BFA9-EBB1683B0ED2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-18] (Microsoft Corporation)
Task: {70DDE1F3-D130-4C28-93D8-5AE03649804B} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {73146D59-A805-49D5-8D19-E39497F43CC0} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {75537BF8-1C84-42D4-8E4B-B42466D102C3} - System32\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86 => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {7CC3A020-2B4B-420B-B12D-B45BF4A1101B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {97C397C4-4FAB-415D-813B-156FD3D89917} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {9FD03297-E1DE-495D-B47A-3BBC246BD50D} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AA9F1F0F-147D-4013-A93A-B1C5D81C0680} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {B23F98AB-2E1D-410C-A96B-85B50D3F719F} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {CDEBDD6D-546D-4B01-A3C7-EB89455009E9} - System32\Tasks\RunTool => C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea\sysad.exe [2015-01-20] ()
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-07-25 22:23 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-08-31 19:24 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-25 21:14 - 2014-02-25 21:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 21:11 - 2014-02-25 21:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-12-19 21:59 - 2014-12-19 21:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-02-25 21:17 - 2014-02-25 21:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-03-19 02:35 - 2014-03-07 17:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-08-31 19:21 - 2013-12-10 00:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-19 09:15 - 2015-01-19 09:15 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-12-19 21:16 - 2014-12-19 21:16 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-12-29 13:25 - 2014-12-29 13:25 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2014-12-19 21:10 - 2014-12-19 21:10 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-12-19 22:00 - 2014-12-19 22:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Nick\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\StartupApproved\Run: => "Skype"
========================= Accounts: ==========================
Administrator (S-1-5-21-4218249386-1005423115-940720447-500 - Administrator - Disabled)
Gast (S-1-5-21-4218249386-1005423115-940720447-501 - Limited - Disabled)
Nick (S-1-5-21-4218249386-1005423115-940720447-1002 - Administrator - Enabled) => C:\Users\Nick
UpdatusUser (S-1-5-21-4218249386-1005423115-940720447-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/21/2015 03:23:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (01/21/2015 03:00:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 15b4
Startzeit: 01d03581f58252cd
Endzeit: 4294967295
Anwendungspfad: C:\Windows\syswow64\wwahost.exe
Berichts-ID: e9a3311a-a175-11e4-8269-f8a963e5e11f
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (01/21/2015 02:59:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (01/21/2015 02:58:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (01/21/2015 01:32:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (01/21/2015 01:22:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (01/21/2015 01:22:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (01/21/2015 01:22:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (01/21/2015 01:12:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (01/21/2015 11:57:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
System errors:
=============
Error: (01/20/2015 09:07:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FCUUjqwoLq" wurde aufgrund folgenden Fehlers nicht gestartet:
%%216
Error: (01/20/2015 09:07:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Infigo Operator" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/20/2015 09:00:40 PM) (Source: DCOM) (EventID: 10010) (User: NICK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/20/2015 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: NICK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/20/2015 08:59:40 PM) (Source: DCOM) (EventID: 10010) (User: NICK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/20/2015 08:59:10 PM) (Source: DCOM) (EventID: 10010) (User: NICK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/20/2015 08:58:40 PM) (Source: DCOM) (EventID: 10010) (User: NICK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (01/20/2015 08:55:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (01/21/2015 03:23:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (01/21/2015 03:00:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703115b401d03581f58252cd4294967295C:\Windows\syswow64\wwahost.exee9a3311a-a175-11e4-8269-f8a963e5e11fMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
Error: (01/21/2015 02:59:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (01/21/2015 02:58:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (01/21/2015 01:32:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (01/21/2015 01:22:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nick\Downloads\esetsmartinstaller_deu.exe
Error: (01/21/2015 01:22:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nick\Downloads\esetsmartinstaller_deu.exe
Error: (01/21/2015 01:22:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nick\Downloads\esetsmartinstaller_deu(1).exe
Error: (01/21/2015 01:12:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (01/21/2015 11:57:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nick\Downloads\esetsmartinstaller_deu.exe
CodeIntegrity Errors:
===================================
Date: 2015-01-21 13:10:15.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 31%
Total physical RAM: 8115.27 MB
Available physical RAM: 5567.34 MB
Total Pagefile: 9395.27 MB
Available Pagefile: 6853.13 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:914.95 GB) (Free:835.42 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E4D040D7)
Partition: GPT Partition Type.
==================== End Of Log ============================
hi Schrauber, glaub hab etwas falsch gemacht oder? Gruß Anja |
|
21.01.2015, 17:47
| #23 |
| /// the machine /// TB-Ausbilder | Sicherheitswarnung zu meinem Internetzugang durch die Telekom Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\ProgramData\OqQeGinkA
C:\Users\Nick\AppData\Local\Mozilla\Firefox
Task: {75537BF8-1C84-42D4-8E4B-B42466D102C3} - System32\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86 => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Revo Uninstaller - Download - Filepony damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.mozilla.org/de/kb/fi...einfach-loesen Frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.01.2015, 20:44
| #24 |
| | Sicherheitswarnung zu meinem Internetzugang durch die TelekomCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Nick at 2015-01-21 19:31:36 Run:2
Running from C:\Users\Nick\Downloads
Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\ProgramData\OqQeGinkA
C:\Users\Nick\AppData\Local\Mozilla\Firefox
Task: {75537BF8-1C84-42D4-8E4B-B42466D102C3} - System32\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86 => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Emptytemp:
*****************
"C:\ProgramData\OqQeGinkA" => File/Directory not found.
"C:\Users\Nick\AppData\Local\Mozilla\Firefox" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75537BF8-1C84-42D4-8E4B-B42466D102C3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75537BF8-1C84-42D4-8E4B-B42466D102C3}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86" => Key deleted successfully.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job => Moved successfully.
EmptyTemp: => Removed 2 GB temporary data.
The system needed a reboot.
==== End of Fixlog 19:31:42 ====
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015 Ran by Nick (administrator) on NICK on 21-01-2015 20:42:23 Running from C:\Users\Nick\Downloads Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor) HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM-x32\...\Run: [mbot_de_349] => [X] HKLM-x32\...\Run: [rec_de_2] => [X] HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] () HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications)) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [RegDXVA1] => C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\abPhoto\SwitchUserVideoKey.reg" HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [SetAsDefault] => C:\Program Files (x86)\Acer\Acer Video Player\SwitchUserVideoKey.bat HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Infigo] => C:\Program Files (x86)\Infigo\Infigo.exe onrun IFEO\ContentExplorer.exe: [Debugger] TaskList.exe IFEO\internetenhancer.exe: [Debugger] TaskList.exe IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File) ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:52754;https=127.0.0.1:52754 ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:58526;https=127.0.0.1:58526 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=about%3Ablank&OSP= StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = BHO: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default FF NewTab: FF SelectedSearchEngine: FF Keyword.URL: FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Extension: 9b9d2aaaae264447a7a1633a32b19ddd - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd} [2014-12-22] FF Extension: Locale Switcher - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2014-11-27] FF Extension: BrowseStudio 1.0.1 - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}.xpi [2014-11-27] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X] S2 FCUUjqwoLq; "C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe" [X] S2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-21] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation) R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X] S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-21 20:37 - 2015-01-21 20:37 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-01-21 20:37 - 2015-01-21 20:37 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-01-21 20:37 - 2015-01-21 20:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-21 20:37 - 2015-01-21 20:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-21 15:27 - 2015-01-21 20:42 - 00017137 _____ () C:\Users\Nick\Downloads\FRST.txt 2015-01-21 15:27 - 2015-01-21 15:28 - 00033155 _____ () C:\Users\Nick\Downloads\Addition.txt 2015-01-21 15:25 - 2015-01-21 15:25 - 00852504 _____ () C:\Users\Nick\Downloads\SecurityCheck.exe 2015-01-21 13:22 - 2015-01-21 13:22 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_deu(1).exe 2015-01-21 11:57 - 2015-01-21 11:57 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-01-21 11:55 - 2015-01-21 11:56 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_deu.exe 2015-01-21 11:42 - 2015-01-21 20:41 - 00000000 ____D () C:\Users\Nick\Desktop\Neuer Ordner 2015-01-20 20:46 - 2015-01-20 20:46 - 00000000 ____D () C:\Windows\ERUNT 2015-01-20 20:34 - 2015-01-20 20:42 - 00000000 ____D () C:\AdwCleaner 2015-01-20 20:16 - 2015-01-20 20:16 - 00003112 _____ () C:\Windows\System32\Tasks\{5EE2478D-F235-4D61-88B7-D5096E360D17} 2015-01-20 19:57 - 2015-01-21 19:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-20 19:57 - 2015-01-20 19:57 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-01-20 19:57 - 2015-01-20 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-01-20 19:56 - 2015-01-20 19:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-01-20 19:56 - 2015-01-20 19:56 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-20 19:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-20 19:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-20 19:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-01-20 19:54 - 2015-01-20 19:55 - 01707939 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe 2015-01-20 19:53 - 2015-01-20 19:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-2.0.4.1028.exe 2015-01-20 19:53 - 2015-01-20 19:54 - 02186752 _____ () C:\Users\Nick\Downloads\AdwCleaner_4.108.exe 2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\shopndorop 2015-01-20 19:09 - 2015-01-20 19:09 - 00000000 ____D () C:\Program Files (x86)\leisss2pay 2015-01-20 19:05 - 2015-01-20 19:05 - 00000000 ____D () C:\Program Files (x86)\FineDealSSoft 2015-01-20 19:04 - 2015-01-20 19:04 - 00000000 ____D () C:\Program Files (x86)\DissccountLocator 2015-01-20 19:02 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files (x86)\DeallsFiNdeRRPro 2015-01-20 18:56 - 2015-01-20 18:56 - 00001284 _____ () C:\Users\Nick\Desktop\Revo Uninstaller.lnk 2015-01-20 18:56 - 2015-01-20 18:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2015-01-20 18:55 - 2015-01-20 18:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nick\Downloads\revosetup95.exe 2015-01-19 22:20 - 2015-01-19 22:20 - 00000865 _____ () C:\Users\Nick\Desktop\Downloads - Verknüpfung.lnk 2015-01-19 21:47 - 2015-01-19 21:52 - 00862496 _____ (CoinisRevShare) C:\Users\Nick\Downloads\adobe_flash_setup.exe 2015-01-19 21:46 - 2015-01-19 21:47 - 02126848 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe 2015-01-19 21:44 - 2015-01-19 21:44 - 00050477 _____ () C:\Users\Nick\Downloads\Defogger.exe 2015-01-19 21:35 - 2015-01-19 21:35 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk 2015-01-19 09:25 - 2015-01-19 09:25 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud 2015-01-19 09:25 - 2015-01-19 09:25 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk 2015-01-19 09:17 - 2015-01-19 09:17 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk 2015-01-18 06:54 - 2014-12-31 12:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-01-18 06:49 - 2015-01-18 06:49 - 00003754 _____ () C:\Windows\System32\Tasks\RunTool 2015-01-18 06:49 - 2015-01-18 06:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea 2015-01-18 06:48 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2015-01-18 06:48 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2015-01-18 06:48 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-01-18 06:48 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2015-01-18 06:48 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2015-01-18 06:48 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-01-18 06:48 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-01-18 06:48 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-01-18 06:48 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-01-18 06:48 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2015-01-18 06:48 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2015-01-18 06:48 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-01-18 06:48 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-01-18 06:48 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-01-18 06:48 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-01-18 06:48 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2015-01-18 06:48 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-01-18 06:45 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-18 06:45 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-18 06:45 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys 2015-01-18 06:45 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-18 06:44 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-01-18 06:44 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-18 06:44 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-01-18 06:44 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-01-16 21:01 - 2015-01-21 20:42 - 00000000 ____D () C:\FRST 2015-01-16 21:00 - 2015-01-16 21:00 - 00000000 _____ () C:\Users\Nick\defogger_reenable 2015-01-16 14:36 - 2015-01-16 14:36 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-15 22:24 - 2015-01-15 22:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG 2015-01-15 22:23 - 2015-01-15 22:23 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg 2015-01-15 22:22 - 2015-01-15 22:24 - 00000000 ____D () C:\ProgramData\AVG 2015-01-15 15:03 - 2015-01-15 15:03 - 00000000 _____ () C:\autoexec.bat 2015-01-15 15:00 - 2015-01-15 15:01 - 00000000 ____D () C:\sh4ldr 2015-01-15 14:39 - 2015-01-15 14:39 - 00000000 ____D () C:\Program Files\Enigma Software Group 2015-01-15 14:06 - 2015-01-15 14:06 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG2015 2015-01-15 14:05 - 2015-01-15 14:05 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\TuneUp Software 2015-01-15 14:04 - 2015-01-17 15:22 - 00000000 ____D () C:\ProgramData\AVG2015 2015-01-15 14:04 - 2015-01-15 14:04 - 00000000 ___HD () C:\$AVG 2015-01-15 14:03 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-01-15 14:02 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\MFAData 2015-01-15 14:02 - 2015-01-15 14:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg2015 2015-01-15 14:02 - 2015-01-15 14:02 - 00000000 ____D () C:\Users\Nick\AppData\Local\MFAData 2015-01-03 17:58 - 2015-01-03 17:58 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WB Games 2015-01-03 17:38 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WB Games 2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Rovio 2015-01-03 17:10 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio 2015-01-03 17:10 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\Rovio 2015-01-03 17:10 - 2015-01-03 17:10 - 00001094 _____ () C:\Users\Public\Desktop\Bad Piggies.lnk 2014-12-24 20:24 - 2014-12-24 20:24 - 00001270 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk 2014-12-24 20:24 - 2014-12-24 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2014-12-24 19:42 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft 2014-12-24 18:25 - 2014-12-24 18:25 - 00000000 ____D () C:\Users\Nick\AppData\Local\Blizzard Entertainment 2014-12-24 18:24 - 2015-01-21 19:29 - 00000000 ____D () C:\Users\Nick\AppData\Local\Battle.net 2014-12-24 18:24 - 2015-01-17 19:44 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Battle.net 2014-12-24 18:24 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-21 20:42 - 2014-08-31 20:16 - 01206231 _____ () C:\Windows\WindowsUpdate.log 2015-01-21 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru 2015-01-21 19:38 - 2014-11-27 18:55 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4218249386-1005423115-940720447-1002 2015-01-21 19:34 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla 2015-01-21 19:33 - 2014-11-27 18:57 - 00000000 ____D () C:\Users\Nick\OneDrive 2015-01-21 19:32 - 2013-08-22 15:46 - 00023275 _____ () C:\Windows\setupact.log 2015-01-21 19:32 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-21 19:32 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-01-21 17:44 - 2014-11-27 18:59 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{21898380-5491-4791-BB9B-793C6C26EEF0} 2015-01-21 11:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-01-20 20:42 - 2014-03-18 10:54 - 00041090 _____ () C:\Windows\PFRO.log 2015-01-20 20:39 - 2014-11-27 19:09 - 00000000 ____D () C:\Users\Nick\AppData\Local\CrashDumps 2015-01-20 19:52 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pokki 2015-01-20 19:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF 2015-01-20 15:08 - 2014-11-27 20:08 - 00000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG 2015-01-20 14:53 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Skype 2015-01-19 21:36 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer 2015-01-19 21:35 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2015-01-19 21:34 - 2014-11-27 18:52 - 00002293 _____ () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2015-01-19 21:33 - 2014-11-27 18:50 - 00000000 ____D () C:\Users\Nick\AppData\Local\clear.fi 2015-01-19 08:55 - 2014-11-30 15:18 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-18 16:13 - 2014-11-30 15:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-18 08:24 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp 2015-01-17 20:02 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini 2015-01-17 19:54 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick 2015-01-17 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices 2015-01-17 19:47 - 2014-08-31 19:30 - 00000000 ____D () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701} 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera 2015-01-17 19:44 - 2014-12-05 08:24 - 00000000 ___RD () C:\Windows\BrowserChoice 2015-01-17 19:44 - 2014-08-31 19:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee 2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee 2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Temp 2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\install_clap 2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Macromed 2015-01-17 19:44 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep 2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee.com 2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee 2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee 2015-01-17 19:43 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP 2015-01-17 19:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration 2015-01-17 19:24 - 2014-09-01 04:36 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\winrm 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\slmgr 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\winrm 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Vss 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\vpnplugins 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\th-TH 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-RS 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\spp 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Speech 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\networklist 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MsDtc 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Licenses 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\IME 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\he-IL 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\et-EE 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SystemResources 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\zh-HK 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System 2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\slmgr 2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Media.Shared 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\uk-UA 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\tr-TR 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\th-TH 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spp 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spool 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Speech 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sl-SI 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sk-SK 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ro-RO 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\networklist 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MsDtc 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lv-LV 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lt-LT 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Licenses 2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\SMI 2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe 2015-01-17 19:22 - 2014-12-05 08:24 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-01-17 19:22 - 2014-11-27 18:50 - 00000000 ____D () C:\Windows\oem 2015-01-17 19:22 - 2014-09-01 04:29 - 00000000 ____D () C:\Windows\NAPP_Dism_Log 2015-01-17 19:22 - 2014-03-18 10:45 - 00000000 ____D () C:\Windows\SKB 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\Configuration 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\InputMethod 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\IME 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\hr-HR 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\he-IL 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\et-EE 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\bg-BG 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ar-SA 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Speech 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Resources 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PLA 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Performance 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\InputMethod 2015-01-17 19:22 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup 2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism 2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing 2015-01-17 19:21 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla 2015-01-17 19:21 - 2014-08-31 19:50 - 00000000 ____D () C:\Users\Public\CyberLink 2015-01-17 19:21 - 2014-07-25 22:28 - 00000000 ____D () C:\Users\Public\Foxit Software 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Globalization 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Branding 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ADFS 2015-01-17 19:20 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Local\Skype 2015-01-17 19:20 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages 2015-01-17 19:19 - 2014-12-14 11:12 - 00000000 ____D () C:\ProgramData\Battle.net 2015-01-17 19:19 - 2014-11-30 18:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\CyberLink 2015-01-17 19:19 - 2014-11-29 15:04 - 00000000 ____D () C:\ProgramData\Skype 2015-01-17 19:19 - 2014-11-27 19:36 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-17 19:19 - 2014-08-31 19:50 - 00000000 ____D () C:\ProgramData\CLSK 2015-01-17 19:19 - 2014-08-31 19:34 - 00000000 ____D () C:\Program Files\Realtek 2015-01-17 19:19 - 2014-08-31 19:24 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-17 19:19 - 2014-08-31 19:21 - 00000000 ____D () C:\ProgramData\Intel 2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki 2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki 2015-01-17 19:19 - 2014-07-25 22:23 - 00000000 ____D () C:\ProgramData\WildTangent 2015-01-17 19:19 - 2014-07-25 22:22 - 00000000 ____D () C:\ProgramData\CyberLink 2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Package Cache 2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\OEM 2015-01-17 19:19 - 2014-07-25 22:20 - 00000000 ____D () C:\ProgramData\acer 2015-01-17 19:19 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\Reference Assemblies 2015-01-17 19:19 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-01-17 19:19 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default 2015-01-17 19:18 - 2014-11-29 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-01-17 19:18 - 2014-11-27 19:36 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-17 19:18 - 2014-11-27 18:50 - 00000000 ____D () C:\Program Files (x86)\OEM 2015-01-17 19:18 - 2014-08-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-01-17 19:18 - 2014-08-31 19:46 - 00000000 ____D () C:\Program Files (x86)\Spotify 2015-01-17 19:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros 2015-01-17 19:18 - 2014-08-31 19:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-01-17 19:18 - 2014-08-31 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek 2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files\Intel 2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-01-17 19:18 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\Foxit PhantomPDF 2015-01-17 19:18 - 2014-07-25 22:26 - 00000000 ____D () C:\Program Files\Acer 2015-01-17 19:18 - 2014-07-25 22:24 - 00000000 ____D () C:\Program Files (x86)\WildGames 2015-01-17 19:18 - 2014-07-25 22:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games 2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2015-01-17 19:18 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\MSBuild 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-01-17 19:17 - 2014-11-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Brick-Force 2015-01-17 19:17 - 2014-07-25 22:57 - 00000000 ___HD () C:\OEM 2015-01-16 05:19 - 2014-07-25 22:58 - 00000000 ____D () C:\Windows\Panther 2015-01-15 17:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2015-01-15 14:13 - 2014-11-27 19:10 - 00000000 ____D () C:\Users\Public\OEM 2015-01-15 13:59 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator 2015-01-13 16:42 - 2014-11-28 17:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\.minecraft 2015-01-06 01:08 - 2014-12-05 08:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-06 01:08 - 2014-12-05 08:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-03 17:10 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\VirtualStore ==================== Files in the root of some directories ======= 2014-12-15 14:08 - 2014-12-15 14:08 - 1545696 _____ () C:\Users\Nick\AppData\Roaming\EJSP.exe 2014-12-15 14:07 - 2014-12-15 14:07 - 2031584 _____ () C:\Users\Nick\AppData\Roaming\FYIKETTA.exe 2014-11-27 20:08 - 2015-01-20 15:08 - 0000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG 2014-11-29 10:08 - 2014-12-17 10:08 - 0000001 _____ () C:\Users\Nick\AppData\Local\DSI.DAT 2014-11-29 10:08 - 2014-11-29 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup1444812342.exe 2014-12-02 14:08 - 2014-12-02 14:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4180595462.exe 2014-12-17 10:08 - 2014-12-17 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4535986252.exe 2014-08-31 19:34 - 2014-08-31 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-12-06 09:34 - 2014-12-06 09:34 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-21 11:40 ==================== End Of Log ============================  |
|
22.01.2015, 13:07
| #25 |
| /// the machine /// TB-Ausbilder | Sicherheitswarnung zu meinem Internetzugang durch die Telekom Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM-x32\...\Run: [mbot_de_349] => [X]
HKLM-x32\...\Run: [rec_de_2] => [X]
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52754;https=127.0.0.1:52754
ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:58526;https=127.0.0.1:58526
S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X]
S2 FCUUjqwoLq; "C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe" [X]
S2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [X]
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\shopndorop
2015-01-20 19:09 - 2015-01-20 19:09 - 00000000 ____D () C:\Program Files (x86)\leisss2pay
2015-01-20 19:05 - 2015-01-20 19:05 - 00000000 ____D () C:\Program Files (x86)\FineDealSSoft
2015-01-20 19:04 - 2015-01-20 19:04 - 00000000 ____D () C:\Program Files (x86)\DissccountLocator
2015-01-20 19:02 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files (x86)\DeallsFiNdeRRPro
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Nochmal ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.01.2015, 06:03
| #26 |
| | Sicherheitswarnung zu meinem Internetzugang durch die Telekom Moin schrauber, Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Nick at 2015-01-23 05:55:37 Run:3
Running from C:\Users\Nick\Downloads
Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM-x32\...\Run: [mbot_de_349] => [X]
HKLM-x32\...\Run: [rec_de_2] => [X]
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52754;https=127.0.0.1:52754
ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:58526;https=127.0.0.1:58526
S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X]
S2 FCUUjqwoLq; "C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe" [X]
S2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [X]
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\shopndorop
2015-01-20 19:09 - 2015-01-20 19:09 - 00000000 ____D () C:\Program Files (x86)\leisss2pay
2015-01-20 19:05 - 2015-01-20 19:05 - 00000000 ____D () C:\Program Files (x86)\FineDealSSoft
2015-01-20 19:04 - 2015-01-20 19:04 - 00000000 ____D () C:\Program Files (x86)\DissccountLocator
2015-01-20 19:02 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files (x86)\DeallsFiNdeRRPro
Emptytemp:
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_de_349 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\rec_de_2 => value deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ContentExplorer.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\internetenhancer.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\internetenhancerservice.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wajaminternetenhancer.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WajamInternetEnhancerApp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WajamInternetEnhancerAppservice.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wajaminternetenhancerservice.exe" => Key deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk => Moved successfully.
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File) not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
0001121418376984mcinstcleanup => Service deleted successfully.
FCUUjqwoLq => Service deleted successfully.
InfigoOperator => Service deleted successfully.
C:\Program Files (x86)\shopndorop => Moved successfully.
C:\Program Files (x86)\leisss2pay => Moved successfully.
C:\Program Files (x86)\FineDealSSoft => Moved successfully.
C:\Program Files (x86)\DissccountLocator => Moved successfully.
C:\Program Files (x86)\DeallsFiNdeRRPro => Moved successfully.
EmptyTemp: => Removed 157.6 MB temporary data.
The system needed a reboot.
==== End of Fixlog 05:55:44 ====
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015 Ran by Nick (administrator) on NICK on 23-01-2015 05:58:04 Running from C:\Users\Nick\Downloads Loaded Profiles: Nick (Available profiles: UpdatusUser & Nick) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea\sysad.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor) HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] () HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications)) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Infigo] => C:\Program Files (x86)\Infigo\Infigo.exe onrun ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = BHO: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default FF NewTab: FF SelectedSearchEngine: FF Keyword.URL: FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Extension: 9b9d2aaaae264447a7a1633a32b19ddd - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd} [2014-12-22] FF Extension: Locale Switcher - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2014-11-27] FF Extension: BrowseStudio 1.0.1 - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}.xpi [2014-11-27] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated) S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-23] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation) R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X] S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-23 05:58 - 2015-01-23 05:58 - 00014339 _____ () C:\Users\Nick\Downloads\FRST.txt 2015-01-21 20:37 - 2015-01-21 20:37 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-01-21 20:37 - 2015-01-21 20:37 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-01-21 20:37 - 2015-01-21 20:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-21 20:37 - 2015-01-21 20:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-21 15:27 - 2015-01-21 15:28 - 00033155 _____ () C:\Users\Nick\Downloads\Addition.txt 2015-01-21 15:25 - 2015-01-21 15:25 - 00852504 _____ () C:\Users\Nick\Downloads\SecurityCheck.exe 2015-01-21 13:22 - 2015-01-21 13:22 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_deu(1).exe 2015-01-21 11:57 - 2015-01-21 11:57 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-01-21 11:55 - 2015-01-21 11:56 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_deu.exe 2015-01-21 11:42 - 2015-01-21 20:45 - 00000000 ____D () C:\Users\Nick\Desktop\Neuer Ordner 2015-01-20 20:46 - 2015-01-20 20:46 - 00000000 ____D () C:\Windows\ERUNT 2015-01-20 20:34 - 2015-01-20 20:42 - 00000000 ____D () C:\AdwCleaner 2015-01-20 20:16 - 2015-01-20 20:16 - 00003112 _____ () C:\Windows\System32\Tasks\{5EE2478D-F235-4D61-88B7-D5096E360D17} 2015-01-20 19:57 - 2015-01-23 05:57 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-20 19:57 - 2015-01-20 19:57 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-01-20 19:57 - 2015-01-20 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-01-20 19:56 - 2015-01-20 19:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-01-20 19:56 - 2015-01-20 19:56 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-20 19:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-20 19:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-20 19:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-01-20 19:54 - 2015-01-20 19:55 - 01707939 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe 2015-01-20 19:53 - 2015-01-20 19:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-2.0.4.1028.exe 2015-01-20 19:53 - 2015-01-20 19:54 - 02186752 _____ () C:\Users\Nick\Downloads\AdwCleaner_4.108.exe 2015-01-20 18:56 - 2015-01-20 18:56 - 00001284 _____ () C:\Users\Nick\Desktop\Revo Uninstaller.lnk 2015-01-20 18:56 - 2015-01-20 18:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2015-01-20 18:55 - 2015-01-20 18:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nick\Downloads\revosetup95.exe 2015-01-19 22:20 - 2015-01-19 22:20 - 00000865 _____ () C:\Users\Nick\Desktop\Downloads - Verknüpfung.lnk 2015-01-19 21:47 - 2015-01-19 21:52 - 00862496 _____ (CoinisRevShare) C:\Users\Nick\Downloads\adobe_flash_setup.exe 2015-01-19 21:46 - 2015-01-19 21:47 - 02126848 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe 2015-01-19 21:44 - 2015-01-19 21:44 - 00050477 _____ () C:\Users\Nick\Downloads\Defogger.exe 2015-01-19 21:35 - 2015-01-19 21:35 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk 2015-01-19 09:25 - 2015-01-19 09:25 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud 2015-01-19 09:25 - 2015-01-19 09:25 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk 2015-01-19 09:17 - 2015-01-19 09:17 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk 2015-01-18 06:54 - 2014-12-31 12:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-01-18 06:49 - 2015-01-18 06:49 - 00003754 _____ () C:\Windows\System32\Tasks\RunTool 2015-01-18 06:49 - 2015-01-18 06:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea 2015-01-18 06:48 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-01-18 06:48 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2015-01-18 06:48 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2015-01-18 06:48 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-01-18 06:48 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2015-01-18 06:48 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2015-01-18 06:48 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-01-18 06:48 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-01-18 06:48 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-01-18 06:48 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-01-18 06:48 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2015-01-18 06:48 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2015-01-18 06:48 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-01-18 06:48 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-01-18 06:48 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-01-18 06:48 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-01-18 06:48 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2015-01-18 06:48 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-01-18 06:45 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-18 06:45 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-18 06:45 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys 2015-01-18 06:45 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-18 06:44 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-01-18 06:44 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-18 06:44 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-01-18 06:44 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-01-16 21:01 - 2015-01-23 05:58 - 00000000 ____D () C:\FRST 2015-01-16 21:00 - 2015-01-16 21:00 - 00000000 _____ () C:\Users\Nick\defogger_reenable 2015-01-16 14:36 - 2015-01-16 14:36 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-15 22:24 - 2015-01-15 22:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG 2015-01-15 22:23 - 2015-01-15 22:23 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg 2015-01-15 22:22 - 2015-01-15 22:24 - 00000000 ____D () C:\ProgramData\AVG 2015-01-15 15:03 - 2015-01-15 15:03 - 00000000 _____ () C:\autoexec.bat 2015-01-15 15:00 - 2015-01-15 15:01 - 00000000 ____D () C:\sh4ldr 2015-01-15 14:39 - 2015-01-15 14:39 - 00000000 ____D () C:\Program Files\Enigma Software Group 2015-01-15 14:06 - 2015-01-15 14:06 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG2015 2015-01-15 14:05 - 2015-01-15 14:05 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\TuneUp Software 2015-01-15 14:04 - 2015-01-17 15:22 - 00000000 ____D () C:\ProgramData\AVG2015 2015-01-15 14:04 - 2015-01-15 14:04 - 00000000 ___HD () C:\$AVG 2015-01-15 14:03 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-01-15 14:02 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\MFAData 2015-01-15 14:02 - 2015-01-15 14:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg2015 2015-01-15 14:02 - 2015-01-15 14:02 - 00000000 ____D () C:\Users\Nick\AppData\Local\MFAData 2015-01-03 17:58 - 2015-01-03 17:58 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WB Games 2015-01-03 17:38 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WB Games 2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Rovio 2015-01-03 17:10 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio 2015-01-03 17:10 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\Rovio 2015-01-03 17:10 - 2015-01-03 17:10 - 00001094 _____ () C:\Users\Public\Desktop\Bad Piggies.lnk 2014-12-24 20:24 - 2014-12-24 20:24 - 00001270 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk 2014-12-24 20:24 - 2014-12-24 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2014-12-24 19:42 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft 2014-12-24 18:25 - 2014-12-24 18:25 - 00000000 ____D () C:\Users\Nick\AppData\Local\Blizzard Entertainment 2014-12-24 18:24 - 2015-01-21 19:29 - 00000000 ____D () C:\Users\Nick\AppData\Local\Battle.net 2014-12-24 18:24 - 2015-01-17 19:44 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Battle.net 2014-12-24 18:24 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-23 05:57 - 2014-11-27 18:57 - 00000000 ____D () C:\Users\Nick\OneDrive 2015-01-23 05:56 - 2014-12-05 08:31 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-01-23 05:56 - 2014-08-31 20:16 - 01519090 _____ () C:\Windows\WindowsUpdate.log 2015-01-23 05:56 - 2014-03-18 10:54 - 00041654 _____ () C:\Windows\PFRO.log 2015-01-23 05:56 - 2013-08-22 15:46 - 00023391 _____ () C:\Windows\setupact.log 2015-01-23 05:56 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-23 05:56 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-01-23 05:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy 2015-01-23 05:51 - 2014-11-27 18:59 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{21898380-5491-4791-BB9B-793C6C26EEF0} 2015-01-23 05:49 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp 2015-01-23 05:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru 2015-01-22 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-01-21 20:49 - 2014-11-27 18:55 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4218249386-1005423115-940720447-1002 2015-01-21 19:34 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla 2015-01-20 20:39 - 2014-11-27 19:09 - 00000000 ____D () C:\Users\Nick\AppData\Local\CrashDumps 2015-01-20 19:52 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pokki 2015-01-20 19:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF 2015-01-20 15:08 - 2014-11-27 20:08 - 00000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG 2015-01-20 14:53 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Skype 2015-01-19 21:36 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer 2015-01-19 21:35 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2015-01-19 21:34 - 2014-11-27 18:52 - 00002293 _____ () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2015-01-19 21:33 - 2014-11-27 18:50 - 00000000 ____D () C:\Users\Nick\AppData\Local\clear.fi 2015-01-19 08:55 - 2014-11-30 15:18 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-18 16:13 - 2014-11-30 15:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-17 20:02 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini 2015-01-17 19:54 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick 2015-01-17 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices 2015-01-17 19:47 - 2014-08-31 19:30 - 00000000 ____D () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701} 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager 2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera 2015-01-17 19:44 - 2014-12-05 08:24 - 00000000 ___RD () C:\Windows\BrowserChoice 2015-01-17 19:44 - 2014-08-31 19:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee 2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee 2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Temp 2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\install_clap 2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Macromed 2015-01-17 19:44 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep 2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee.com 2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee 2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee 2015-01-17 19:43 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP 2015-01-17 19:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration 2015-01-17 19:24 - 2014-09-01 04:36 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\winrm 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\slmgr 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts 2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\winrm 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Vss 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\vpnplugins 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\th-TH 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-RS 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\spp 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Speech 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\networklist 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MsDtc 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Licenses 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\IME 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\he-IL 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\et-EE 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SystemResources 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\zh-HK 2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System 2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\slmgr 2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Media.Shared 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\uk-UA 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\tr-TR 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\th-TH 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spp 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spool 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Speech 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sl-SI 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sk-SK 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ro-RO 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\networklist 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MsDtc 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lv-LV 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lt-LT 2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Licenses 2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\SMI 2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe 2015-01-17 19:22 - 2014-12-05 08:24 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-01-17 19:22 - 2014-11-27 18:50 - 00000000 ____D () C:\Windows\oem 2015-01-17 19:22 - 2014-09-01 04:29 - 00000000 ____D () C:\Windows\NAPP_Dism_Log 2015-01-17 19:22 - 2014-03-18 10:45 - 00000000 ____D () C:\Windows\SKB 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\Configuration 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\InputMethod 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\IME 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\hr-HR 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\he-IL 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\et-EE 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\bg-BG 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ar-SA 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Speech 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Resources 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PLA 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Performance 2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\InputMethod 2015-01-17 19:22 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup 2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism 2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing 2015-01-17 19:21 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla 2015-01-17 19:21 - 2014-08-31 19:50 - 00000000 ____D () C:\Users\Public\CyberLink 2015-01-17 19:21 - 2014-07-25 22:28 - 00000000 ____D () C:\Users\Public\Foxit Software 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Globalization 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Branding 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat 2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ADFS 2015-01-17 19:20 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Local\Skype 2015-01-17 19:20 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages 2015-01-17 19:19 - 2014-12-14 11:12 - 00000000 ____D () C:\ProgramData\Battle.net 2015-01-17 19:19 - 2014-11-30 18:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\CyberLink 2015-01-17 19:19 - 2014-11-29 15:04 - 00000000 ____D () C:\ProgramData\Skype 2015-01-17 19:19 - 2014-11-27 19:36 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-17 19:19 - 2014-08-31 19:50 - 00000000 ____D () C:\ProgramData\CLSK 2015-01-17 19:19 - 2014-08-31 19:34 - 00000000 ____D () C:\Program Files\Realtek 2015-01-17 19:19 - 2014-08-31 19:24 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-17 19:19 - 2014-08-31 19:21 - 00000000 ____D () C:\ProgramData\Intel 2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki 2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki 2015-01-17 19:19 - 2014-07-25 22:23 - 00000000 ____D () C:\ProgramData\WildTangent 2015-01-17 19:19 - 2014-07-25 22:22 - 00000000 ____D () C:\ProgramData\CyberLink 2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Package Cache 2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\OEM 2015-01-17 19:19 - 2014-07-25 22:20 - 00000000 ____D () C:\ProgramData\acer 2015-01-17 19:19 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\Reference Assemblies 2015-01-17 19:19 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT 2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-01-17 19:19 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default 2015-01-17 19:18 - 2014-11-29 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-01-17 19:18 - 2014-11-27 19:36 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-17 19:18 - 2014-11-27 18:50 - 00000000 ____D () C:\Program Files (x86)\OEM 2015-01-17 19:18 - 2014-08-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-01-17 19:18 - 2014-08-31 19:46 - 00000000 ____D () C:\Program Files (x86)\Spotify 2015-01-17 19:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros 2015-01-17 19:18 - 2014-08-31 19:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-01-17 19:18 - 2014-08-31 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek 2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files\Intel 2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-01-17 19:18 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\Foxit PhantomPDF 2015-01-17 19:18 - 2014-07-25 22:26 - 00000000 ____D () C:\Program Files\Acer 2015-01-17 19:18 - 2014-07-25 22:24 - 00000000 ____D () C:\Program Files (x86)\WildGames 2015-01-17 19:18 - 2014-07-25 22:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games 2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2015-01-17 19:18 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\MSBuild 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT 2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-01-17 19:17 - 2014-11-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Brick-Force 2015-01-17 19:17 - 2014-07-25 22:57 - 00000000 ___HD () C:\OEM 2015-01-16 05:19 - 2014-07-25 22:58 - 00000000 ____D () C:\Windows\Panther 2015-01-15 17:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2015-01-15 14:13 - 2014-11-27 19:10 - 00000000 ____D () C:\Users\Public\OEM 2015-01-15 13:59 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator 2015-01-13 16:42 - 2014-11-28 17:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\.minecraft 2015-01-06 01:08 - 2014-12-05 08:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-06 01:08 - 2014-12-05 08:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-03 17:10 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\VirtualStore ==================== Files in the root of some directories ======= 2014-12-15 14:08 - 2014-12-15 14:08 - 1545696 _____ () C:\Users\Nick\AppData\Roaming\EJSP.exe 2014-12-15 14:07 - 2014-12-15 14:07 - 2031584 _____ () C:\Users\Nick\AppData\Roaming\FYIKETTA.exe 2014-11-27 20:08 - 2015-01-20 15:08 - 0000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG 2014-11-29 10:08 - 2014-12-17 10:08 - 0000001 _____ () C:\Users\Nick\AppData\Local\DSI.DAT 2014-11-29 10:08 - 2014-11-29 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup1444812342.exe 2014-12-02 14:08 - 2014-12-02 14:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4180595462.exe 2014-12-17 10:08 - 2014-12-17 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4535986252.exe 2014-08-31 19:34 - 2014-08-31 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-12-06 09:34 - 2014-12-06 09:34 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-21 11:40 ==================== End Of Log ============================ Gruß Anja |
|
23.01.2015, 12:39
| #27 |
| /// the machine /// TB-Ausbilder | Sicherheitswarnung zu meinem Internetzugang durch die Telekom noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.01.2015, 14:14
| #28 |
| | Sicherheitswarnung zu meinem Internetzugang durch die Telekom Hi Schrauber , nö sieht gut aus. DANKE Gruß Anja hi schrauber, das ist der nächste und letzte laptop Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:35 on 23/01/2015 (Luka)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Luka at 2015-01-23 13:40:25
Running from C:\Users\Luka\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3009 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.01.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.19.331.104.16 - Infernum Productions AG)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4314.05 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Pokki) (Version: 0.269.5.367 - Pokki)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Java 8 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.156 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA Grafiktreiber 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\...\Pokki) (Version: 0.269.2.471 - Pokki)
Pokki Start Menu (HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1669156641-2173626445-1155326038-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
26-12-2014 19:49:12 McAfee Vulnerability Scanner
06-01-2015 16:44:59 McAfee Vulnerability Scanner
15-01-2015 14:47:44 Windows Update
18-01-2015 05:26:55 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2923779E-6EEB-48BE-A74D-8C074541E151} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {3DFAB490-BC03-418E-83E7-D34FE4FBB36F} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {3E10CE56-382E-4FE2-8A3A-C5D2988810CB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-18] (AVAST Software)
Task: {42FAA83D-53B4-43E3-8AFC-4F0C594F53A0} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {4621F24C-2B09-4415-A9B5-59E80B23B1ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {60B276EE-56C8-4E97-9FAB-7836E1483F8E} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {64827652-CE1B-49AA-A10E-52FCF87AF4A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-22] (Adobe Systems Incorporated)
Task: {7CC3A020-2B4B-420B-B12D-B45BF4A1101B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {8DC83882-3BE7-46FC-AE3C-D1CDB2DB0DCB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1669156641-2173626445-1155326038-1002
Task: {994731F7-8E67-42AC-BE91-720B10E07F82} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-01-15] (Enigma Software Group USA, LLC.)
Task: {AA9F1F0F-147D-4013-A93A-B1C5D81C0680} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {B2CE8F20-0599-41C0-BEA3-9A89E6256B24} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {E8DF4AF4-EF16-4598-B5BD-1E5B87068BBA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-19] (Microsoft Corporation)
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {F755230F-C227-4F17-8539-8168B8570140} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-07-01] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-07-25 22:23 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-01-18 05:28 - 2015-01-18 05:28 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-18 05:28 - 2015-01-18 05:28 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-03-13 00:00 - 2014-03-13 00:00 - 00055528 _____ () C:\Program Files\Acer\User Experience Improvement Program\Framework\AcrHttp.dll
2014-08-31 19:33 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-25 21:14 - 2014-02-25 21:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 21:11 - 2014-02-25 21:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 21:17 - 2014-02-25 21:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-03-19 02:35 - 2014-03-07 17:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-12-19 21:59 - 2014-12-19 21:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-01-18 15:08 - 2015-01-18 15:08 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011800\algo.dll
2015-01-18 05:28 - 2015-01-18 05:28 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-01-19 08:28 - 2015-01-19 08:28 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011801\algo.dll
2015-01-22 19:35 - 2015-01-22 19:35 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012201\algo.dll
2014-08-31 19:30 - 2013-12-10 00:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-09 16:05 - 2015-01-09 16:05 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-12-19 21:16 - 2014-12-19 21:16 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-12-29 13:25 - 2014-12-29 13:25 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2014-12-19 21:10 - 2014-12-19 21:10 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-12-19 22:00 - 2014-12-19 22:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2015-01-18 05:28 - 2015-01-18 05:28 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-17 05:35 - 2015-01-17 05:35 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Luka\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1669156641-2173626445-1155326038-500 - Administrator - Disabled)
Gast (S-1-5-21-1669156641-2173626445-1155326038-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1669156641-2173626445-1155326038-1004 - Limited - Enabled)
Luka (S-1-5-21-1669156641-2173626445-1155326038-1002 - Administrator - Enabled) => C:\Users\Luka
UpdatusUser (S-1-5-21-1669156641-2173626445-1155326038-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/23/2015 01:37:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.6, Zeitstempel: 0x5494253a
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0xcd0
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5
Error: (01/22/2015 06:48:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/21/2015 04:47:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.11.12 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1130
Startzeit: 01d035752cf28f94
Endzeit: 171
Anwendungspfad: C:\Program Files (x86)\Java\jre8\bin\javaw.exe
Berichts-ID: da5b9a82-a184-11e4-8268-f8a963e5e1d3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/21/2015 02:06:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/20/2015 09:12:00 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.
Error: (01/20/2015 01:58:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/19/2015 08:14:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUKA)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/19/2015 10:05:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.6, Zeitstempel: 0x5494253a
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0xd78
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5
Error: (01/19/2015 09:28:50 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/19/2015 08:31:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUKA)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
System errors:
=============
Error: (01/22/2015 08:25:37 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
Error: (01/22/2015 08:25:36 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
Error: (01/22/2015 08:25:36 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
Error: (01/22/2015 08:25:36 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
Error: (01/22/2015 08:25:36 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
Error: (01/22/2015 08:25:35 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
Error: (01/19/2015 08:14:15 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa
Error: (01/19/2015 05:15:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (01/19/2015 08:32:31 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (01/19/2015 08:28:35 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053AvastVBoxSvcNicht verfügbar{F319F1B8-7587-4146-AF9C-0D6D77819BF1}
Microsoft Office Sessions:
=========================
Error: (01/23/2015 01:37:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.65494253aMSVCR90.dll9.0.30729.838751ea24a5c000000500056b1dcd001d0370836bb21d8C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll93a9ebee-a2fc-11e4-8268-f8a963e5e1d3
Error: (01/22/2015 06:48:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/21/2015 04:47:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.11.12113001d035752cf28f94171C:\Program Files (x86)\Java\jre8\bin\javaw.exeda5b9a82-a184-11e4-8268-f8a963e5e1d3
Error: (01/21/2015 02:06:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/20/2015 09:12:00 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description:
Error: (01/20/2015 01:58:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/19/2015 08:14:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUKA)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141
Error: (01/19/2015 10:05:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.65494253aMSVCR90.dll9.0.30729.838751ea24a5c000000500056b1dd7801d033b9c98212a9C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll4db23f15-9fba-11e4-8268-f8a963e5e1d3
Error: (01/19/2015 09:28:50 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/19/2015 08:31:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUKA)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927142
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 31%
Total physical RAM: 8115.27 MB
Available physical RAM: 5548.19 MB
Total Pagefile: 9395.27 MB
Available Pagefile: 6803.14 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:914.95 GB) (Free:829.45 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2403E243)
Partition: GPT Partition Type.
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Luka (administrator) on LUKA on 23-01-2015 13:38:09
Running from C:\Users\Luka\Downloads
Loaded Profiles: UpdatusUser & Luka (Available profiles: UpdatusUser & Luka)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\Luka\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2015-01-18] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\...\RunOnce: [RegDXVA1] => C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\abPhoto\SwitchUserVideoKey.reg"
HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\...\RunOnce: [SetAsDefault] => C:\Program Files (x86)\Acer\Acer Video Player\SwitchUserVideoKey.bat
HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-08-31] (Spotify Ltd)
HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1669156641-2173626445-1155326038-1002 -> DefaultScope {F753A533-7534-4F65-AB02-3473A90F9370} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20141119&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1669156641-2173626445-1155326038-1002 -> {45788ED6-5B7C-4024-BC69-85ED07F5FC1E} URL =
SearchScopes: HKU\S-1-5-21-1669156641-2173626445-1155326038-1002 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1669156641-2173626445-1155326038-1002 -> {F753A533-7534-4F65-AB02-3473A90F9370} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20141119&p={SearchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Luka\AppData\Roaming\Mozilla\Firefox\Profiles\44l7zhyq.default
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=B111DE662D20141119&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-07-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-18]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-07-25]
FF HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-18] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-18] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-11-26] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154320 2014-12-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2015-01-15] (Enigma Software Group USA, LLC.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-18] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-01-15] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-01-15] ()
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-09] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2015-01-18] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 13:38 - 2015-01-23 13:38 - 00022867 _____ () C:\Users\Luka\Downloads\FRST.txt
2015-01-23 13:38 - 2015-01-23 13:38 - 00000000 ____D () C:\FRST
2015-01-23 13:36 - 2015-01-23 13:36 - 02126848 _____ (Farbar) C:\Users\Luka\Downloads\FRST64.exe
2015-01-23 13:35 - 2015-01-23 13:35 - 00000470 _____ () C:\Users\Luka\Desktop\defogger_disable.log
2015-01-23 13:35 - 2015-01-23 13:35 - 00000000 _____ () C:\Users\Luka\defogger_reenable
2015-01-23 13:34 - 2015-01-23 13:34 - 00050477 _____ () C:\Users\Luka\Downloads\Defogger.exe
2015-01-23 13:31 - 2015-01-23 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-19 08:29 - 2015-01-19 08:33 - 00000197 _____ () C:\Windows\system32\2015-01-19-07-29-56.001-AvastVBoxSVC.exe-4876.log
2015-01-18 05:53 - 2015-01-18 05:53 - 00000247 _____ () C:\Windows\system32\2015-01-18-04-53-10.003-aswFe.exe-3084.log
2015-01-18 05:47 - 2015-01-18 05:52 - 00000247 _____ () C:\Windows\system32\2015-01-18-04-47-12.001-aswFe.exe-8104.log
2015-01-18 05:47 - 2015-01-18 05:47 - 00000197 _____ () C:\Windows\system32\2015-01-18-04-47-09.035-AvastVBoxSVC.exe-7888.log
2015-01-18 05:40 - 2015-01-18 05:40 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-18 05:40 - 2015-01-18 05:40 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-18 05:32 - 2015-01-18 05:32 - 00000000 ____D () C:\Users\Luka\AppData\Roaming\AVAST Software
2015-01-18 05:30 - 2015-01-18 05:30 - 00001984 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-18 05:30 - 2015-01-18 05:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-18 05:29 - 2015-01-18 05:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-18 05:29 - 2015-01-18 05:29 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-18 05:29 - 2015-01-18 05:29 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-18 05:29 - 2015-01-18 05:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-18 05:27 - 2015-01-18 05:27 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-18 05:26 - 2015-01-18 05:27 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-17 05:35 - 2015-01-17 05:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-15 14:56 - 2015-01-15 14:56 - 00003314 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-01-15 14:56 - 2015-01-15 14:56 - 00001107 _____ () C:\Users\Luka\Desktop\SpyHunter.lnk
2015-01-15 14:56 - 2015-01-15 14:56 - 00000000 ____D () C:\Users\Luka\AppData\Roaming\Enigma Software Group
2015-01-15 14:56 - 2015-01-15 14:56 - 00000000 _____ () C:\autoexec.bat
2015-01-15 14:52 - 2015-01-15 14:55 - 00000000 ____D () C:\sh4ldr
2015-01-15 14:32 - 2015-01-15 14:32 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-01-15 14:31 - 2015-01-15 14:31 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-15 14:29 - 2015-01-15 14:30 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Luka\Downloads\SpyHunter-Installer.exe
2015-01-14 16:25 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:25 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:25 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 16:25 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 16:25 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 16:25 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 16:25 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 16:25 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 16:25 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 16:25 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-14 16:25 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 16:25 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-14 16:25 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-14 16:25 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 16:25 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-14 16:25 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-14 16:25 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-14 16:25 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-14 16:25 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-14 16:25 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-14 16:25 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-14 16:25 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 16:25 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-14 16:25 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-01 10:29 - 2015-01-07 12:30 - 00000000 ____D () C:\Users\Luka\Documents\StarCraft II
2015-01-01 10:29 - 2015-01-01 10:29 - 00001117 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2015-01-01 10:29 - 2015-01-01 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-01-01 10:25 - 2015-01-01 12:37 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-12-24 18:02 - 2014-12-24 21:35 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-12-24 17:33 - 2015-01-22 20:24 - 00000000 ____D () C:\Users\Luka\AppData\Local\Battle.net
2014-12-24 17:33 - 2015-01-01 10:29 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-12-24 17:33 - 2014-12-24 17:59 - 00000000 ____D () C:\Users\Luka\AppData\Roaming\Battle.net
2014-12-24 17:33 - 2014-12-24 17:33 - 00001138 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-12-24 17:33 - 2014-12-24 17:33 - 00000000 ____D () C:\Users\Luka\AppData\Local\Blizzard Entertainment
2014-12-24 17:33 - 2014-12-24 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-24 17:33 - 2014-12-24 17:33 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-24 17:29 - 2014-12-24 17:29 - 00000000 ____D () C:\ProgramData\Battle.net
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 13:37 - 2014-11-20 08:37 - 00000000 ____D () C:\Users\Luka\AppData\Local\CrashDumps
2015-01-23 13:37 - 2014-08-31 20:26 - 01048961 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 13:35 - 2014-11-19 10:23 - 00000000 ____D () C:\Users\Luka
2015-01-23 13:33 - 2014-11-19 10:30 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1669156641-2173626445-1155326038-1002
2015-01-23 13:31 - 2014-11-28 13:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 13:30 - 2014-11-19 10:41 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{64C2BB8E-102C-4690-BC30-1086C50F546B}
2015-01-23 13:30 - 2014-11-19 10:23 - 00000000 ____D () C:\Users\Luka\AppData\Local\Pokki
2015-01-23 13:29 - 2014-12-21 09:18 - 00000000 ____D () C:\Users\Luka\AppData\Roaming\Skype
2015-01-23 13:29 - 2014-11-19 10:31 - 00000000 ____D () C:\Users\Luka\OneDrive
2015-01-23 13:28 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-22 19:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-22 19:31 - 2014-11-28 13:07 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-21 15:03 - 2014-11-23 23:21 - 00000000 ____D () C:\Users\Luka\AppData\Roaming\.minecraft
2015-01-19 08:27 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-19 08:27 - 2014-03-18 10:54 - 00018342 _____ () C:\Windows\PFRO.log
2015-01-19 08:27 - 2013-08-22 15:46 - 00022662 _____ () C:\Windows\setupact.log
2015-01-19 08:27 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-17 15:11 - 2014-11-20 10:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-16 13:19 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-16 13:17 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-15 14:51 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-14 16:22 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-14 16:21 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-14 16:20 - 2014-11-19 10:26 - 00000000 ____D () C:\Users\Luka\AppData\Local\clear.fi
2015-01-06 16:56 - 2014-09-01 04:47 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-01-06 16:56 - 2014-09-01 04:47 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-01-06 16:56 - 2014-03-18 11:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-06 12:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-06 01:08 - 2014-11-20 10:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-11-20 10:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-02 15:23 - 2014-11-19 10:27 - 00002331 _____ () C:\Users\Luka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-12-26 20:13 - 2014-11-23 18:55 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-26 20:07 - 2014-12-20 15:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-26 20:07 - 2014-12-20 15:15 - 00000000 ____D () C:\ProgramData\Skype
2014-12-24 22:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-12-24 09:06 - 2014-11-20 10:54 - 00000000 ____D () C:\Users\Luka\AppData\Local\Adobe
==================== Files in the root of some directories =======
2014-08-31 19:44 - 2014-08-31 19:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Luka\AppData\Local\Temp\COMAP.EXE
C:\Users\Luka\AppData\Local\Temp\ICReinstall_Free_Download_Setup.exe
C:\Users\Luka\AppData\Local\Temp\oct367.tmp.exe
C:\Users\Luka\AppData\Local\Temp\oct3CA3.tmp.exe
C:\Users\Luka\AppData\Local\Temp\oct48F1.tmp.exe
C:\Users\Luka\AppData\Local\Temp\oct9180.tmp.exe
C:\Users\Luka\AppData\Local\Temp\oct91B8.tmp.exe
C:\Users\Luka\AppData\Local\Temp\oct945E.tmp.exe
C:\Users\Luka\AppData\Local\Temp\octEB33.tmp.exe
C:\Users\Luka\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-11 14:58
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-23 14:11:02
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002f WDC_WD10JPVX-22JC3T0 rev.01.01A01 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Luka\AppData\Local\Temp\ugldapow.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\mfevtps.exe[1500] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506 00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text C:\Windows\system32\mfevtps.exe[1500] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514 00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text C:\Windows\system32\mfevtps.exe[1500] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118 00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text C:\Windows\system32\mfevtps.exe[1500] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142 00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[1600] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[1600] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[1600] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[1600] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe[4876] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe[4876] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe[4876] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe[4876] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[5684] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[5684] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[5684] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[5684] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe[3608] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506 00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe[3608] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514 00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe[3608] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118 00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe[3608] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142 00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text C:\Windows\system32\nvvsvc.exe[9152] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text C:\Windows\system32\nvvsvc.exe[9152] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text C:\Windows\system32\nvvsvc.exe[9152] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text C:\Windows\system32\nvvsvc.exe[9152] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[5440] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff9e49a1f6a 4 bytes [9A, E4, F9, 7F]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[5440] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff9e49a1f82 4 bytes [9A, E4, F9, 7F]
.text C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4436] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506 00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4436] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514 00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4436] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118 00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4436] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142 00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5896:3652] 00007ffa017381b0
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5896:6484] 00007ffa01ae99b0
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5896:8488] 00007ffa02250310
Thread C:\Windows\system32\csrss.exe [8008:5936] fffff96000902b90
---- Processes - GMER 2.1 ----
Library C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c\Microsoft.PerfTrack.dll (*** suspicious ***) @ C:\Windows\syswow64\wwahost.exe [4460] (Microsoft.PerfTrack.dll/Microsoft Corporation)(2014-08-31 18:17:16) 000000006edd0000
Library C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c\LibWrap.dll (*** suspicious ***) @ C:\Windows\syswow64\wwahost.exe [4460] (Microsoft Skype/Microsoft Corporation)(2014-12-14 08:49:23) 000000005be30000
Library C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c\MicrosoftAdvertising.dll (*** suspicious ***) @ C:\Windows\syswow64\wwahost.exe [4460] (Microsoft Advertising Native SDK for Windows 8/Microsoft Corporation)(2014-08-31 18:17:16) 0000000057af0000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
gruss Anja |
|
23.01.2015, 17:12
| #29 |
| /// the machine /// TB-Ausbilder | Sicherheitswarnung zu meinem Internetzugang durch die Telekom Probleme mit diesem? Der sieht gut aus
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.01.2015, 18:43
| #30 |
| |  Sicherheitswarnung zu meinem Internetzugang durch die Telekom Hi schrauber , keine Probleme du sagst sieht gut aus freu. Vielen lieben Dank für deine Hilfe.  Gruß Anja |
|
| Themen zu Sicherheitswarnung zu meinem Internetzugang durch die Telekom |
| adware, antivirus, avast, avg, browser, cpu, defender, device driver, entfernen, esgscanner.sys, explorer, flash player, google, home, iexplore.exe, livecomm.exe, monitor, onedrive, programm, scan, security, server, services.exe, software, svchost.exe, tablet, trackid, trojaner, virus, windows, windowsapps, winlogon.exe |
dann auf 
und dann auf 
. 
Linear-Darstellung
