Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Win 7, PopUps und Werbung im Browser (https://www.trojaner-board.de/150885-win-7-popups-werbung-browser.html)

ff32005 10.03.2014 21:10
Win 7, PopUps und Werbung im Browser
 
Hallo,

mein Neffe muss sich einiges eingefangen haben.

Ich habe bereits Malwarebytes Anti-Malware und adwcleaner laufen lassen.
Dabei wurde einiges entfernt.

Die nervige Werbung auf sonst werbefreien Seiten und die vielen PopUps sind geblieben.

Hab schon mal den FRST laufen lassen.

FRST.txt
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-03-2014 01
Ran by xxx (administrator) on xxx-PC on 10-03-2014 21:04:54
Running from C:\Users\xxx\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\WinRST\WinRST.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Facebook) C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avscan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\Run: [Facebook Update] - C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-01] (Facebook Inc.)
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\MountPoints2: {c2906b49-840c-11e1-8f4a-9439e5625c28} - E:\SetupPuma.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\Run: [Facebook Update] - C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-01] (Facebook Inc.)
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {41d487c6-08cd-11e3-9272-dc0ea10e3d8c} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {89bbda3e-0591-11e1-a620-806e6f6e6963} - D:\LGInstaller.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {a1ce44de-019f-11e3-a040-dc0ea10e3d8c} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {c2906b49-840c-11e1-8f4a-9439e5625c28} - E:\SetupPuma.exe
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [226920 2011-03-30] (NVIDIA Corporation)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=hxxp://127.0.0.1:9880
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll No File
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll No File
BHO: TabllEViewier - {3B5B5C8E-91E8-1709-32BC-2E21EB5EC931} - C:\ProgramData\TabllEViewier\jwgk.x64.dll No File
BHO: shopnddrop - {5D882C1A-D065-21E1-0C4A-4954EA1B08C6} - C:\ProgramData\shopnddrop\6uaba.x64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Topdeal - {CEFFC638-F93E-E43D-CE17-E58512A86CBD} - C:\ProgramData\Topdeal\PckfNWc7js.x64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\9rjt5rq1.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Pirrit Suggestor - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-21]
FF HKCU\...\Firefox\Extensions: [{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}] - C:\Program Files (x86)\ViewPassword\134.xpi

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://www.google.com", "hxxp://www.trovigo.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPBB6D2C8F-33C8-4B69-90F3-176DA5026F03&SSPV="
CHR Extension: (TabllEViewier) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\eicllamcbkehkgnmgiogdhnkabjbjghb [2014-03-10]
CHR Extension: (Skype Click to Call) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-10]
CHR Extension: (DVDVideoSoft) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-09-12]
CHR Extension: (Google Wallet) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (FFineoDealaSoift) - C:\ProgramData\idnjbhglpaaodmafenaknmhjabjghidg [2014-01-05]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-06-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [59904 2014-02-26] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-02] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-09-04] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-09-04] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-09-04] (LG Electronics Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-10 21:04 - 2014-03-10 21:06 - 00020226 _____ () C:\Users\xxx\Downloads\FRST.txt
2014-03-10 21:01 - 2014-03-10 21:04 - 00000000 ____D () C:\FRST
2014-03-10 20:53 - 2014-03-10 20:54 - 02157056 _____ (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2014-03-10 20:41 - 2014-03-10 20:41 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-03-10 20:41 - 2014-03-10 20:41 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\LibreOffice
2014-03-10 20:39 - 2014-03-10 20:41 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-03-10 20:14 - 2014-03-10 20:18 - 220545024 _____ () C:\Users\xxx\Downloads\LibreOffice_4.2.1_Win_x86.msi
2014-03-10 19:57 - 2014-03-10 19:57 - 00000000 ____D () C:\Windows\pss
2014-03-10 19:48 - 2014-03-10 19:51 - 00000000 ____D () C:\AdwCleaner
2014-03-10 19:32 - 2014-03-10 19:32 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 21:30 - 2014-03-09 21:33 - 02800104 _____ (AVAST Software) C:\Users\xxx\Downloads\avast-browser-cleanup.exe
2014-03-09 21:30 - 2014-03-09 21:33 - 01244192 _____ () C:\Users\xxx\Downloads\adwcleaner.exe
2014-03-09 21:27 - 2014-03-09 21:27 - 01037734 _____ (Thisisu) C:\Users\xxx\Downloads\JRT.exe
2014-03-09 21:11 - 2014-03-09 21:11 - 00000000 ____D () C:\Users\xxx\AppData\Local\Macromedia
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Mozilla
2014-03-09 20:54 - 2014-03-09 20:54 - 00000000 ____D () C:\Program Files (x86)\FFineoDealaSoift
2014-03-09 20:30 - 2014-03-09 20:30 - 00001268 _____ () C:\Users\xxx\Desktop\Revo Uninstaller.lnk
2014-03-09 20:30 - 2014-03-09 20:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-09 20:24 - 2014-03-09 20:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\xxx\Downloads\revosetup.exe
2014-03-09 20:22 - 2014-03-09 20:22 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\xxx\Downloads\wegdamit.exe
2014-03-09 20:20 - 2014-03-09 20:49 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Users\xxx\AppData\Local\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-23 13:26 - 2014-02-23 13:26 - 00158174 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S2.xps
2014-02-23 13:24 - 2014-02-23 13:24 - 00189335 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S1.xps
2014-02-23 13:23 - 2014-02-23 13:23 - 00237279 _____ () C:\Users\xxx\Documents\LateinÜ1_S2.xps
2014-02-23 13:22 - 2014-02-23 13:22 - 00114082 _____ () C:\Users\xxx\Documents\LateinÜ1_S1.xps
2014-02-22 12:47 - 2014-02-22 12:47 - 00828200 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsx21E6.tmp
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\xxx\AppData\Local\WinRST
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Program Files (x86)\WinRST
2014-02-21 16:31 - 2014-03-09 20:20 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Mozilla
2014-02-20 18:43 - 2014-02-20 18:43 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nso63E5.tmp
2014-02-20 18:22 - 2014-03-09 20:44 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Activeris
2014-02-20 18:17 - 2014-02-21 16:15 - 00000112 _____ () C:\Users\xxx\AppData\Roaming\WB.CFG
2014-02-20 18:15 - 2014-02-20 18:15 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\ASCOMP Software
2014-02-20 18:00 - 2014-02-20 18:00 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsi3E99.tmp
2014-02-20 17:59 - 2014-02-20 17:59 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Optimizer Elite Max
2014-02-20 17:51 - 2014-03-10 18:55 - 00000304 _____ () C:\Windows\Tasks\PCHelpers_period.job
2014-02-20 17:51 - 2014-02-20 18:07 - 00000304 _____ () C:\Windows\Tasks\PCHelpers1st.job
2014-02-20 17:51 - 2014-02-20 17:59 - 00002884 _____ () C:\Windows\System32\Tasks\PCHelpers_period
2014-02-20 17:51 - 2014-02-20 17:54 - 00002694 _____ () C:\Windows\System32\Tasks\PCHelpers1st
2014-02-20 17:49 - 2014-03-08 09:36 - 00001099 _____ () C:\Users\xxx\Desktop\Continue VuuPC Installation.lnk
2014-02-20 17:23 - 2014-03-10 19:23 - 00000000 ____D () C:\ProgramData\Topdeal
2014-02-20 17:23 - 2014-03-10 19:23 - 00000000 ____D () C:\ProgramData\TabllEViewier
2014-02-20 17:23 - 2014-02-20 17:23 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 17:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\eicllamcbkehkgnmgiogdhnkabjbjghb
2014-02-15 07:03 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-15 07:03 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-15 07:02 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-15 07:02 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-15 07:02 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-15 07:02 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-15 07:02 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-15 07:02 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-15 07:02 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-15 07:02 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-15 07:02 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-15 07:02 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-15 07:02 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-15 07:02 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-15 07:02 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-15 07:02 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-15 07:02 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-15 07:02 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-15 07:02 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-15 07:02 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-15 07:02 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-15 07:02 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-15 07:02 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-15 07:02 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 07:02 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-15 07:02 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-15 07:02 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-15 07:02 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-15 07:02 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-15 07:02 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-15 07:02 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-15 07:02 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-15 07:02 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-15 07:02 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-15 07:02 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-15 07:02 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-15 07:02 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-15 07:02 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-15 07:02 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-15 07:02 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-15 07:02 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-14 19:18 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 19:18 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 19:18 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 19:18 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 19:18 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 19:18 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 19:17 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 19:17 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 19:17 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 19:17 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 19:17 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 19:17 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 19:17 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 19:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 19:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 19:17 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 19:17 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 19:17 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 19:17 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 19:17 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 19:16 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 19:16 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 19:16 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 19:16 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-10 21:06 - 2014-03-10 21:04 - 00020226 _____ () C:\Users\xxx\Downloads\FRST.txt
2014-03-10 21:04 - 2014-03-10 21:01 - 00000000 ____D () C:\FRST
2014-03-10 20:57 - 2011-11-02 21:33 - 01635762 _____ () C:\Windows\WindowsUpdate.log
2014-03-10 20:57 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-10 20:57 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-10 20:54 - 2014-03-10 20:53 - 02157056 _____ (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2014-03-10 20:51 - 2012-10-11 17:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-10 20:41 - 2014-03-10 20:41 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-03-10 20:41 - 2014-03-10 20:41 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\LibreOffice
2014-03-10 20:41 - 2014-03-10 20:39 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-03-10 20:27 - 2012-11-12 19:43 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-10 20:18 - 2014-03-10 20:14 - 220545024 _____ () C:\Users\xxx\Downloads\LibreOffice_4.2.1_Win_x86.msi
2014-03-10 20:06 - 2012-01-04 15:42 - 00000000 ____D () C:\ProgramData\clear.fi
2014-03-10 20:05 - 2013-10-09 19:45 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec51fca27628a.job
2014-03-10 20:05 - 2013-01-06 17:52 - 00000000 ____D () C:\Program Files\Google
2014-03-10 20:05 - 2012-11-12 19:43 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-10 20:05 - 2010-11-21 04:47 - 00495214 _____ () C:\Windows\PFRO.log
2014-03-10 20:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-10 20:05 - 2009-07-14 05:51 - 00085356 _____ () C:\Windows\setupact.log
2014-03-10 20:00 - 2012-11-12 19:43 - 00000000 ____D () C:\Users\xxx\AppData\Local\Google
2014-03-10 19:57 - 2014-03-10 19:57 - 00000000 ____D () C:\Windows\pss
2014-03-10 19:57 - 2012-01-04 15:38 - 00000000 ___RD () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-10 19:56 - 2012-06-06 18:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-10 19:52 - 2013-06-18 15:40 - 00000000 ____D () C:\Users\xxx\AppData\Local\Pokki
2014-03-10 19:51 - 2014-03-10 19:48 - 00000000 ____D () C:\AdwCleaner
2014-03-10 19:51 - 2013-01-12 09:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-10 19:32 - 2014-03-10 19:32 - 00000000 ____D () C:\Windows\ERUNT
2014-03-10 19:24 - 2012-06-24 13:23 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\SoftGrid Client
2014-03-10 19:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\Topdeal
2014-03-10 19:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\TabllEViewier
2014-03-10 19:23 - 2014-01-05 20:08 - 00000000 ____D () C:\ProgramData\shopnddrop
2014-03-10 18:58 - 2013-02-03 17:04 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-03-10 18:55 - 2014-02-20 17:51 - 00000304 _____ () C:\Windows\Tasks\PCHelpers_period.job
2014-03-09 21:55 - 2012-05-16 14:06 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001UA.job
2014-03-09 21:33 - 2014-03-09 21:30 - 02800104 _____ (AVAST Software) C:\Users\xxx\Downloads\avast-browser-cleanup.exe
2014-03-09 21:33 - 2014-03-09 21:30 - 01244192 _____ () C:\Users\xxx\Downloads\adwcleaner.exe
2014-03-09 21:27 - 2014-03-09 21:27 - 01037734 _____ (Thisisu) C:\Users\xxx\Downloads\JRT.exe
2014-03-09 21:11 - 2014-03-09 21:11 - 00000000 ____D () C:\Users\xxx\AppData\Local\Macromedia
2014-03-09 21:11 - 2012-10-11 17:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-09 21:10 - 2012-05-19 05:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-09 21:10 - 2011-08-12 08:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-09 21:05 - 2013-04-19 16:43 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Mozilla
2014-03-09 20:54 - 2014-03-09 20:54 - 00000000 ____D () C:\Program Files (x86)\FFineoDealaSoift
2014-03-09 20:54 - 2014-01-05 20:08 - 00000000 ____D () C:\ProgramData\FFineoDealaSoift
2014-03-09 20:54 - 2014-01-05 20:08 - 00000000 ____D () C:\ProgramData\a239326dc72fe3b7
2014-03-09 20:49 - 2014-03-09 20:20 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-09 20:49 - 2012-01-04 15:38 - 00001425 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-09 20:44 - 2014-02-20 18:22 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Activeris
2014-03-09 20:30 - 2014-03-09 20:30 - 00001268 _____ () C:\Users\xxx\Desktop\Revo Uninstaller.lnk
2014-03-09 20:30 - 2014-03-09 20:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-09 20:24 - 2014-03-09 20:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\xxx\Downloads\revosetup.exe
2014-03-09 20:22 - 2014-03-09 20:22 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\xxx\Downloads\wegdamit.exe
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Users\xxx\AppData\Local\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-09 20:20 - 2014-02-21 16:31 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Mozilla
2014-03-09 10:10 - 2012-01-04 15:36 - 00066432 _____ () C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-08 17:48 - 2012-05-16 14:06 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001Core.job
2014-03-08 09:36 - 2014-02-20 17:49 - 00001099 _____ () C:\Users\xxx\Desktop\Continue VuuPC Installation.lnk
2014-03-07 11:53 - 2013-12-27 10:26 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-03-07 09:01 - 2012-07-03 16:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-07 09:01 - 2011-08-12 08:12 - 00000000 ____D () C:\ProgramData\Skype
2014-03-07 08:56 - 2012-06-24 13:22 - 01596580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-07 08:56 - 2011-11-03 06:25 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-03-07 08:56 - 2011-11-03 06:25 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-03-07 08:56 - 2009-07-14 06:13 - 01596580 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-26 14:48 - 2014-02-06 20:27 - 00860772 _____ () C:\Users\xxx\Documents\jdsjd.xlsx
2014-02-23 13:26 - 2014-02-23 13:26 - 00158174 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S2.xps
2014-02-23 13:24 - 2014-02-23 13:24 - 00189335 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S1.xps
2014-02-23 13:23 - 2014-02-23 13:23 - 00237279 _____ () C:\Users\xxx\Documents\LateinÜ1_S2.xps
2014-02-23 13:22 - 2014-02-23 13:22 - 00114082 _____ () C:\Users\xxx\Documents\LateinÜ1_S1.xps
2014-02-22 12:47 - 2014-02-22 12:47 - 00828200 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsx21E6.tmp
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\xxx\AppData\Local\WinRST
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Program Files (x86)\WinRST
2014-02-21 16:15 - 2014-02-20 18:17 - 00000112 _____ () C:\Users\xxx\AppData\Roaming\WB.CFG
2014-02-20 18:43 - 2014-02-20 18:43 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nso63E5.tmp
2014-02-20 18:15 - 2014-02-20 18:15 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\ASCOMP Software
2014-02-20 18:07 - 2014-02-20 17:51 - 00000304 _____ () C:\Windows\Tasks\PCHelpers1st.job
2014-02-20 18:00 - 2014-02-20 18:00 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsi3E99.tmp
2014-02-20 17:59 - 2014-02-20 17:59 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Optimizer Elite Max
2014-02-20 17:59 - 2014-02-20 17:51 - 00002884 _____ () C:\Windows\System32\Tasks\PCHelpers_period
2014-02-20 17:54 - 2014-02-20 17:51 - 00002694 _____ () C:\Windows\System32\Tasks\PCHelpers1st
2014-02-20 17:23 - 2014-02-20 17:23 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 17:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\eicllamcbkehkgnmgiogdhnkabjbjghb
2014-02-20 17:23 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-20 17:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-02-17 13:52 - 2013-08-16 07:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 06:41 - 2012-01-13 13:46 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 15:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 09:10 - 2013-12-25 11:34 - 00000000 ____D () C:\Users\Gast
2014-02-15 09:06 - 2013-08-19 13:44 - 534932794 _____ () C:\Windows\MEMORY.DMP
2014-02-12 21:54 - 2013-09-14 18:05 - 00001094 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk

Files to move or delete:
====================
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins000.dat
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins000.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins001.dat
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins001.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins002.dat
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins002.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\wortschatz.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\wortschatzmini.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\_ISREG32.DLL


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\xxx\AppData\Local\Temp\1sdd4npx.dll
C:\Users\xxx\AppData\Local\Temp\24373uninstall.exe
C:\Users\xxx\AppData\Local\Temp\avgnt.exe
C:\Users\xxx\AppData\Local\Temp\BackupSetup.exe
C:\Users\xxx\AppData\Local\Temp\comver.dll
C:\Users\xxx\AppData\Local\Temp\DSSExp.exe
C:\Users\xxx\AppData\Local\Temp\gert0.exe
C:\Users\xxx\AppData\Local\Temp\incredibar_installer.exe
C:\Users\xxx\AppData\Local\Temp\Installer.exe
C:\Users\xxx\AppData\Local\Temp\installhelper.dll
C:\Users\xxx\AppData\Local\Temp\install_flashplayer11x32axau_gtba_chra_dy_aih.exe
C:\Users\xxx\AppData\Local\Temp\install_flashplayer11x64ax_gtba_aih (1).exe
C:\Users\xxx\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\kpinstaller.exe
C:\Users\xxx\AppData\Local\Temp\minibar-master-v1.exe
C:\Users\xxx\AppData\Local\Temp\oct6479.tmp.exe
C:\Users\xxx\AppData\Local\Temp\Quarantine.exe
C:\Users\xxx\AppData\Local\Temp\SCC.dll
C:\Users\xxx\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\xxx\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\xxx\AppData\Local\Temp\Sqlite3.dll
C:\Users\xxx\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\xxx\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\xxx\AppData\Local\Temp\tbWis0.dll
C:\Users\xxx\AppData\Local\Temp\uninst1.exe
C:\Users\xxx\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\xxx\AppData\Local\Temp\vcredist_x64.exe
C:\Users\xxx\AppData\Local\Temp\vcredist_x86.exe
C:\Users\xxx\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\xxx\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\xxx\AppData\Local\Temp\WhiteLabelSetup.exe
C:\Users\xxx\AppData\Local\Temp\_is74D1.exe
C:\Users\xxx\AppData\Local\Temp\_isA71A.exe
C:\Users\xxx\AppData\Local\Temp\_isBADC.exe
C:\Users\xxx\AppData\Local\Temp\_isFF75.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-09 19:46

==================== End Of Log ============================
addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-03-2014 01
Ran by xxx at 2014-03-10 21:07:12
Running from C:\Users\xxx\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

10-Fingersystem in 5 Stunden GS Version 2.1.1 (HKLM-x32\...\10-Fingersystem in 5 Stunden GS_is1) (Version:  - (c) 2010 HERDT)
3D-Garten 8.0 Deluxe (HKLM-x32\...\{554A4E80-0001-2006-0407-11FF59A27A18}) (Version: 8.0 - DiComp)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Activision(R) (x32 Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
EA SPORTS online 2008 (HKLM-x32\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version:  - )
Empire Earth Ultimate Edition (HKLM-x32\...\{912CE296-3D73-4A9D-B3FB-70A5CF7A8568}) (Version: 1.0 - The Games Company)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FIFA 08 (HKLM-x32\...\{0A2A5039-B37F-489D-B1DC-A5258DF9E697}) (Version: 1.0.1.1 - Electronic Arts)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fortunitas (HKLM\...\Fortunitas) (Version: 2014.02.18.173808 - Fortunitas) <==== ATTENTION
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.3.610 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.3.610 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
InterActual Player (HKLM-x32\...\InterActual Player) (Version:  - )
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: 4.9.2 - LG Electronics)
LibreOffice 4.2.1.1 (HKLM-x32\...\{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}) (Version: 4.2.1.1 - The Document Foundation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 268.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.00 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 268.00 (Version: 268.00 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
ParaWorld (HKLM-x32\...\{EAA01BA0-6991-4296-A404-4FFF2DAC2225}) (Version: 1.05 - Sunflowers)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SavingsbullFilter (HKLM\...\{813BA625-B0FA-48D8-9B75-59759C88C219}) (Version: 1.0.0.0 - SavingsBull Filter) <==== ATTENTION
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skylanders Spyro's Adventure(TM) (HKLM-x32\...\InstallShield_{388DC046-56AD-42F2-AEAD-81B7C47D05AE}) (Version: 1.00.0000 - Activision)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.0.14735.1561 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
TicTacToe WebtoolMaster (remove only) (HKLM-x32\...\tictactoe) (Version:  - )
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - )
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
YouTube (HKCU\...\Pokki_d25e316a7812ebb3c4f8e18291ce53ba535b8659) (Version: 1.0.9.53204 - Pokki)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

20-02-2014 16:39:14 Uniblue SpeedUpMyPC installation
21-02-2014 15:29:24 Windows Update
25-02-2014 17:02:40 Windows Update
06-03-2014 11:30:57 Windows Update
07-03-2014 07:49:21 Windows Update
09-03-2014 19:18:01 Windows Defender Checkpoint
09-03-2014 19:32:27 Revo Uninstaller's restore point - Registry Helper
09-03-2014 19:42:00 Revo Uninstaller's restore point - Optimizer Elite Max
09-03-2014 19:44:26 Revo Uninstaller's restore point - Activeris AntiMalware
09-03-2014 19:45:04 Revo Uninstaller's restore point - Advanced File Optimizer
09-03-2014 19:46:00 Revo Uninstaller's restore point - AnyProtect
09-03-2014 19:47:55 Revo Uninstaller's restore point - awesomehp uninstaller
09-03-2014 19:50:09 Revo Uninstaller's restore point - Delta toolbar 
09-03-2014 19:54:02 Revo Uninstaller's restore point - FFineoDealaSoift
09-03-2014 19:56:32 Revo Uninstaller's restore point - Feven 1.5
09-03-2014 19:57:41 Revo Uninstaller's restore point - DMUninstaller
09-03-2014 19:58:40 Revo Uninstaller's restore point - IePluginService12.27.0.3326
09-03-2014 20:00:35 Revo Uninstaller's restore point - iLivid
09-03-2014 20:02:28 Revo Uninstaller's restore point - Mysearchdial
09-03-2014 20:03:56 Revo Uninstaller's restore point - Iminent
09-03-2014 20:08:37 Revo Uninstaller's restore point - Optimizer Pro v3.2
09-03-2014 20:14:28 Revo Uninstaller's restore point - Save Sense (remove only)
09-03-2014 20:17:41 Revo Uninstaller's restore point - shopnddrop
09-03-2014 20:20:02 Revo Uninstaller's restore point - Search Protect
09-03-2014 20:21:35 Revo Uninstaller's restore point - SpeedUpMyPC
09-03-2014 20:22:40 Revo Uninstaller's restore point - Wajam
09-03-2014 20:23:36 Revo Uninstaller's restore point - TuneUp Utilities 2013
09-03-2014 20:24:26 TuneUp Utilities 2013 wird entfernt
09-03-2014 20:25:39 TuneUp Utilities Language Pack (de-DE) wird entfernt
10-03-2014 18:59:36 Revo Uninstaller's restore point - Google Toolbar for Internet Explorer
10-03-2014 19:02:04 Revo Uninstaller's restore point - BackUp Maker
10-03-2014 19:39:01 Installed LibreOffice 4.2.1.1

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01774719-6EEB-4FF6-A1D7-414886BA146B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1936976051-1306050378-379204146-1001
Task: {38A7C854-5652-42BF-808A-74E8DFC236B0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001Core => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-01] (Facebook Inc.)
Task: {38AB495B-06AD-4576-8F08-654CE683FB3B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {3DCC43B5-331C-4F63-A114-D4BCE4D7B530} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001UA => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-01] (Facebook Inc.)
Task: {41B2EC03-DD3F-40AE-B427-53CEF1552856} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {506E0C36-3A40-4735-8DD9-7330B66DDA22} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-12-18] (Adobe Systems Incorporated)
Task: {57ADFFE7-67D7-46AA-BE84-4AD2661D003B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {6165AA4E-1679-46AA-8946-DF6AAB577523} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {651BE321-991B-42C8-964F-0205FBB58ABC} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {717BBBBA-0503-438A-B1A0-243B3EBDB688} - System32\Tasks\PCHelpers_period => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: {854B4FDA-F8C0-4CA1-8739-57C4361BC116} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {905CED5E-69A4-4FDC-A6A0-5138AC66A6A3} - System32\Tasks\PCHelpers1st => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: {96C4C684-EAE1-4C3A-B008-B87AE018EDE3} - \SaveSense No Task File
Task: {A4D1696F-CF15-4C1D-A796-F95D8D5FB0D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A5D821B1-7F31-472D-ABE9-259D7DAC89BC} - System32\Tasks\GoogleUpdateTaskMachineCore1cec51fca27628a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {C04389CD-BFAD-4FF6-ACA0-99BEF7D6171F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {DA8AFA9F-0CB1-49D3-BF82-5C989193A746} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
Task: {F3A3CC50-29C6-4F72-8778-6C8980DF0411} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {F6F6E60E-FC54-4B3C-AE35-F7025DF4A879} - \BitGuard No Task File
Task: {F9C36914-9CE4-41B7-A216-8A144A5E852A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001Core.job => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001UA.job => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec51fca27628a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: C:\Windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe

==================== Loaded Modules (whitelisted) =============

2014-02-21 16:32 - 2014-02-26 16:42 - 00059904 _____ () C:\Program Files (x86)\WinRST\WinRST.exe
2011-08-12 08:37 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\libeay32.dll
2012-10-20 10:39 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00292272 _____ () C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 21014960 _____ () C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00179632 _____ () C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-02-15 09:21 - 2014-02-15 09:21 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-08-12 07:58 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-10-20 10:39 - 2012-09-19 18:17 - 00397088 _____ () C:\program files (x86)\avira\antivir desktop\sqlite3.dll
2013-12-05 15:49 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 15:49 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 15:49 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 15:49 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 15:49 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-05 15:49 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: NVIDIA GeForce GT 520M
Description: NVIDIA GeForce GT 520M
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/10/2014 08:05:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2014 07:56:10 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/10/2014 07:53:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2014 07:47:51 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/10/2014 07:46:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/10/2014 08:07:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRST" wurde nicht richtig gestartet.

Error: (03/10/2014 07:56:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRST" wurde nicht richtig gestartet.

Error: (03/10/2014 07:47:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRST" wurde nicht richtig gestartet.

Error: (03/10/2014 07:45:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PirritUpdater" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/10/2014 07:45:12 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PirritUpdater erreicht.

Error: (03/10/2014 07:44:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PirritDesktop" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/10/2014 07:44:42 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PirritDesktop erreicht.


Microsoft Office Sessions:
=========================
Error: (03/10/2014 08:05:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2014 07:56:10 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (03/10/2014 07:53:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/10/2014 07:47:51 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (03/10/2014 07:46:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 60%
Total physical RAM: 3947.86 MB
Available physical RAM: 1547.34 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5130.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:279.99 GB) (Free:129.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 559343A9)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=280 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Danke schon mal für die Hilfe.

VG

schrauber 11.03.2014 07:57
hi,

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

ff32005 12.03.2014 18:39
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo,

danke fürs Feedback.

Ich hatte den Revo bereits installiert und hab im Vorfeld einiges über "Gefahrlos" deinstalliert.

Die Einträge im addition.txt mit ATTENTION sind
Code:
Fortunitas (HKLM\...\Fortunitas) (Version: 2014.02.18.173808 - Fortunitas) <==== ATTENTION
SavingsbullFilter (HKLM\...\{813BA625-B0FA-48D8-9B75-59759C88C219}) (Version: 1.0.0.0 - SavingsBull Filter) <==== ATTENTION
Ich finde hier keine zugehörigen Einträge im Revo (siehe Anhang).

Wie komm ich den Bösewichten auf die Spur?
Was soll ich deinstallieren?

Danke, Gruß

schrauber 13.03.2014 10:59
Ok dann direkt weiter mit den 3 Tools.

ff32005 13.03.2014 19:42
Hallo,

jrt.txt
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Stephan on 13.03.2014 at 19:21:30,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\shoB276.tmp



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.03.2014 at 19:28:33,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und frst.txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-03-2014 01
Ran by xxx (administrator) on xxx-PC on 13-03-2014 19:39:07
Running from C:\Users\xxx\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\WinRST\WinRST.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Facebook) C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\Run: [Facebook Update] - C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-01] (Facebook Inc.)
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\MountPoints2: {c2906b49-840c-11e1-8f4a-9439e5625c28} - E:\SetupPuma.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\Run: [Facebook Update] - C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-01] (Facebook Inc.)
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {41d487c6-08cd-11e3-9272-dc0ea10e3d8c} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {89bbda3e-0591-11e1-a620-806e6f6e6963} - D:\LGInstaller.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {a1ce44de-019f-11e3-a040-dc0ea10e3d8c} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {c2906b49-840c-11e1-8f4a-9439e5625c28} - E:\SetupPuma.exe
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [226920 2011-03-30] (NVIDIA Corporation)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=hxxp://127.0.0.1:9880
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll No File
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll No File
BHO: TabllEViewier - {3B5B5C8E-91E8-1709-32BC-2E21EB5EC931} - C:\ProgramData\TabllEViewier\jwgk.x64.dll No File
BHO: shopnddrop - {5D882C1A-D065-21E1-0C4A-4954EA1B08C6} - C:\ProgramData\shopnddrop\6uaba.x64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Topdeal - {CEFFC638-F93E-E43D-CE17-E58512A86CBD} - C:\ProgramData\Topdeal\PckfNWc7js.x64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\9rjt5rq1.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Pirrit Suggestor - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-21]
FF HKCU\...\Firefox\Extensions: [{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}] - C:\Program Files (x86)\ViewPassword\134.xpi

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (TabllEViewier) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\eicllamcbkehkgnmgiogdhnkabjbjghb [2014-03-10]
CHR Extension: (Skype Click to Call) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-10]
CHR Extension: (DVDVideoSoft) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-09-12]
CHR Extension: (Google Wallet) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (FFineoDealaSoift) - C:\ProgramData\idnjbhglpaaodmafenaknmhjabjghidg [2014-01-05]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-06-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [59904 2014-02-26] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-02] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-09-04] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-09-04] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-09-04] (LG Electronics Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-13 19:28 - 2014-03-13 19:28 - 00000691 _____ () C:\Users\xxx\Desktop\JRT.txt
2014-03-11 19:02 - 2014-03-11 19:02 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-11 19:02 - 2014-03-11 19:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-11 19:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-11 18:56 - 2014-03-11 18:56 - 01949184 _____ () C:\Users\xxx\Downloads\adwcleaner.exe
2014-03-11 18:55 - 2014-03-11 18:56 - 01037734 _____ (Thisisu) C:\Users\xxx\Downloads\JRT.exe
2014-03-11 18:55 - 2014-03-11 18:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-10 21:07 - 2014-03-11 19:19 - 00041720 _____ () C:\Users\xxx\Downloads\Addition.txt
2014-03-10 21:04 - 2014-03-13 19:39 - 00019459 _____ () C:\Users\xxx\Downloads\FRST.txt
2014-03-10 21:01 - 2014-03-13 19:39 - 00000000 ____D () C:\FRST
2014-03-10 20:53 - 2014-03-10 20:54 - 02157056 _____ (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2014-03-10 20:41 - 2014-03-10 20:41 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-03-10 20:41 - 2014-03-10 20:41 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\LibreOffice
2014-03-10 20:39 - 2014-03-10 20:41 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-03-10 20:14 - 2014-03-10 20:18 - 220545024 _____ () C:\Users\xxx\Downloads\LibreOffice_4.2.1_Win_x86.msi
2014-03-10 19:57 - 2014-03-10 19:57 - 00000000 ____D () C:\Windows\pss
2014-03-10 19:48 - 2014-03-13 19:17 - 00000000 ____D () C:\AdwCleaner
2014-03-10 19:32 - 2014-03-10 19:32 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 21:30 - 2014-03-09 21:33 - 02800104 _____ (AVAST Software) C:\Users\xxx\Downloads\avast-browser-cleanup.exe
2014-03-09 21:11 - 2014-03-09 21:11 - 00000000 ____D () C:\Users\xxx\AppData\Local\Macromedia
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Mozilla
2014-03-09 20:54 - 2014-03-09 20:54 - 00000000 ____D () C:\Program Files (x86)\FFineoDealaSoift
2014-03-09 20:30 - 2014-03-09 20:30 - 00001268 _____ () C:\Users\xxx\Desktop\Revo Uninstaller.lnk
2014-03-09 20:30 - 2014-03-09 20:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-09 20:24 - 2014-03-09 20:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\xxx\Downloads\revosetup.exe
2014-03-09 20:22 - 2014-03-09 20:22 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\xxx\Downloads\wegdamit.exe
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Users\xxx\AppData\Local\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-23 13:26 - 2014-02-23 13:26 - 00158174 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S2.xps
2014-02-23 13:24 - 2014-02-23 13:24 - 00189335 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S1.xps
2014-02-23 13:23 - 2014-02-23 13:23 - 00237279 _____ () C:\Users\xxx\Documents\LateinÜ1_S2.xps
2014-02-23 13:22 - 2014-02-23 13:22 - 00114082 _____ () C:\Users\xxx\Documents\LateinÜ1_S1.xps
2014-02-22 12:47 - 2014-02-22 12:47 - 00828200 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsx21E6.tmp
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\xxx\AppData\Local\WinRST
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Program Files (x86)\WinRST
2014-02-21 16:31 - 2014-03-09 20:20 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Mozilla
2014-02-20 18:43 - 2014-02-20 18:43 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nso63E5.tmp
2014-02-20 18:22 - 2014-03-09 20:44 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Activeris
2014-02-20 18:17 - 2014-02-21 16:15 - 00000112 _____ () C:\Users\xxx\AppData\Roaming\WB.CFG
2014-02-20 18:15 - 2014-02-20 18:15 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\ASCOMP Software
2014-02-20 18:00 - 2014-02-20 18:00 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsi3E99.tmp
2014-02-20 17:59 - 2014-02-20 17:59 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Optimizer Elite Max
2014-02-20 17:51 - 2014-03-11 18:24 - 00000304 _____ () C:\Windows\Tasks\PCHelpers_period.job
2014-02-20 17:51 - 2014-02-20 18:07 - 00000304 _____ () C:\Windows\Tasks\PCHelpers1st.job
2014-02-20 17:51 - 2014-02-20 17:59 - 00002884 _____ () C:\Windows\System32\Tasks\PCHelpers_period
2014-02-20 17:51 - 2014-02-20 17:54 - 00002694 _____ () C:\Windows\System32\Tasks\PCHelpers1st
2014-02-20 17:49 - 2014-03-08 09:36 - 00001099 _____ () C:\Users\xxx\Desktop\Continue VuuPC Installation.lnk
2014-02-20 17:23 - 2014-03-10 19:23 - 00000000 ____D () C:\ProgramData\Topdeal
2014-02-20 17:23 - 2014-03-10 19:23 - 00000000 ____D () C:\ProgramData\TabllEViewier
2014-02-20 17:23 - 2014-02-20 17:23 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 17:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\eicllamcbkehkgnmgiogdhnkabjbjghb
2014-02-15 07:03 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-15 07:03 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-15 07:02 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-15 07:02 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-15 07:02 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-15 07:02 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-15 07:02 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-15 07:02 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-15 07:02 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-15 07:02 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-15 07:02 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-15 07:02 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-15 07:02 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-15 07:02 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-15 07:02 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-15 07:02 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-15 07:02 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-15 07:02 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-15 07:02 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-15 07:02 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-15 07:02 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-15 07:02 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-15 07:02 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-15 07:02 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 07:02 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-15 07:02 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-15 07:02 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-15 07:02 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-15 07:02 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-15 07:02 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-15 07:02 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-15 07:02 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-15 07:02 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-15 07:02 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-15 07:02 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-15 07:02 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-15 07:02 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-15 07:02 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-15 07:02 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-15 07:02 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-15 07:02 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-14 19:18 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 19:18 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 19:18 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 19:18 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 19:18 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 19:18 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 19:17 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 19:17 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 19:17 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 19:17 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 19:17 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 19:17 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 19:17 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 19:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 19:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 19:17 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 19:17 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 19:17 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 19:17 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 19:17 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 19:16 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 19:16 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 19:16 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 19:16 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-13 19:39 - 2014-03-10 21:04 - 00019459 _____ () C:\Users\xxx\Downloads\FRST.txt
2014-03-13 19:39 - 2014-03-10 21:01 - 00000000 ____D () C:\FRST
2014-03-13 19:28 - 2014-03-13 19:28 - 00000691 _____ () C:\Users\xxx\Desktop\JRT.txt
2014-03-13 19:27 - 2012-11-12 19:43 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-13 19:27 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-13 19:27 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-13 19:23 - 2011-11-02 21:33 - 01862740 _____ () C:\Windows\WindowsUpdate.log
2014-03-13 19:19 - 2012-01-04 15:42 - 00000000 ____D () C:\ProgramData\clear.fi
2014-03-13 19:18 - 2013-10-09 19:45 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec51fca27628a.job
2014-03-13 19:18 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-13 19:18 - 2009-07-14 05:51 - 00085524 _____ () C:\Windows\setupact.log
2014-03-13 19:17 - 2014-03-10 19:48 - 00000000 ____D () C:\AdwCleaner
2014-03-13 19:03 - 2012-10-11 17:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-12 18:30 - 2012-10-11 17:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 18:30 - 2012-05-19 05:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:30 - 2011-08-12 08:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 19:19 - 2014-03-10 21:07 - 00041720 _____ () C:\Users\xxx\Downloads\Addition.txt
2014-03-11 19:02 - 2014-03-11 19:02 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-11 19:02 - 2014-03-11 19:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-11 18:59 - 2010-11-21 04:47 - 00495586 _____ () C:\Windows\PFRO.log
2014-03-11 18:59 - 2009-07-14 05:45 - 00339168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-11 18:56 - 2014-03-11 18:56 - 01949184 _____ () C:\Users\xxx\Downloads\adwcleaner.exe
2014-03-11 18:56 - 2014-03-11 18:55 - 01037734 _____ (Thisisu) C:\Users\xxx\Downloads\JRT.exe
2014-03-11 18:55 - 2014-03-11 18:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-11 18:55 - 2012-05-16 14:06 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001UA.job
2014-03-11 18:53 - 2012-01-04 15:36 - 00073376 _____ () C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-11 18:24 - 2014-02-20 17:51 - 00000304 _____ () C:\Windows\Tasks\PCHelpers_period.job
2014-03-10 20:54 - 2014-03-10 20:53 - 02157056 _____ (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2014-03-10 20:41 - 2014-03-10 20:41 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-03-10 20:41 - 2014-03-10 20:41 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\LibreOffice
2014-03-10 20:41 - 2014-03-10 20:39 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-03-10 20:18 - 2014-03-10 20:14 - 220545024 _____ () C:\Users\xxx\Downloads\LibreOffice_4.2.1_Win_x86.msi
2014-03-10 20:05 - 2013-01-06 17:52 - 00000000 ____D () C:\Program Files\Google
2014-03-10 20:05 - 2012-11-12 19:43 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-10 20:00 - 2012-11-12 19:43 - 00000000 ____D () C:\Users\xxx\AppData\Local\Google
2014-03-10 19:57 - 2014-03-10 19:57 - 00000000 ____D () C:\Windows\pss
2014-03-10 19:57 - 2012-01-04 15:38 - 00000000 ___RD () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-10 19:56 - 2012-06-06 18:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-10 19:51 - 2013-01-12 09:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-10 19:32 - 2014-03-10 19:32 - 00000000 ____D () C:\Windows\ERUNT
2014-03-10 19:24 - 2012-06-24 13:23 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\SoftGrid Client
2014-03-10 19:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\Topdeal
2014-03-10 19:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\TabllEViewier
2014-03-10 19:23 - 2014-01-05 20:08 - 00000000 ____D () C:\ProgramData\shopnddrop
2014-03-10 18:58 - 2013-02-03 17:04 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-03-09 21:33 - 2014-03-09 21:30 - 02800104 _____ (AVAST Software) C:\Users\xxx\Downloads\avast-browser-cleanup.exe
2014-03-09 21:11 - 2014-03-09 21:11 - 00000000 ____D () C:\Users\xxx\AppData\Local\Macromedia
2014-03-09 21:05 - 2013-04-19 16:43 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Mozilla
2014-03-09 20:54 - 2014-03-09 20:54 - 00000000 ____D () C:\Program Files (x86)\FFineoDealaSoift
2014-03-09 20:54 - 2014-01-05 20:08 - 00000000 ____D () C:\ProgramData\FFineoDealaSoift
2014-03-09 20:54 - 2014-01-05 20:08 - 00000000 ____D () C:\ProgramData\a239326dc72fe3b7
2014-03-09 20:49 - 2012-01-04 15:38 - 00001425 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-09 20:44 - 2014-02-20 18:22 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Activeris
2014-03-09 20:30 - 2014-03-09 20:30 - 00001268 _____ () C:\Users\xxx\Desktop\Revo Uninstaller.lnk
2014-03-09 20:30 - 2014-03-09 20:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-09 20:24 - 2014-03-09 20:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\xxx\Downloads\revosetup.exe
2014-03-09 20:22 - 2014-03-09 20:22 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\xxx\Downloads\wegdamit.exe
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Users\xxx\AppData\Local\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-09 20:20 - 2014-02-21 16:31 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Mozilla
2014-03-08 17:48 - 2012-05-16 14:06 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001Core.job
2014-03-08 09:36 - 2014-02-20 17:49 - 00001099 _____ () C:\Users\xxx\Desktop\Continue VuuPC Installation.lnk
2014-03-07 11:53 - 2013-12-27 10:26 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-03-07 09:01 - 2012-07-03 16:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-07 09:01 - 2011-08-12 08:12 - 00000000 ____D () C:\ProgramData\Skype
2014-03-07 08:56 - 2012-06-24 13:22 - 01596580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-07 08:56 - 2011-11-03 06:25 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-03-07 08:56 - 2011-11-03 06:25 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-03-07 08:56 - 2009-07-14 06:13 - 01596580 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-26 14:48 - 2014-02-06 20:27 - 00860772 _____ () C:\Users\xxx\Documents\jdsjd.xlsx
2014-02-23 13:26 - 2014-02-23 13:26 - 00158174 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S2.xps
2014-02-23 13:24 - 2014-02-23 13:24 - 00189335 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S1.xps
2014-02-23 13:23 - 2014-02-23 13:23 - 00237279 _____ () C:\Users\xxx\Documents\LateinÜ1_S2.xps
2014-02-23 13:22 - 2014-02-23 13:22 - 00114082 _____ () C:\Users\xxx\Documents\LateinÜ1_S1.xps
2014-02-22 12:47 - 2014-02-22 12:47 - 00828200 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsx21E6.tmp
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\xxx\AppData\Local\WinRST
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Program Files (x86)\WinRST
2014-02-21 16:15 - 2014-02-20 18:17 - 00000112 _____ () C:\Users\xxx\AppData\Roaming\WB.CFG
2014-02-20 18:43 - 2014-02-20 18:43 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nso63E5.tmp
2014-02-20 18:15 - 2014-02-20 18:15 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\ASCOMP Software
2014-02-20 18:07 - 2014-02-20 17:51 - 00000304 _____ () C:\Windows\Tasks\PCHelpers1st.job
2014-02-20 18:00 - 2014-02-20 18:00 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsi3E99.tmp
2014-02-20 17:59 - 2014-02-20 17:59 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Optimizer Elite Max
2014-02-20 17:59 - 2014-02-20 17:51 - 00002884 _____ () C:\Windows\System32\Tasks\PCHelpers_period
2014-02-20 17:54 - 2014-02-20 17:51 - 00002694 _____ () C:\Windows\System32\Tasks\PCHelpers1st
2014-02-20 17:23 - 2014-02-20 17:23 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 17:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\eicllamcbkehkgnmgiogdhnkabjbjghb
2014-02-20 17:23 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-20 17:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-02-17 13:52 - 2013-08-16 07:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 06:41 - 2012-01-13 13:46 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 15:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 09:10 - 2013-12-25 11:34 - 00000000 ____D () C:\Users\Gast
2014-02-15 09:06 - 2013-08-19 13:44 - 534932794 _____ () C:\Windows\MEMORY.DMP
2014-02-12 21:54 - 2013-09-14 18:05 - 00001094 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk

Files to move or delete:
====================
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins000.dat
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins000.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins001.dat
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins001.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins002.dat
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins002.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\wortschatz.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\wortschatzmini.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\_ISREG32.DLL


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\xxx\AppData\Local\Temp\1sdd4npx.dll
C:\Users\xxx\AppData\Local\Temp\24373uninstall.exe
C:\Users\xxx\AppData\Local\Temp\avgnt.exe
C:\Users\xxx\AppData\Local\Temp\BackupSetup.exe
C:\Users\xxx\AppData\Local\Temp\comver.dll
C:\Users\xxx\AppData\Local\Temp\DSSExp.exe
C:\Users\xxx\AppData\Local\Temp\gert0.exe
C:\Users\xxx\AppData\Local\Temp\incredibar_installer.exe
C:\Users\xxx\AppData\Local\Temp\Installer.exe
C:\Users\xxx\AppData\Local\Temp\installhelper.dll
C:\Users\xxx\AppData\Local\Temp\install_flashplayer11x32axau_gtba_chra_dy_aih.exe
C:\Users\xxx\AppData\Local\Temp\install_flashplayer11x64ax_gtba_aih (1).exe
C:\Users\xxx\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\kpinstaller.exe
C:\Users\xxx\AppData\Local\Temp\minibar-master-v1.exe
C:\Users\xxx\AppData\Local\Temp\oct6479.tmp.exe
C:\Users\xxx\AppData\Local\Temp\Quarantine.exe
C:\Users\xxx\AppData\Local\Temp\SCC.dll
C:\Users\xxx\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\xxx\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\xxx\AppData\Local\Temp\Sqlite3.dll
C:\Users\xxx\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\xxx\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\xxx\AppData\Local\Temp\tbWis0.dll
C:\Users\xxx\AppData\Local\Temp\uninst1.exe
C:\Users\xxx\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\xxx\AppData\Local\Temp\vcredist_x64.exe
C:\Users\xxx\AppData\Local\Temp\vcredist_x86.exe
C:\Users\xxx\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\xxx\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\xxx\AppData\Local\Temp\WhiteLabelSetup.exe
C:\Users\xxx\AppData\Local\Temp\_is74D1.exe
C:\Users\xxx\AppData\Local\Temp\_isA71A.exe
C:\Users\xxx\AppData\Local\Temp\_isBADC.exe
C:\Users\xxx\AppData\Local\Temp\_isFF75.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-09 19:46

==================== End Of Log ============================
--- --- ---


addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-03-2014 01
Ran by xxx at 2014-03-13 19:40:05
Running from C:\Users\xxx\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

10-Fingersystem in 5 Stunden GS Version 2.1.1 (HKLM-x32\...\10-Fingersystem in 5 Stunden GS_is1) (Version:  - (c) 2010 HERDT)
3D-Garten 8.0 Deluxe (HKLM-x32\...\{554A4E80-0001-2006-0407-11FF59A27A18}) (Version: 8.0 - DiComp)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Activision(R) (x32 Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
EA SPORTS online 2008 (HKLM-x32\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version:  - )
Empire Earth Ultimate Edition (HKLM-x32\...\{912CE296-3D73-4A9D-B3FB-70A5CF7A8568}) (Version: 1.0 - The Games Company)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FIFA 08 (HKLM-x32\...\{0A2A5039-B37F-489D-B1DC-A5258DF9E697}) (Version: 1.0.1.1 - Electronic Arts)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fortunitas (HKLM\...\Fortunitas) (Version: 2014.02.18.173808 - Fortunitas) <==== ATTENTION
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.3.610 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.3.610 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
InterActual Player (HKLM-x32\...\InterActual Player) (Version:  - )
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: 4.9.2 - LG Electronics)
LibreOffice 4.2.1.1 (HKLM-x32\...\{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}) (Version: 4.2.1.1 - The Document Foundation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 268.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.00 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 268.00 (Version: 268.00 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
ParaWorld (HKLM-x32\...\{EAA01BA0-6991-4296-A404-4FFF2DAC2225}) (Version: 1.05 - Sunflowers)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SavingsbullFilter (HKLM\...\{813BA625-B0FA-48D8-9B75-59759C88C219}) (Version: 1.0.0.0 - SavingsBull Filter) <==== ATTENTION
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skylanders Spyro's Adventure(TM) (HKLM-x32\...\InstallShield_{388DC046-56AD-42F2-AEAD-81B7C47D05AE}) (Version: 1.00.0000 - Activision)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.0.14735.1561 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
TicTacToe WebtoolMaster (remove only) (HKLM-x32\...\tictactoe) (Version:  - )
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - )
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
YouTube (HKCU\...\Pokki_d25e316a7812ebb3c4f8e18291ce53ba535b8659) (Version: 1.0.9.53204 - Pokki)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

20-02-2014 16:39:14 Uniblue SpeedUpMyPC installation
21-02-2014 15:29:24 Windows Update
25-02-2014 17:02:40 Windows Update
06-03-2014 11:30:57 Windows Update
07-03-2014 07:49:21 Windows Update
09-03-2014 19:18:01 Windows Defender Checkpoint
09-03-2014 19:32:27 Revo Uninstaller's restore point - Registry Helper
09-03-2014 19:42:00 Revo Uninstaller's restore point - Optimizer Elite Max
09-03-2014 19:44:26 Revo Uninstaller's restore point - Activeris AntiMalware
09-03-2014 19:45:04 Revo Uninstaller's restore point - Advanced File Optimizer
09-03-2014 19:46:00 Revo Uninstaller's restore point - AnyProtect
09-03-2014 19:47:55 Revo Uninstaller's restore point - awesomehp uninstaller
09-03-2014 19:50:09 Revo Uninstaller's restore point - Delta toolbar 
09-03-2014 19:54:02 Revo Uninstaller's restore point - FFineoDealaSoift
09-03-2014 19:56:32 Revo Uninstaller's restore point - Feven 1.5
09-03-2014 19:57:41 Revo Uninstaller's restore point - DMUninstaller
09-03-2014 19:58:40 Revo Uninstaller's restore point - IePluginService12.27.0.3326
09-03-2014 20:00:35 Revo Uninstaller's restore point - iLivid
09-03-2014 20:02:28 Revo Uninstaller's restore point - Mysearchdial
09-03-2014 20:03:56 Revo Uninstaller's restore point - Iminent
09-03-2014 20:08:37 Revo Uninstaller's restore point - Optimizer Pro v3.2
09-03-2014 20:14:28 Revo Uninstaller's restore point - Save Sense (remove only)
09-03-2014 20:17:41 Revo Uninstaller's restore point - shopnddrop
09-03-2014 20:20:02 Revo Uninstaller's restore point - Search Protect
09-03-2014 20:21:35 Revo Uninstaller's restore point - SpeedUpMyPC
09-03-2014 20:22:40 Revo Uninstaller's restore point - Wajam
09-03-2014 20:23:36 Revo Uninstaller's restore point - TuneUp Utilities 2013
09-03-2014 20:24:26 TuneUp Utilities 2013 wird entfernt
09-03-2014 20:25:39 TuneUp Utilities Language Pack (de-DE) wird entfernt
10-03-2014 18:59:36 Revo Uninstaller's restore point - Google Toolbar for Internet Explorer
10-03-2014 19:02:04 Revo Uninstaller's restore point - BackUp Maker
10-03-2014 19:39:01 Installed LibreOffice 4.2.1.1
11-03-2014 17:31:55 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 1.75.0.1300
13-03-2014 18:09:51 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01774719-6EEB-4FF6-A1D7-414886BA146B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1936976051-1306050378-379204146-1001
Task: {38A7C854-5652-42BF-808A-74E8DFC236B0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001Core => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-01] (Facebook Inc.)
Task: {38AB495B-06AD-4576-8F08-654CE683FB3B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {3DCC43B5-331C-4F63-A114-D4BCE4D7B530} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001UA => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-01] (Facebook Inc.)
Task: {41B2EC03-DD3F-40AE-B427-53CEF1552856} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {506E0C36-3A40-4735-8DD9-7330B66DDA22} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-12-18] (Adobe Systems Incorporated)
Task: {57ADFFE7-67D7-46AA-BE84-4AD2661D003B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {6165AA4E-1679-46AA-8946-DF6AAB577523} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {651BE321-991B-42C8-964F-0205FBB58ABC} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {717BBBBA-0503-438A-B1A0-243B3EBDB688} - System32\Tasks\PCHelpers_period => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: {854B4FDA-F8C0-4CA1-8739-57C4361BC116} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {905CED5E-69A4-4FDC-A6A0-5138AC66A6A3} - System32\Tasks\PCHelpers1st => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: {96C4C684-EAE1-4C3A-B008-B87AE018EDE3} - \SaveSense No Task File
Task: {A4D1696F-CF15-4C1D-A796-F95D8D5FB0D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A5D821B1-7F31-472D-ABE9-259D7DAC89BC} - System32\Tasks\GoogleUpdateTaskMachineCore1cec51fca27628a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {C04389CD-BFAD-4FF6-ACA0-99BEF7D6171F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {DA8AFA9F-0CB1-49D3-BF82-5C989193A746} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
Task: {F3A3CC50-29C6-4F72-8778-6C8980DF0411} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {F6F6E60E-FC54-4B3C-AE35-F7025DF4A879} - \BitGuard No Task File
Task: {F9C36914-9CE4-41B7-A216-8A144A5E852A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001Core.job => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001UA.job => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec51fca27628a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: C:\Windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe

==================== Loaded Modules (whitelisted) =============

2014-02-21 16:32 - 2014-02-26 16:42 - 00059904 _____ () C:\Program Files (x86)\WinRST\WinRST.exe
2011-08-12 08:37 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\libeay32.dll
2012-10-20 10:39 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00292272 _____ () C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 21014960 _____ () C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00179632 _____ () C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-02-15 09:21 - 2014-02-15 09:21 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-08-12 07:58 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-05 15:49 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 15:49 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 15:49 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 15:49 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 15:49 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-05 15:49 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: NVIDIA GeForce GT 520M
Description: NVIDIA GeForce GT 520M
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (03/13/2014 07:36:57 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 3947.86 MB
Available physical RAM: 2008.45 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5386.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:279.99 GB) (Free:128.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 559343A9)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=280 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 14.03.2014 18:37
MBAM? AdwCleaner?

ff32005 14.03.2014 19:04
sorry!

MBAM
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.11.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
xxx :: xxx-PC [Administrator]

11.03.2014 19:03:13
mbam-log-2014-03-11 (19-03-13).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 289654
Laufzeit: 13 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
adwcleaner
Code:
# AdwCleaner v3.021 - Bericht erstellt am 13/03/2014 um 19:17:08
# Aktualisiert 10/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : xxx - xxx-PC
# Gestartet von : C:\Users\xxx\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\xxx\AppData\Local\Pokki
Datei Gelöscht : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sb.scorecardresearch.com_0.localstorage
Datei Gelöscht : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sb.scorecardresearch.com_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Pokki

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\9rjt5rq1.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : urls_to_restore_on_startup

[ Datei : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [21752 octets] - [10/03/2014 19:48:09]
AdwCleaner[R1].txt - [1665 octets] - [13/03/2014 19:16:02]
AdwCleaner[S0].txt - [21066 octets] - [10/03/2014 19:49:36]
AdwCleaner[S1].txt - [1501 octets] - [13/03/2014 19:17:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1561 octets] ##########

schrauber 15.03.2014 12:04

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

ff32005 16.03.2014 11:01
ESET-Log
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cb8d906b6d1bad49b1de5c66cf50535b
# engine=17462
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-16 09:31:19
# local_time=2014-03-16 10:31:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 145898 260385569 138649 0
# compatibility_mode=5893 16776573 100 94 225615 146592129 0 0
# scanned=331068
# found=7
# cleaned=0
# scan_time=51750
sh=129D7A1EB8E87584134FA7C43C43BE62CFE8964D ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\ProgramData\idnjbhglpaaodmafenaknmhjabjghidg\zsUmuPF.js"
sh=129D7A1EB8E87584134FA7C43C43BE62CFE8964D ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\All Users\idnjbhglpaaodmafenaknmhjabjghidg\zsUmuPF.js"
sh=4D6F83EEBDEF2C84A754BE20FDDE8506A90F87A6 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkmgbohphdcbbhpiegkclecdhgmfkbna\3.1\OWw_32F.js"
sh=16473D95E73E4BCA64687F87235D46B9AEC0680D ft=1 fh=bef1252c3bd9321a vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\xxx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\13C8UGSB\Setup[1].exe"
sh=16473D95E73E4BCA64687F87235D46B9AEC0680D ft=1 fh=bef1252c3bd9321a vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\xxx\AppData\Local\Temp\ICReinstall_nst1123.tmp"
sh=16473D95E73E4BCA64687F87235D46B9AEC0680D ft=1 fh=bef1252c3bd9321a vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\xxx\AppData\Local\Temp\nst1123.tmp"
sh=A87B7647DC34B5B6186209377786E946B677C574 ft=1 fh=c2834f18f25710d9 vn="multiple threats" ac=I fn="C:\Users\xxx\AppData\Local\Temp\{4C7782E0-BA1D-40B8-8181-9B86F45BE426}\setup.exe"
checkup.txt
Code:
Results of screen317's Security Check version 0.99.80 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
Avira Desktop 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Skylanders Spyro's Adventure(TM) 
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 JavaFX 2.1.1   
 Java 7 Update 45 
 Java version out of Date!
 Adobe Flash Player 12.0.0.77 
 Adobe Reader 10.1.9 Adobe Reader out of Date! 
 Mozilla Firefox (27.0.1)
 Google Chrome 31.0.1650.57 
 Google Chrome 31.0.1650.63 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
frst

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-03-2014 01
Ran by xxx (administrator) on xxx-PC on 16-03-2014 10:52:24
Running from C:\Users\xxx\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\WinRST\WinRST.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Facebook Inc.) C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Facebook) C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\Run: [Facebook Update] - C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-01] (Facebook Inc.)
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1936976051-1306050378-379204146-1000\...\MountPoints2: {c2906b49-840c-11e1-8f4a-9439e5625c28} - E:\SetupPuma.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\Run: [Facebook Update] - C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-01] (Facebook Inc.)
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {41d487c6-08cd-11e3-9272-dc0ea10e3d8c} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {89bbda3e-0591-11e1-a620-806e6f6e6963} - D:\LGInstaller.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {a1ce44de-019f-11e3-a040-dc0ea10e3d8c} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1936976051-1306050378-379204146-1001\...\MountPoints2: {c2906b49-840c-11e1-8f4a-9439e5625c28} - E:\SetupPuma.exe
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [226920 2011-03-30] (NVIDIA Corporation)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=hxxp://127.0.0.1:9880
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho64.dll No File
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll No File
BHO: TabllEViewier - {3B5B5C8E-91E8-1709-32BC-2E21EB5EC931} - C:\ProgramData\TabllEViewier\jwgk.x64.dll No File
BHO: shopnddrop - {5D882C1A-D065-21E1-0C4A-4954EA1B08C6} - C:\ProgramData\shopnddrop\6uaba.x64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Topdeal - {CEFFC638-F93E-E43D-CE17-E58512A86CBD} - C:\ProgramData\Topdeal\PckfNWc7js.x64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\9rjt5rq1.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Pirrit Suggestor - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-21]
FF HKCU\...\Firefox\Extensions: [{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}] - C:\Program Files (x86)\ViewPassword\134.xpi

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (TabllEViewier) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\eicllamcbkehkgnmgiogdhnkabjbjghb [2014-03-10]
CHR Extension: (Skype Click to Call) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-10]
CHR Extension: (DVDVideoSoft) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-09-12]
CHR Extension: (Google Wallet) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (FFineoDealaSoift) - C:\ProgramData\idnjbhglpaaodmafenaknmhjabjghidg [2014-01-05]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-06-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [59904 2014-02-26] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-02] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-09-04] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-09-04] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-09-04] (LG Electronics Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-16 10:52 - 2014-03-16 10:53 - 00019524 _____ () C:\Users\xxx\Downloads\FRST.txt
2014-03-15 20:12 - 2014-03-15 20:13 - 00987442 _____ () C:\Users\xxx\Downloads\SecurityCheck.exe
2014-03-15 20:06 - 2014-03-15 20:06 - 02347384 _____ (ESET) C:\Users\xxx\Downloads\esetsmartinstaller_enu.exe
2014-03-13 19:17 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 19:17 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 19:17 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 19:17 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 19:17 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 19:17 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 19:17 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 19:17 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 19:17 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 19:17 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 19:17 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 19:17 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 19:17 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 19:17 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 19:17 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 19:17 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 19:17 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 19:17 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 19:17 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 19:17 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 19:17 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 19:17 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 19:17 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 19:17 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 19:17 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 19:17 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 19:17 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 19:17 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 19:17 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 19:17 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 19:17 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 19:17 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 19:17 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 19:17 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 19:17 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 19:17 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 19:17 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 19:17 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 19:17 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 19:17 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 19:17 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 19:17 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 19:17 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 19:17 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 19:15 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 19:15 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 19:15 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 19:15 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-11 19:02 - 2014-03-11 19:02 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-11 19:02 - 2014-03-11 19:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-11 19:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-11 18:56 - 2014-03-11 18:56 - 01949184 _____ () C:\Users\xxx\Downloads\adwcleaner.exe
2014-03-11 18:55 - 2014-03-11 18:56 - 01037734 _____ (Thisisu) C:\Users\xxx\Downloads\JRT.exe
2014-03-11 18:55 - 2014-03-11 18:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-10 21:01 - 2014-03-16 10:52 - 00000000 ____D () C:\FRST
2014-03-10 20:53 - 2014-03-10 20:54 - 02157056 _____ (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2014-03-10 20:41 - 2014-03-10 20:41 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-03-10 20:41 - 2014-03-10 20:41 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\LibreOffice
2014-03-10 20:39 - 2014-03-10 20:41 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-03-10 20:14 - 2014-03-10 20:18 - 220545024 _____ () C:\Users\xxx\Downloads\LibreOffice_4.2.1_Win_x86.msi
2014-03-10 19:57 - 2014-03-10 19:57 - 00000000 ____D () C:\Windows\pss
2014-03-10 19:48 - 2014-03-13 19:17 - 00000000 ____D () C:\AdwCleaner
2014-03-10 19:32 - 2014-03-10 19:32 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 21:30 - 2014-03-09 21:33 - 02800104 _____ (AVAST Software) C:\Users\xxx\Downloads\avast-browser-cleanup.exe
2014-03-09 21:11 - 2014-03-09 21:11 - 00000000 ____D () C:\Users\xxx\AppData\Local\Macromedia
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Mozilla
2014-03-09 20:54 - 2014-03-09 20:54 - 00000000 ____D () C:\Program Files (x86)\FFineoDealaSoift
2014-03-09 20:30 - 2014-03-09 20:30 - 00001268 _____ () C:\Users\xxx\Desktop\Revo Uninstaller.lnk
2014-03-09 20:30 - 2014-03-09 20:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-09 20:24 - 2014-03-09 20:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\xxx\Downloads\revosetup.exe
2014-03-09 20:22 - 2014-03-09 20:22 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\xxx\Downloads\wegdamit.exe
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Users\xxx\AppData\Local\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-23 13:26 - 2014-02-23 13:26 - 00158174 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S2.xps
2014-02-23 13:24 - 2014-02-23 13:24 - 00189335 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S1.xps
2014-02-23 13:23 - 2014-02-23 13:23 - 00237279 _____ () C:\Users\xxx\Documents\LateinÜ1_S2.xps
2014-02-23 13:22 - 2014-02-23 13:22 - 00114082 _____ () C:\Users\xxx\Documents\LateinÜ1_S1.xps
2014-02-22 12:47 - 2014-02-22 12:47 - 00828200 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsx21E6.tmp
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\xxx\AppData\Local\WinRST
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Program Files (x86)\WinRST
2014-02-21 16:31 - 2014-03-09 20:20 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Mozilla
2014-02-20 18:43 - 2014-02-20 18:43 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nso63E5.tmp
2014-02-20 18:22 - 2014-03-09 20:44 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Activeris
2014-02-20 18:17 - 2014-02-21 16:15 - 00000112 _____ () C:\Users\xxx\AppData\Roaming\WB.CFG
2014-02-20 18:15 - 2014-02-20 18:15 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\ASCOMP Software
2014-02-20 18:00 - 2014-02-20 18:00 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsi3E99.tmp
2014-02-20 17:59 - 2014-02-20 17:59 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Optimizer Elite Max
2014-02-20 17:51 - 2014-03-11 18:24 - 00000304 _____ () C:\Windows\Tasks\PCHelpers_period.job
2014-02-20 17:51 - 2014-02-20 18:07 - 00000304 _____ () C:\Windows\Tasks\PCHelpers1st.job
2014-02-20 17:51 - 2014-02-20 17:59 - 00002884 _____ () C:\Windows\System32\Tasks\PCHelpers_period
2014-02-20 17:51 - 2014-02-20 17:54 - 00002694 _____ () C:\Windows\System32\Tasks\PCHelpers1st
2014-02-20 17:49 - 2014-03-08 09:36 - 00001099 _____ () C:\Users\xxx\Desktop\Continue VuuPC Installation.lnk
2014-02-20 17:23 - 2014-03-10 19:23 - 00000000 ____D () C:\ProgramData\Topdeal
2014-02-20 17:23 - 2014-03-10 19:23 - 00000000 ____D () C:\ProgramData\TabllEViewier
2014-02-20 17:23 - 2014-02-20 17:23 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 17:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\eicllamcbkehkgnmgiogdhnkabjbjghb
2014-02-15 07:03 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-15 07:03 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 19:18 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 19:18 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 19:18 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 19:18 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 19:18 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 19:18 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 19:17 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 19:17 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 19:17 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 19:17 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 19:17 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 19:17 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 19:17 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 19:17 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 19:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 19:17 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 19:17 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 19:17 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 19:17 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 19:17 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 19:17 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 19:16 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 19:16 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 19:16 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 19:16 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-16 10:53 - 2014-03-16 10:52 - 00019524 _____ () C:\Users\xxx\Downloads\FRST.txt
2014-03-16 10:52 - 2014-03-10 21:01 - 00000000 ____D () C:\FRST
2014-03-16 10:51 - 2012-10-11 17:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 10:30 - 2011-11-02 21:33 - 01146699 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 10:27 - 2012-11-12 19:43 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-16 09:55 - 2012-05-16 14:06 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001UA.job
2014-03-16 09:39 - 2013-11-10 16:39 - 00000000 ____D () C:\Users\xxx\10f5h
2014-03-15 20:13 - 2014-03-15 20:12 - 00987442 _____ () C:\Users\xxx\Downloads\SecurityCheck.exe
2014-03-15 20:11 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-15 20:11 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-15 20:06 - 2014-03-15 20:06 - 02347384 _____ (ESET) C:\Users\xxx\Downloads\esetsmartinstaller_enu.exe
2014-03-15 20:03 - 2012-01-04 15:42 - 00000000 ____D () C:\ProgramData\clear.fi
2014-03-15 20:02 - 2013-10-09 19:45 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec51fca27628a.job
2014-03-15 20:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-15 20:02 - 2009-07-14 05:51 - 00085636 _____ () C:\Windows\setupact.log
2014-03-14 18:53 - 2009-07-14 05:45 - 00339168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 18:52 - 2013-03-16 16:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 18:52 - 2013-03-16 16:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 19:51 - 2012-10-11 17:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 19:51 - 2012-05-19 05:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 19:51 - 2011-08-12 08:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-13 19:17 - 2014-03-10 19:48 - 00000000 ____D () C:\AdwCleaner
2014-03-11 19:02 - 2014-03-11 19:02 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-11 19:02 - 2014-03-11 19:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-11 18:59 - 2010-11-21 04:47 - 00495586 _____ () C:\Windows\PFRO.log
2014-03-11 18:56 - 2014-03-11 18:56 - 01949184 _____ () C:\Users\xxx\Downloads\adwcleaner.exe
2014-03-11 18:56 - 2014-03-11 18:55 - 01037734 _____ (Thisisu) C:\Users\xxx\Downloads\JRT.exe
2014-03-11 18:55 - 2014-03-11 18:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-11 18:53 - 2012-01-04 15:36 - 00073376 _____ () C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-11 18:24 - 2014-02-20 17:51 - 00000304 _____ () C:\Windows\Tasks\PCHelpers_period.job
2014-03-10 20:54 - 2014-03-10 20:53 - 02157056 _____ (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2014-03-10 20:41 - 2014-03-10 20:41 - 00001468 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-03-10 20:41 - 2014-03-10 20:41 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\LibreOffice
2014-03-10 20:41 - 2014-03-10 20:39 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-03-10 20:18 - 2014-03-10 20:14 - 220545024 _____ () C:\Users\xxx\Downloads\LibreOffice_4.2.1_Win_x86.msi
2014-03-10 20:05 - 2013-01-06 17:52 - 00000000 ____D () C:\Program Files\Google
2014-03-10 20:05 - 2012-11-12 19:43 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-10 20:00 - 2012-11-12 19:43 - 00000000 ____D () C:\Users\xxx\AppData\Local\Google
2014-03-10 19:57 - 2014-03-10 19:57 - 00000000 ____D () C:\Windows\pss
2014-03-10 19:57 - 2012-01-04 15:38 - 00000000 ___RD () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-10 19:56 - 2012-06-06 18:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-10 19:51 - 2013-01-12 09:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-10 19:32 - 2014-03-10 19:32 - 00000000 ____D () C:\Windows\ERUNT
2014-03-10 19:24 - 2012-06-24 13:23 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\SoftGrid Client
2014-03-10 19:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\Topdeal
2014-03-10 19:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\TabllEViewier
2014-03-10 19:23 - 2014-01-05 20:08 - 00000000 ____D () C:\ProgramData\shopnddrop
2014-03-10 18:58 - 2013-02-03 17:04 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-03-09 21:33 - 2014-03-09 21:30 - 02800104 _____ (AVAST Software) C:\Users\xxx\Downloads\avast-browser-cleanup.exe
2014-03-09 21:11 - 2014-03-09 21:11 - 00000000 ____D () C:\Users\xxx\AppData\Local\Macromedia
2014-03-09 21:05 - 2013-04-19 16:43 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Mozilla
2014-03-09 21:04 - 2014-03-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Mozilla
2014-03-09 20:54 - 2014-03-09 20:54 - 00000000 ____D () C:\Program Files (x86)\FFineoDealaSoift
2014-03-09 20:54 - 2014-01-05 20:08 - 00000000 ____D () C:\ProgramData\FFineoDealaSoift
2014-03-09 20:54 - 2014-01-05 20:08 - 00000000 ____D () C:\ProgramData\a239326dc72fe3b7
2014-03-09 20:49 - 2012-01-04 15:38 - 00001425 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-09 20:44 - 2014-02-20 18:22 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Activeris
2014-03-09 20:30 - 2014-03-09 20:30 - 00001268 _____ () C:\Users\xxx\Desktop\Revo Uninstaller.lnk
2014-03-09 20:30 - 2014-03-09 20:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-09 20:24 - 2014-03-09 20:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\xxx\Downloads\revosetup.exe
2014-03-09 20:22 - 2014-03-09 20:22 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\xxx\Downloads\wegdamit.exe
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Users\xxx\AppData\Local\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-09 20:20 - 2014-03-09 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-09 20:20 - 2014-02-21 16:31 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Mozilla
2014-03-08 17:48 - 2012-05-16 14:06 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001Core.job
2014-03-08 09:36 - 2014-02-20 17:49 - 00001099 _____ () C:\Users\xxx\Desktop\Continue VuuPC Installation.lnk
2014-03-07 11:53 - 2013-12-27 10:26 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-03-07 09:01 - 2012-07-03 16:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-07 09:01 - 2011-08-12 08:12 - 00000000 ____D () C:\ProgramData\Skype
2014-03-07 08:56 - 2012-06-24 13:22 - 01596580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-07 08:56 - 2011-11-03 06:25 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-03-07 08:56 - 2011-11-03 06:25 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-03-07 08:56 - 2009-07-14 06:13 - 01596580 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-01 07:05 - 2014-03-13 19:17 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 19:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 19:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 19:17 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 19:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 19:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 19:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 19:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 19:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 19:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 19:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 19:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 19:17 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 19:17 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 19:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 19:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 19:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 19:17 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 19:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 19:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 19:17 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 19:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 19:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 19:17 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 19:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 19:17 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 19:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 19:17 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 19:17 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 19:17 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 19:17 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 19:17 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 19:17 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 19:17 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 19:17 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 19:17 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 19:17 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 19:17 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 19:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 19:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-26 14:48 - 2014-02-06 20:27 - 00860772 _____ () C:\Users\xxx\Documents\jdsjd.xlsx
2014-02-23 13:26 - 2014-02-23 13:26 - 00158174 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S2.xps
2014-02-23 13:24 - 2014-02-23 13:24 - 00189335 _____ () C:\Users\xxx\Documents\LateinÜ1_ML_S1.xps
2014-02-23 13:23 - 2014-02-23 13:23 - 00237279 _____ () C:\Users\xxx\Documents\LateinÜ1_S2.xps
2014-02-23 13:22 - 2014-02-23 13:22 - 00114082 _____ () C:\Users\xxx\Documents\LateinÜ1_S1.xps
2014-02-22 12:47 - 2014-02-22 12:47 - 00828200 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsx21E6.tmp
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Users\xxx\AppData\Local\WinRST
2014-02-21 16:32 - 2014-02-21 16:32 - 00000000 ____D () C:\Program Files (x86)\WinRST
2014-02-21 16:15 - 2014-02-20 18:17 - 00000112 _____ () C:\Users\xxx\AppData\Roaming\WB.CFG
2014-02-20 18:43 - 2014-02-20 18:43 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nso63E5.tmp
2014-02-20 18:15 - 2014-02-20 18:15 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\ASCOMP Software
2014-02-20 18:07 - 2014-02-20 17:51 - 00000304 _____ () C:\Windows\Tasks\PCHelpers1st.job
2014-02-20 18:00 - 2014-02-20 18:00 - 00825312 _____ (AnyProtect.com) C:\Users\xxx\AppData\Local\nsi3E99.tmp
2014-02-20 17:59 - 2014-02-20 17:59 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Optimizer Elite Max
2014-02-20 17:59 - 2014-02-20 17:51 - 00002884 _____ () C:\Windows\System32\Tasks\PCHelpers_period
2014-02-20 17:54 - 2014-02-20 17:51 - 00002694 _____ () C:\Windows\System32\Tasks\PCHelpers1st
2014-02-20 17:23 - 2014-02-20 17:23 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 17:23 - 2014-02-20 17:23 - 00000000 ____D () C:\ProgramData\eicllamcbkehkgnmgiogdhnkabjbjghb
2014-02-20 17:23 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-20 17:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-02-17 13:52 - 2013-08-16 07:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 06:41 - 2012-01-13 13:46 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 15:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 09:10 - 2013-12-25 11:34 - 00000000 ____D () C:\Users\Gast
2014-02-15 09:06 - 2013-08-19 13:44 - 534932794 _____ () C:\Windows\MEMORY.DMP

Files to move or delete:
====================
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins000.dat
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins000.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins001.dat
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins001.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins002.dat
C:\Users\Wortschatz Edwin's Wortschatztrainer\unins002.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\wortschatz.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\wortschatzmini.exe
C:\Users\Wortschatz Edwin's Wortschatztrainer\_ISREG32.DLL


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\xxx\AppData\Local\Temp\1sdd4npx.dll
C:\Users\xxx\AppData\Local\Temp\24373uninstall.exe
C:\Users\xxx\AppData\Local\Temp\avgnt.exe
C:\Users\xxx\AppData\Local\Temp\BackupSetup.exe
C:\Users\xxx\AppData\Local\Temp\comver.dll
C:\Users\xxx\AppData\Local\Temp\DSSExp.exe
C:\Users\xxx\AppData\Local\Temp\gert0.exe
C:\Users\xxx\AppData\Local\Temp\incredibar_installer.exe
C:\Users\xxx\AppData\Local\Temp\Installer.exe
C:\Users\xxx\AppData\Local\Temp\installhelper.dll
C:\Users\xxx\AppData\Local\Temp\install_flashplayer11x32axau_gtba_chra_dy_aih.exe
C:\Users\xxx\AppData\Local\Temp\install_flashplayer11x64ax_gtba_aih (1).exe
C:\Users\xxx\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\xxx\AppData\Local\Temp\kpinstaller.exe
C:\Users\xxx\AppData\Local\Temp\minibar-master-v1.exe
C:\Users\xxx\AppData\Local\Temp\oct6479.tmp.exe
C:\Users\xxx\AppData\Local\Temp\Quarantine.exe
C:\Users\xxx\AppData\Local\Temp\SCC.dll
C:\Users\xxx\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\xxx\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\xxx\AppData\Local\Temp\Sqlite3.dll
C:\Users\xxx\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\xxx\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\xxx\AppData\Local\Temp\tbWis0.dll
C:\Users\xxx\AppData\Local\Temp\uninst1.exe
C:\Users\xxx\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\xxx\AppData\Local\Temp\vcredist_x64.exe
C:\Users\xxx\AppData\Local\Temp\vcredist_x86.exe
C:\Users\xxx\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\xxx\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\xxx\AppData\Local\Temp\WhiteLabelSetup.exe
C:\Users\xxx\AppData\Local\Temp\_is74D1.exe
C:\Users\xxx\AppData\Local\Temp\_isA71A.exe
C:\Users\xxx\AppData\Local\Temp\_isBADC.exe
C:\Users\xxx\AppData\Local\Temp\_isFF75.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-09 19:46

==================== End Of Log ============================
--- --- ---


addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-03-2014 01
Ran by xxx at 2014-03-16 10:53:22
Running from C:\Users\xxx\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

10-Fingersystem in 5 Stunden GS Version 2.1.1 (HKLM-x32\...\10-Fingersystem in 5 Stunden GS_is1) (Version:  - (c) 2010 HERDT)
3D-Garten 8.0 Deluxe (HKLM-x32\...\{554A4E80-0001-2006-0407-11FF59A27A18}) (Version: 8.0 - DiComp)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Activision(R) (x32 Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
EA SPORTS online 2008 (HKLM-x32\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version:  - )
Empire Earth Ultimate Edition (HKLM-x32\...\{912CE296-3D73-4A9D-B3FB-70A5CF7A8568}) (Version: 1.0 - The Games Company)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FIFA 08 (HKLM-x32\...\{0A2A5039-B37F-489D-B1DC-A5258DF9E697}) (Version: 1.0.1.1 - Electronic Arts)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fortunitas (HKLM\...\Fortunitas) (Version: 2014.02.18.173808 - Fortunitas) <==== ATTENTION
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.3.610 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.3.610 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii uslugi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
InterActual Player (HKLM-x32\...\InterActual Player) (Version:  - )
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: 4.9.2 - LG Electronics)
LibreOffice 4.2.1.1 (HKLM-x32\...\{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}) (Version: 4.2.1.1 - The Document Foundation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 268.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.00 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 268.00 (Version: 268.00 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
ParaWorld (HKLM-x32\...\{EAA01BA0-6991-4296-A404-4FFF2DAC2225}) (Version: 1.05 - Sunflowers)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta uslugi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SavingsbullFilter (HKLM\...\{813BA625-B0FA-48D8-9B75-59759C88C219}) (Version: 1.0.0.0 - SavingsBull Filter) <==== ATTENTION
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skylanders Spyro's Adventure(TM) (HKLM-x32\...\InstallShield_{388DC046-56AD-42F2-AEAD-81B7C47D05AE}) (Version: 1.00.0000 - Activision)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.0.14735.1561 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
TicTacToe WebtoolMaster (remove only) (HKLM-x32\...\tictactoe) (Version:  - )
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - )
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotograf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - ?????????? ??????????) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ???? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
YouTube (HKCU\...\Pokki_d25e316a7812ebb3c4f8e18291ce53ba535b8659) (Version: 1.0.9.53204 - Pokki)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
S?????? f?t???af??? t?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???????? ?????????? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
????? Windows Live (x32 Version: 15.4.3502.0922 - ?????????? ??????????) Hidden
?????????? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
??????????? ?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
?????? ??????? ?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???? ??? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

25-02-2014 17:02:40 Windows Update
06-03-2014 11:30:57 Windows Update
07-03-2014 07:49:21 Windows Update
09-03-2014 19:18:01 Windows Defender Checkpoint
09-03-2014 19:32:27 Revo Uninstaller's restore point - Registry Helper
09-03-2014 19:42:00 Revo Uninstaller's restore point - Optimizer Elite Max
09-03-2014 19:44:26 Revo Uninstaller's restore point - Activeris AntiMalware
09-03-2014 19:45:04 Revo Uninstaller's restore point - Advanced File Optimizer
09-03-2014 19:46:00 Revo Uninstaller's restore point - AnyProtect
09-03-2014 19:47:55 Revo Uninstaller's restore point - awesomehp uninstaller
09-03-2014 19:50:09 Revo Uninstaller's restore point - Delta toolbar 
09-03-2014 19:54:02 Revo Uninstaller's restore point - FFineoDealaSoift
09-03-2014 19:56:32 Revo Uninstaller's restore point - Feven 1.5
09-03-2014 19:57:41 Revo Uninstaller's restore point - DMUninstaller
09-03-2014 19:58:40 Revo Uninstaller's restore point - IePluginService12.27.0.3326
09-03-2014 20:00:35 Revo Uninstaller's restore point - iLivid
09-03-2014 20:02:28 Revo Uninstaller's restore point - Mysearchdial
09-03-2014 20:03:56 Revo Uninstaller's restore point - Iminent
09-03-2014 20:08:37 Revo Uninstaller's restore point - Optimizer Pro v3.2
09-03-2014 20:14:28 Revo Uninstaller's restore point - Save Sense (remove only)
09-03-2014 20:17:41 Revo Uninstaller's restore point - shopnddrop
09-03-2014 20:20:02 Revo Uninstaller's restore point - Search Protect
09-03-2014 20:21:35 Revo Uninstaller's restore point - SpeedUpMyPC
09-03-2014 20:22:40 Revo Uninstaller's restore point - Wajam
09-03-2014 20:23:36 Revo Uninstaller's restore point - TuneUp Utilities 2013
09-03-2014 20:24:26 TuneUp Utilities 2013 wird entfernt
09-03-2014 20:25:39 TuneUp Utilities Language Pack (de-DE) wird entfernt
10-03-2014 18:59:36 Revo Uninstaller's restore point - Google Toolbar for Internet Explorer
10-03-2014 19:02:04 Revo Uninstaller's restore point - BackUp Maker
10-03-2014 19:39:01 Installed LibreOffice 4.2.1.1
11-03-2014 17:31:55 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 1.75.0.1300
13-03-2014 18:09:51 Windows Update
13-03-2014 18:53:57 Windows Update
16-03-2014 09:38:36 Revo Uninstaller's restore point - ESET Online Scanner v3
16-03-2014 09:39:14 Revo Uninstaller's restore point - ESET Online Scanner v3

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01774719-6EEB-4FF6-A1D7-414886BA146B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1936976051-1306050378-379204146-1001
Task: {38A7C854-5652-42BF-808A-74E8DFC236B0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001Core => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-01] (Facebook Inc.)
Task: {38AB495B-06AD-4576-8F08-654CE683FB3B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {3DCC43B5-331C-4F63-A114-D4BCE4D7B530} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001UA => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-01] (Facebook Inc.)
Task: {41B2EC03-DD3F-40AE-B427-53CEF1552856} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {506E0C36-3A40-4735-8DD9-7330B66DDA22} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-12-18] (Adobe Systems Incorporated)
Task: {57ADFFE7-67D7-46AA-BE84-4AD2661D003B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {6165AA4E-1679-46AA-8946-DF6AAB577523} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {651BE321-991B-42C8-964F-0205FBB58ABC} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {717BBBBA-0503-438A-B1A0-243B3EBDB688} - System32\Tasks\PCHelpers_period => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: {854B4FDA-F8C0-4CA1-8739-57C4361BC116} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {905CED5E-69A4-4FDC-A6A0-5138AC66A6A3} - System32\Tasks\PCHelpers1st => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: {96C4C684-EAE1-4C3A-B008-B87AE018EDE3} - \SaveSense No Task File
Task: {A4D1696F-CF15-4C1D-A796-F95D8D5FB0D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A5D821B1-7F31-472D-ABE9-259D7DAC89BC} - System32\Tasks\GoogleUpdateTaskMachineCore1cec51fca27628a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {C04389CD-BFAD-4FF6-ACA0-99BEF7D6171F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.)
Task: {DA8AFA9F-0CB1-49D3-BF82-5C989193A746} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
Task: {F3A3CC50-29C6-4F72-8778-6C8980DF0411} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {F6F6E60E-FC54-4B3C-AE35-F7025DF4A879} - \BitGuard No Task File
Task: {F9C36914-9CE4-41B7-A216-8A144A5E852A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001Core.job => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1936976051-1306050378-379204146-1001UA.job => C:\Users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec51fca27628a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe
Task: C:\Windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe

==================== Loaded Modules (whitelisted) =============

2014-02-21 16:32 - 2014-02-26 16:42 - 00059904 _____ () C:\Program Files (x86)\WinRST\WinRST.exe
2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-08-12 08:37 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\libeay32.dll
2012-10-20 10:39 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00292272 _____ () C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 21014960 _____ () C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
2013-03-07 21:32 - 2013-03-07 21:32 - 00179632 _____ () C:\Users\xxx\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
2014-02-15 09:21 - 2014-02-15 09:21 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-08-12 07:58 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-05 15:49 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 15:49 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 15:49 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 15:49 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 15:49 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-05 15:49 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: NVIDIA GeForce GT 520M
Description: NVIDIA GeForce GT 520M
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2014 10:50:35 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/16/2014 10:36:13 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/16/2014 09:15:17 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DMREngine.exe, Version: 1.1.0.3904, Zeitstempel: 0x4d709ab4
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00006a6d
ID des fehlerhaften Prozesses: 0x10c0
Startzeit der fehlerhaften Anwendung: 0xDMREngine.exe0
Pfad der fehlerhaften Anwendung: DMREngine.exe1
Pfad des fehlerhaften Moduls: DMREngine.exe2
Berichtskennung: DMREngine.exe3

Error: (03/15/2014 08:07:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/15/2014 08:06:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/15/2014 08:03:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2014 06:54:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/16/2014 09:14:27 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TeamViewer8 erreicht.

Error: (03/15/2014 08:04:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRST" wurde nicht richtig gestartet.

Error: (03/14/2014 07:00:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (03/14/2014 06:55:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinRST" wurde nicht richtig gestartet.

Error: (03/13/2014 07:36:57 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (03/16/2014 10:50:35 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\xxx\Downloads\esetsmartinstaller_enu.exe

Error: (03/16/2014 10:36:13 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (03/16/2014 09:15:17 AM) (Source: Application Error)(User: )
Description: DMREngine.exe1.1.0.39044d709ab4KERNELBASE.dll6.1.7601.1822951fb1116c000000500006a6d10c001cf4081326bdffbC:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exeC:\Windows\syswow64\KERNELBASE.dll1b69b31d-ace3-11e3-b02c-dc0ea10e3d8c

Error: (03/15/2014 08:07:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\xxx\Downloads\esetsmartinstaller_enu.exe

Error: (03/15/2014 08:06:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\xxx\Downloads\esetsmartinstaller_enu.exe

Error: (03/15/2014 08:03:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2014 06:54:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 3947.86 MB
Available physical RAM: 1830.68 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5225.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:279.99 GB) (Free:129.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 559343A9)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=280 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Probleme bestehen weiterhin:
- Bei Links werden erstmal Werbung-PopUps geöffnet
- in google wird mehr Werbung als Suchergebnisse gefunden
- ...

Danke für die Hilfe

schrauber 17.03.2014 09:54
In welchem Browser bestehen diese Probleme?

Java und Adobe updaten.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\ProgramData\idnjbhglpaaodmafenaknmhjabjghidg
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Alle Zeitangaben in WEZ +1. Es ist jetzt 15:41 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131