| Jackson1967 | 30.09.2014 10:21 |
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-09-2014
Ran by Nicole (administrator) on NICOLE-PC on 30-09-2014 11:05:36
Running from C:\Users\Nicole\Desktop
Loaded Profiles: UpdatusUser & Nicole (Available profiles: UpdatusUser & Nicole)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(browser) C:\Program Files (x86)\Browser+ Apps+\6b793742-2e09-427a-a17a-e7ad38f0e8c2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\FastPlayer\FastPlayerUpdaterService.exe
() C:\monitor.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Users\Nicole\AppData\Roaming\VOPackage\VOsrv.exe
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Small Island Development) C:\ProgramData\HMBAJZsis\bGjkQi.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Nicole\AppData\Local\fst_de_51\upfst_de_51.exe
(MyOSCompany) C:\Program Files (x86)\PCTRunner\MyOSProtect.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(Pay By Ads LTD) C:\Users\Nicole\AppData\Local\PennyBee\pennybee\1.3.8.3\pennybee.exe
() C:\Program Files (x86)\v04BlockAndSurf\BlockAndSurf.exe
( ) C:\Program Files (x86)\v04BlockAndSurf\BlockAndSurfC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\fst_de_51\fst_de_51.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [fst_de_51] => C:\Program Files (x86)\fst_de_51\fst_de_51.exe [3980272 2014-06-19] ()
HKLM-x32\...\Run: [Registry Helper] => "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
HKLM-x32\...\Run: [ConvertAd] => C:\Users\Nicole\AppData\Local\ConvertAd\ConvertAd.exe [2068992 2014-09-18] ()
HKLM\...\RunOnce: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM-x32\...\RunOnce: [upfst_de_51.exe] => C:\Users\Nicole\AppData\Local\fst_de_51\upfst_de_51.exe [3354096 2014-06-19] ()
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
HKU\S-1-5-21-4251113089-1256187818-3322489946-1001\...\RunOnce: [HKCU] => C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\S-1-5-21-4251113089-1256187818-3322489946-1001\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
HKU\S-1-5-21-4251113089-1256187818-3322489946-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-05-30] (Google Inc.)
HKU\S-1-5-21-4251113089-1256187818-3322489946-1002\...\Run: [PennyBee] => C:\Users\Nicole\AppData\Local\PennyBee\pennybee\1.3.8.3\pennybee.exe [556032 2014-06-19] (Pay By Ads LTD)
HKU\S-1-5-21-4251113089-1256187818-3322489946-1002\...\Run: [BlockAndSurf] => C:\Program Files (x86)\v04BlockAndSurf\BlockAndSurf.exe [130560 2014-07-20] ()
HKU\S-1-5-21-4251113089-1256187818-3322489946-1002\...\Run: [BlockAndSurfC] => C:\Program Files (x86)\v04BlockAndSurf\BlockAndSurfC.exe [2343936 2014-07-20] ( )
HKU\S-1-5-21-4251113089-1256187818-3322489946-1002\...\Run: [AsguTjucz] => regsvr32.exe "
HKU\S-1-5-21-4251113089-1256187818-3322489946-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Nicole\AppData\Local\Smartbar\Application\Smartbar.exe [29728 2014-06-16] (Smartbar)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [202560 2014-05-23] ()
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll => c:\Program Files (x86)\searchprotect\searchprotect\bin\spvc32loader.dll [171840 2014-05-23] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49175;https=127.0.0.1:49175
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZmUQgJJctuODSzF68UPn2cGBYM4Y-mh0ivOV8u5gHR_5z5HwJC1sdTuuFEsuPzG5RnBYxHoUscjkCrsRDi2fOLoZ1tZEOAO_r083jML8vLnWA4lcC2wGI7ivEL-qzA6Q,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZmUQgJJctuODSzF68UPn2cGBYM4Y-mh0ivOV8u5gHR_5z5HwJC1sdTuuFEsuPzG5RnBYxHoUscjkCrsRDi2fOLoZ1tZEOAO_r083jML8vLnWA4lcC2wGI7ivEL-qzA6Q,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZmUQgJJctuODSzF68UPn2cGBYM4Y-mh0ivOV8u5gHR_5z5HwJC1sdTuuFEsuPzG5RnBYxHoUscjkCrsRDi2fOLoZ1tZEOAO_r083jML8vLnWA4lcC2wGI7ivEL-qzA7Q,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZmUQgJJctuODSzF68UPn2cGBYM4Y-mh0ivOV8u5gHR_5z5HwJC1sdTuuFEsuPzG5RnBYxHoUscjkCrsRDi2fOLoZ1tZEOAO_r083jML8vLnWA4lcC2wGI7ivEL-qzA7Q,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZmUQgJJctuODSzF68UPn2cGBYM4Y-mh0ivOV8u5gHR_5z5HwJC1sdTuuFEsuPzG5RnBYxHoUscjkCrsRDi2fOLoZ1tZEOAO_r083jML8vLnWA4lcC2wGI7ivEL-qzA6Q,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZmUQgJJctuODSzF68UPn2cGBYM4Y-mh0ivOV8u5gHR_5z5HwJC1sdTuuFEsuPzG5RnBYxHoUscjkCrsRDi2fOLoZ1tZEOAO_r083jML8vLnWA4lcC2wGI7ivEL-qzA6Q,,&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409842311&from=tt4u&uid=ST2000DL003-9VT166_6YD10NV6XXXX6YD10NV6&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: BlockAndSurf -> {116A3232-FFD2-E653-A41B-953268ED14F9} -> C:\Program Files (x86)\v04BlockAndSurf\175.dll ()
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Avira Savings Advisor BHO -> {A18A516C-AA41-46A9-92DB-60208917E442} -> C:\Program Files (x86)\avira\Internet Explorer\avira32.dll ()
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 02 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 03 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 04 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 15 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9-x64 01 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 02 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 03 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 04 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 15 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKCU\...\Firefox\Extensions: [{157B9130-1152-8AF8-8CAB-E997B53F0984}] - C:\Program Files (x86)\v04BlockAndSurf\175.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\v04BlockAndSurf\175.xpi [2014-07-20]
Chrome:
=======
CHR HomePage: Default -> 1405B96A34ECD15BB5A2DC6D83FB3262ED2B07BDC817F79F77343D5978304CF0
CHR DefaultSearchKeyword: Default -> 3D3014F8DD64670E947C1AD2AFFDF321B5C895733E8818DD2FBE0F8E251E6525
CHR DefaultSearchURL: Default -> 792E2CF6D741FDA68C4708647F71C359B2BBDBD966343C5F62AF8AD6D1B35F8B
CHR Profile: C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Speedial) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2014-06-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-17]
CHR Extension: (Avira Savings Advisor) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\cojnmaaohncijldefpkpkkakjonfmgeb [2014-05-30]
CHR Extension: (BlockAndSurf) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjpcoajejlekeogiajmjfkcehpcefmao [2014-07-20]
CHR Extension: (Google Wallet) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-31]
CHR Extension: (Quick start) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-09-04]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-05-30]
CHR HKLM-x32\...\Chrome\Extension: [cojnmaaohncijldefpkpkkakjonfmgeb] - C:\Program Files (x86)\avira\Chrome\avira-1.5.14.crx [2013-12-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-17] (Avira Operations GmbH & Co. KG)
R2 bGjkQi; C:\ProgramData\HMBAJZsis\bGjkQi.exe [2319728 2014-09-17] (Small Island Development)
R2 FastPlayerUpdaterService; C:\Program Files (x86)\FastPlayer\FastPlayerUpdaterService.exe [11776 2014-09-16] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-17] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-17] (globalUpdate) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-04] (Cherished Technololgy LIMITED)
R3 MyOSProtect; C:\Program Files (x86)\PCTRunner\MyOSProtect.exe [1317096 2014-09-01] (MyOSCompany) [File not signed]
S2 ProtectMonitor; C:\monitorsvc.exe [34244 2014-09-02] () [File not signed] <==== ATTENTION
R2 vosr; C:\Users\Nicole\AppData\Roaming\VOPackage\VOsrv.exe [55808 2014-06-19] () [File not signed] <==== ATTENTION
R2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [303616 2014-07-25] (Wajam Internet Technologies Inc.) [File not signed] <==== ATTENTION
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-04] (Fuyu LIMITED) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 {f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64; C:\Windows\System32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys [61112 2014-06-16] (StdLib)
R1 {f64c1459-b911-4fd8-a74e-36a496bf26e3}w64; C:\Windows\System32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}w64.sys [61112 2014-08-16] (StdLib)
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-30 11:05 - 2014-09-30 11:05 - 00022585 _____ () C:\Users\Nicole\Desktop\FRST.txt
2014-09-30 11:05 - 2014-09-30 11:05 - 00000000 ____D () C:\FRST
2014-09-30 11:04 - 2014-09-30 11:04 - 00000474 _____ () C:\Users\Nicole\Desktop\defogger_disable.log
2014-09-30 11:04 - 2014-09-30 11:04 - 00000000 _____ () C:\Users\Nicole\defogger_reenable
2014-09-30 11:03 - 2014-09-30 11:03 - 02108928 _____ (Farbar) C:\Users\Nicole\Desktop\FRST64.exe
2014-09-30 11:03 - 2014-09-30 11:02 - 00050477 _____ () C:\Users\Nicole\Desktop\Defogger.exe
2014-09-30 11:02 - 2014-09-30 11:03 - 02108928 _____ (Farbar) C:\Users\Nicole\Downloads\FRST64.exe
2014-09-30 11:02 - 2014-09-30 11:02 - 00050477 _____ () C:\Users\Nicole\Downloads\Defogger.exe
2014-09-29 00:12 - 2014-09-29 00:12 - 00001060 _____ () C:\Users\Nicole\Desktop\Continue Live Installation.lnk
2014-09-28 23:48 - 2014-09-28 23:48 - 00000000 ____D () C:\ProgramData\Browser
2014-09-28 23:42 - 2014-09-28 23:42 - 00289328 _____ () C:\Windows\Minidump\092814-27440-01.dmp
2014-09-28 23:42 - 2014-09-28 23:42 - 00000000 ____D () C:\Windows\Minidump
2014-09-28 23:41 - 2014-09-28 23:41 - 415864219 _____ () C:\Windows\MEMORY.DMP
2014-09-28 19:22 - 2014-09-28 19:22 - 00003106 _____ () C:\Windows\System32\Tasks\{40DC5600-FEAA-4016-BBC4-EC9DD8626D6C}
2014-09-28 18:38 - 2014-09-28 18:38 - 00000000 ____D () C:\ProgramData\374311380
2014-09-18 20:47 - 2014-09-18 20:47 - 00612006 _____ (ClickMeIn Limited) C:\Users\Nicole\AppData\Local\nsgD126.tmp
2014-09-18 20:47 - 2014-09-18 20:47 - 00000000 ____D () C:\Users\Nicole\AppData\Local\ConvertAd
2014-09-17 17:58 - 2014-09-17 17:58 - 00000000 ____D () C:\Users\Nicole\Documents\Optimizer Pro
2014-09-17 17:54 - 2014-09-30 10:42 - 00002434 _____ () C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-5_user.job
2014-09-17 17:54 - 2014-09-30 10:42 - 00002434 _____ () C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-5.job
2014-09-17 17:54 - 2014-09-30 10:42 - 00001390 _____ () C:\Windows\Tasks\6b793742-2e09-427a-a17a-e7ad38f0e8c2.job
2014-09-17 17:54 - 2014-09-17 17:54 - 00005464 _____ () C:\Windows\System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-5
2014-09-17 17:54 - 2014-09-17 17:54 - 00004420 _____ () C:\Windows\System32\Tasks\6b793742-2e09-427a-a17a-e7ad38f0e8c2
2014-09-17 17:54 - 2014-09-17 17:54 - 00004360 _____ () C:\Windows\SysWOW64\MyOSProtect.ini
2014-09-17 17:54 - 2014-09-17 17:54 - 00002312 _____ () C:\Windows\SysWOW64\MyOSProtectOff.ini
2014-09-17 17:54 - 2014-09-17 17:54 - 00002312 _____ () C:\Windows\system32\MyOSProtectOff.ini
2014-09-17 17:54 - 2014-09-17 17:54 - 00000000 ____D () C:\Users\Nicole\AppData\Local\com
2014-09-17 17:54 - 2014-09-01 20:28 - 00350768 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect64.dll
2014-09-17 17:53 - 2014-09-30 10:53 - 00003458 _____ () C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-6.job
2014-09-17 17:53 - 2014-09-30 10:42 - 00004484 _____ () C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-11.job
2014-09-17 17:53 - 2014-09-30 10:42 - 00003802 _____ () C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-4.job
2014-09-17 17:53 - 2014-09-30 10:42 - 00003802 _____ () C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-3.job
2014-09-17 17:53 - 2014-09-30 10:42 - 00003458 _____ () C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-7.job
2014-09-17 17:53 - 2014-09-30 10:42 - 00002760 _____ () C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-1.job
2014-09-17 17:53 - 2014-09-17 17:54 - 00000000 ____D () C:\Program Files (x86)\Browser+ Apps+
2014-09-17 17:53 - 2014-09-17 17:53 - 00007514 _____ () C:\Windows\System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-11
2014-09-17 17:53 - 2014-09-17 17:53 - 00006832 _____ () C:\Windows\System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-4
2014-09-17 17:53 - 2014-09-17 17:53 - 00006832 _____ () C:\Windows\System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-3
2014-09-17 17:53 - 2014-09-17 17:53 - 00006488 _____ () C:\Windows\System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-7
2014-09-17 17:53 - 2014-09-17 17:53 - 00006486 _____ () C:\Windows\System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-6
2014-09-17 17:53 - 2014-09-17 17:53 - 00005790 _____ () C:\Windows\System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-1
2014-09-17 17:53 - 2014-09-17 17:53 - 00001915 _____ () C:\Users\UpdatusUser\Desktop\FastPlayer.lnk
2014-09-17 17:53 - 2014-09-17 17:53 - 00001915 _____ () C:\Users\Nicole\Desktop\FastPlayer.lnk
2014-09-17 17:53 - 2014-09-17 17:53 - 00000000 ____D () C:\Users\Nicole\AppData\Local\fastplayer
2014-09-17 17:53 - 2014-09-17 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPlayer
2014-09-17 17:53 - 2014-09-17 17:53 - 00000000 ____D () C:\ProgramData\HMBAJZsis
2014-09-17 17:53 - 2014-09-01 20:28 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyOSProtect.dll
2014-09-17 17:52 - 2014-09-17 17:54 - 00000000 ____D () C:\Program Files (x86)\PCTRunner
2014-09-17 17:52 - 2014-09-17 17:53 - 00000000 ____D () C:\ProgramData\TVWizard
2014-09-17 17:52 - 2014-09-17 17:53 - 00000000 ____D () C:\Program Files (x86)\FastPlayer
2014-09-17 17:51 - 2014-09-17 17:51 - 01055432 _____ () C:\Users\Nicole\Downloads\New_Player.exe
2014-09-14 14:18 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 14:18 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 14:18 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 14:18 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 14:18 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-14 14:18 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 14:18 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 14:18 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 14:18 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 14:18 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 14:18 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 14:18 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-14 14:18 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 14:18 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 14:18 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 14:18 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 14:18 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 14:18 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 14:18 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-14 14:18 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-14 14:18 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 14:18 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 14:18 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 14:18 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 14:18 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-14 14:18 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 14:18 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-14 14:18 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 14:18 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 14:18 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 14:18 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-14 14:18 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-14 14:18 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 14:18 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-14 14:18 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-14 14:18 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 14:18 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 14:18 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 14:18 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 14:18 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 14:18 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 14:18 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 14:18 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-14 14:18 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 14:18 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 14:18 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 14:18 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 14:18 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 14:18 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 14:18 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 14:18 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-14 14:18 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 14:18 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 14:18 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 14:18 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 14:18 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 12:06 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 12:06 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-14 12:06 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-14 12:06 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-14 12:06 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-04 16:52 - 2014-09-28 19:06 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-09-04 16:52 - 2014-09-28 18:59 - 00000003 _____ () C:\Users\Nicole\AppData\Local\proxy.log
2014-09-04 16:52 - 2014-09-04 16:52 - 00000000 ____D () C:\Users\Nicole\AppData\Roaming\istartsurf
2014-09-04 16:52 - 2014-09-04 16:52 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-04 16:52 - 2014-09-04 16:52 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-04 16:52 - 2014-09-04 16:52 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 _____ () C:\monitor.exe
2014-09-02 21:55 - 2014-09-02 21:55 - 00034244 _____ () C:\monitorsvc.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-30 11:04 - 2014-05-30 14:00 - 00000000 ____D () C:\Users\Nicole
2014-09-30 10:52 - 2014-06-19 19:52 - 00001382 _____ () C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-7.job
2014-09-30 10:49 - 2009-07-14 06:45 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-30 10:49 - 2009-07-14 06:45 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-30 10:47 - 2014-05-30 13:48 - 01588989 _____ () C:\Windows\WindowsUpdate.log
2014-09-30 10:46 - 2014-06-19 20:26 - 00000000 ____D () C:\Users\Nicole\AppData\Local\fst_de_51
2014-09-30 10:45 - 2014-06-19 20:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-30 10:44 - 2014-07-20 14:50 - 00003072 _____ () C:\Users\Nicole\AppData\Local\BlockAndSurfdb.sqlite
2014-09-30 10:43 - 2014-06-19 20:23 - 00001334 _____ () C:\Users\Nicole\Desktop\PennyBee.lnk
2014-09-30 10:42 - 2014-07-20 14:50 - 00000402 _____ () C:\Windows\Tasks\BlockAndSurf_wd.job
2014-09-30 10:42 - 2014-06-20 18:28 - 00003800 _____ () C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-11.job
2014-09-30 10:42 - 2014-06-20 18:28 - 00003118 _____ () C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-3.job
2014-09-30 10:42 - 2014-06-20 18:28 - 00002220 _____ () C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-4.job
2014-09-30 10:42 - 2014-06-20 18:28 - 00001504 _____ () C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-6.job
2014-09-30 10:42 - 2014-06-20 18:28 - 00001496 _____ () C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-1.job
2014-09-30 10:42 - 2014-06-20 18:28 - 00001438 _____ () C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-7.job
2014-09-30 10:42 - 2014-06-20 18:28 - 00001430 _____ () C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-5.job
2014-09-30 10:42 - 2014-06-19 20:30 - 00000424 _____ () C:\Windows\Tasks\BlockAndSurf Update.job
2014-09-30 10:42 - 2014-06-19 19:52 - 00003440 _____ () C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-11.job
2014-09-30 10:42 - 2014-06-19 19:52 - 00002414 _____ () C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-3.job
2014-09-30 10:42 - 2014-06-19 19:52 - 00002220 _____ () C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-4.job
2014-09-30 10:42 - 2014-06-19 19:52 - 00001448 _____ () C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-6.job
2014-09-30 10:42 - 2014-06-19 19:52 - 00001440 _____ () C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-1.job
2014-09-30 10:42 - 2014-06-19 19:52 - 00001398 _____ () C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-5.job
2014-09-30 10:42 - 2014-06-19 19:52 - 00000912 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-30 10:42 - 2014-05-30 13:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-30 10:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-30 10:42 - 2009-07-14 06:51 - 00092874 _____ () C:\Windows\setupact.log
2014-09-29 01:08 - 2014-05-30 13:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-29 00:23 - 2014-06-19 20:23 - 00000296 _____ () C:\Windows\Tasks\Speedial.job
2014-09-28 23:58 - 2014-06-19 19:52 - 00000916 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-09-28 23:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-09-28 19:57 - 2014-07-20 14:54 - 00000000 ____D () C:\Users\Nicole\AppData\Local\Smartbar
2014-09-28 19:00 - 2014-06-19 20:29 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-28 18:30 - 2014-06-21 16:07 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-28 18:30 - 2014-05-30 14:00 - 00001635 _____ () C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-28 18:28 - 2014-07-29 19:06 - 00000000 ____D () C:\ProgramData\Registry Helper
2014-09-28 17:37 - 2014-06-19 20:24 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-09-28 17:37 - 2014-06-19 20:24 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-09-28 17:37 - 2014-06-19 20:24 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-09-18 20:48 - 2014-06-19 20:24 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-09-18 20:48 - 2014-06-19 20:24 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-09-18 20:48 - 2014-06-19 20:24 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-09-18 20:48 - 2014-06-19 20:24 - 00001053 _____ () C:\Users\Nicole\Desktop\AnyProtect.lnk
2014-09-17 17:53 - 2014-06-19 19:52 - 00003914 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-09-17 17:53 - 2014-06-19 19:52 - 00003660 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-09-14 14:20 - 2011-05-16 16:04 - 00653928 _____ () C:\Windows\system32\perfh007.dat
2014-09-14 14:20 - 2011-05-16 16:04 - 00129800 _____ () C:\Windows\system32\perfc007.dat
2014-09-14 14:20 - 2009-07-14 07:13 - 01518986 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 14:15 - 2014-06-01 21:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 14:14 - 2014-05-30 14:23 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-14 14:13 - 2011-07-18 22:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 12:12 - 2014-05-30 13:52 - 00002385 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-14 12:04 - 2014-07-20 14:54 - 00000000 ____D () C:\ProgramData\AsguTjucz
2014-09-14 12:04 - 2014-07-20 14:50 - 00000000 ____D () C:\Program Files (x86)\v04BlockAndSurf
2014-09-14 12:03 - 2014-06-19 19:51 - 00000000 ____D () C:\Program Files (x86)\SpadeCast
2014-09-14 11:54 - 2010-11-21 05:47 - 00111442 _____ () C:\Windows\PFRO.log
2014-09-04 16:51 - 2014-07-20 14:55 - 00002371 _____ () C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-04 16:51 - 2014-07-20 14:55 - 00002273 _____ () C:\Users\Nicole\Desktop\Search.lnk
2014-09-04 16:51 - 2014-05-30 13:55 - 00002239 _____ () C:\Users\Public\Desktop\MEDION Serviceportal.lnk
2014-09-04 16:51 - 2014-05-30 13:55 - 00002219 _____ () C:\Users\Public\Desktop\MEDIONhome.lnk
2014-09-04 16:51 - 2014-05-30 13:55 - 00001483 _____ () C:\Users\Public\Desktop\eBay.lnk
2014-09-04 16:51 - 2014-05-30 13:52 - 00002710 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2014-08-31 16:12 - 2009-07-14 06:45 - 00359040 _____ () C:\Windows\system32\FNTCACHE.DAT
Some content of TEMP:
====================
C:\Users\Nicole\AppData\Local\Temp\avgnt.exe
C:\Users\Nicole\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Nicole\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Nicole\AppData\Local\Temp\GoogleSetup.exe
C:\Users\Nicole\AppData\Local\Temp\ins93F5.tmp.exe
C:\Users\Nicole\AppData\Local\Temp\nsd482F.exe
C:\Users\Nicole\AppData\Local\Temp\nsf4722.exe
C:\Users\Nicole\AppData\Local\Temp\nsf6E25.exe
C:\Users\Nicole\AppData\Local\Temp\nsn4168.exe
C:\Users\Nicole\AppData\Local\Temp\nsn4A90.exe
C:\Users\Nicole\AppData\Local\Temp\nsp44A1.exe
C:\Users\Nicole\AppData\Local\Temp\nss3F16.exe
C:\Users\Nicole\AppData\Local\Temp\nsv7142.exe
C:\Users\Nicole\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Nicole\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Nicole\AppData\Local\Temp\ShoppinH2.exe
C:\Users\Nicole\AppData\Local\Temp\SpOrder.dll
C:\Users\Nicole\AppData\Local\Temp\tmp2BE2.exe
C:\Users\Nicole\AppData\Local\Temp\_BlockAndSurfj82.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-30 12:07
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-09-2014
Ran by Nicole at 2014-09-30 11:06:25
Running from C:\Users\Nicole\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.5 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{41042E28-CCA1-4147-869F-9E928B38F04C}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.1 - CMI Limited) <==== ATTENTION
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira Savings Advisor (HKLM-x32\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira) <==== ATTENTION
BlockAndSurf (HKLM-x32\...\98ED46B1-930C-57F4-3C7B-7B8B1813E961) (Version: - BlockAndSurf-software) <==== ATTENTION
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
ConvertAd (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3418 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1817_38674 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink PowerRecover (x32 Version: 5.5.4125 - CyberLink Corp.) Hidden
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.1928 - CyberLink Corp.)
CyberLink YouPaint (x32 Version: 1.2.1928 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FastPlayer (HKLM-x32\...\FastPlayer) (Version: v1.0.0.1 - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.37.528 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.37.528 - DVDVideoSoft Ltd.)
fst_de_51 (HKLM-x32\...\fst_de_51_is1) (Version: - FREE_SOFT_TODAY) <==== ATTENTION
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Installer (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version: - istartsurf) <==== ATTENTION
Java Auto Updater (x32 Version: 2.1.5.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000FF}) (Version: 7.0.0 - Oracle)
Java(TM) 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217000FF}) (Version: 7.0.0 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2926 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60531.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NVIDIA Control Panel 280.26 (Version: 280.26 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 280.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 280.26 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.24.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1000.25.170 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.11.0621 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update 1.4.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.4.28 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.4.28 - NVIDIA Corporation) Hidden
PennyBee (HKCU\...\PennyBee) (Version: - playnowradio) <==== ATTENTION
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plus-HD-9.1 (HKLM-x32\...\Plus-HD-9.1) (Version: 1.34.6.10 - Plus HD) <==== ATTENTION
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6368 - Realtek Semiconductor Corp.)
S10 (HKLM-x32\...\S10) (Version: 1.34.6.10 - smart-saverplus)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.13.3.38 - Client Connect LTD) <==== ATTENTION
Shopping Helper Smartbar (HKLM-x32\...\{16F8A832-DD84-4271-8B76-ACADE6DB3968}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
SpadeCast (HKLM\...\SpadeCast) (Version: 2014.06.19.011914 - SpadeCast)
Speedial (HKLM-x32\...\Speedial) (Version: - Speedial) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TV Wizard (HKLM-x32\...\TVWizard) (Version: 2.7.38 - Small Island Development) <==== ATTENTION
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionpc.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
Wajam (HKLM-x32\...\Wajam) (Version: 2.12 (i2.4) - Wajam) <==== ATTENTION
Web Protect for Windows (HKLM-x32\...\wp-dcollect-tgu) (Version: 10.0.0 - PC Publishing) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
21-06-2014 15:03:02 Geplanter Prüfpunkt
20-07-2014 12:01:32 Windows Update
20-07-2014 13:17:21 Windows Update
29-07-2014 16:43:17 Geplanter Prüfpunkt
17-08-2014 09:06:27 Windows Update
30-08-2014 08:14:23 Windows Update
30-08-2014 14:03:55 Windows Update
14-09-2014 12:12:05 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0E5AB741-2C3D-4C49-9495-8B73FE4648C1} - System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-7 => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-7.exe
Task: {12F5EB9D-F5F8-42DD-AC67-41485B82CC7A} - System32\Tasks\9afed05b-4983-4182-93e7-c686685b911b-6 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-novainstaller.exe
Task: {1740B4A2-232D-43BF-AD58-F6C29C4453FF} - System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-1 => C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-codedownloader.exe
Task: {1B9DF106-74C6-43D7-A2F3-3FBFFDA43A4D} - System32\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-11 => C:\Program Files (x86)\S10\e897c2f8-56b0-4114-8d77-acc0480b1272-11.exe
Task: {28B72E0D-2D64-413E-9D63-524978359E2E} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-09-18] (AnyProtect.com) <==== ATTENTION
Task: {3BABD0F9-8F54-402D-9B9D-8890F6FBF48D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30] (Google Inc.)
Task: {537CA4BF-E871-4173-B20D-74A31347807D} - System32\Tasks\6b793742-2e09-427a-a17a-e7ad38f0e8c2 => C:\Program Files (x86)\Browser+ Apps+\6b793742-2e09-427a-a17a-e7ad38f0e8c2.exe [2014-09-17] (browser)
Task: {53B33A07-06AB-44A2-9BEB-8D24F980F295} - System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-4 => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-4.exe
Task: {55C25FF6-2F7E-49F9-B565-1CD60E87BFA3} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-17] (globalUpdate) <==== ATTENTION
Task: {5B685ACB-563C-450A-8752-2668E35AC968} - System32\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-5 => C:\Program Files (x86)\S10\e897c2f8-56b0-4114-8d77-acc0480b1272-5.exe
Task: {5E946298-40B1-45ED-9397-1B99131F0443} - System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-5 => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-5.exe [2014-09-17] (browser)
Task: {5F3288BE-E6B4-4825-8300-253A15F47C64} - System32\Tasks\Speedial => C:\Users\Nicole\AppData\Roaming\Speedial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {636E8A9F-1610-4ED8-A76C-DC0EA2BB12B6} - System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-5_user => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-5.exe [2014-09-17] (browser)
Task: {70470905-B371-4E6F-92C1-68996ED3C7A1} - System32\Tasks\9afed05b-4983-4182-93e7-c686685b911b-3 => C:\Program Files (x86)\Plus-HD-9.1\9afed05b-4983-4182-93e7-c686685b911b-3.exe
Task: {70C5B903-83CF-4FDE-90F4-AB33F09730F4} - System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-3 => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-3.exe
Task: {7DEA5000-1655-4E4A-91E6-9F2BCD51683E} - System32\Tasks\9afed05b-4983-4182-93e7-c686685b911b-7 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-nova.exe
Task: {7E329D6F-ED0B-44BA-919D-905DC3F48912} - System32\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-4 => C:\Program Files (x86)\S10\e897c2f8-56b0-4114-8d77-acc0480b1272-4.exe
Task: {7FD0A6B5-42E0-4545-9FB2-8C8D665F6AAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30] (Google Inc.)
Task: {8D6E8784-0302-4340-B7D8-6FBC12FB1E8A} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
Task: {93515093-9795-4269-B02B-380589A9061B} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\v04BlockAndSurf\v02BlockAndSurfV21.exe [2014-07-20] () <==== ATTENTION
Task: {9379B4D6-2C49-4A44-B18F-5B1396C355B8} - System32\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-7 => C:\Program Files (x86)\S10\S10-nova.exe
Task: {A52233B2-6274-4944-9D6A-29413495F6C9} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-09-18] (AnyProtect.com) <==== ATTENTION
Task: {A5B8F144-47BA-45AC-820E-3EF5E16AA2FD} - System32\Tasks\9afed05b-4983-4182-93e7-c686685b911b-11 => C:\Program Files (x86)\Plus-HD-9.1\9afed05b-4983-4182-93e7-c686685b911b-11.exe
Task: {A776B936-A119-4798-B41E-A215EFB9194A} - System32\Tasks\9afed05b-4983-4182-93e7-c686685b911b-1 => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-codedownloader.exe
Task: {BBF8157E-998F-494F-9602-CF9E96762BA0} - System32\Tasks\9afed05b-4983-4182-93e7-c686685b911b-5 => C:\Program Files (x86)\Plus-HD-9.1\9afed05b-4983-4182-93e7-c686685b911b-5.exe
Task: {C6B8332D-7A95-4174-A7C4-3D750F84D649} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-09-18] (AnyProtect.com) <==== ATTENTION
Task: {CE562D5B-71F5-4BE9-B715-A23AFA1FB937} - System32\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-6 => C:\Program Files (x86)\S10\S10-novainstaller.exe
Task: {DB5B333E-BE72-4F10-AE86-A88E583A9A50} - System32\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-1 => C:\Program Files (x86)\S10\S10-codedownloader.exe
Task: {DC481D28-3151-479D-925B-27BF7080752D} - System32\Tasks\9afed05b-4983-4182-93e7-c686685b911b-4 => C:\Program Files (x86)\Plus-HD-9.1\9afed05b-4983-4182-93e7-c686685b911b-4.exe
Task: {DE0ACC46-4FF2-4AE7-8D26-8A3F3911AAD9} - System32\Tasks\PennyBee => C:\Users\Nicole\AppData\Local\PennyBee\pennybee\1.3.8.3\pennybee.exe [2014-06-19] (Pay By Ads LTD)
Task: {E4B4B904-4B10-4750-8BC1-C6E2C3B380F9} - System32\Tasks\BlockAndSurf_wd => C:\Program Files (x86)\v04BlockAndSurf\w4BlockAndSurfF.exe <==== ATTENTION
Task: {E5E859E4-B993-4BF4-84C8-7975DD7B5E20} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-17] (globalUpdate) <==== ATTENTION
Task: {F3DD46CF-F1E1-472C-B28D-5496F43FA34E} - System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-6 => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-6.exe
Task: {FCB58E1D-96F9-4900-AED1-F445C4C9EC56} - System32\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-11 => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-11.exe
Task: {FD69EA22-CF92-4B21-8DE6-D2488AB6E64B} - System32\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-3 => C:\Program Files (x86)\S10\e897c2f8-56b0-4114-8d77-acc0480b1272-3.exe
Task: {FE5A6A79-6459-4559-9460-96764326A1E5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-1.job => C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-codedownloader.exe
Task: C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-11.job => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-11.exe
Task: C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-3.job => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-3.exe
Task: C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-4.job => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-4.exe
Task: C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-5.job => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-5.exe
Task: C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-5_user.job => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-5.exe
Task: C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-6.job => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-6.exe
Task: C:\Windows\Tasks\1a878cad-63df-4953-8a63-7f65ee067291-7.job => C:\Program Files (x86)\Browser+ Apps+\1a878cad-63df-4953-8a63-7f65ee067291-7.exe
Task: C:\Windows\Tasks\6b793742-2e09-427a-a17a-e7ad38f0e8c2.job => C:\Program Files (x86)\Browser+ Apps+\6b793742-2e09-427a-a17a-e7ad38f0e8c2.exe
Task: C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-1.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-11.job => C:\Program Files (x86)\Plus-HD-9.1\9afed05b-4983-4182-93e7-c686685b911b-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-3.job => C:\Program Files (x86)\Plus-HD-9.1\9afed05b-4983-4182-93e7-c686685b911b-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-4.job => C:\Program Files (x86)\Plus-HD-9.1\9afed05b-4983-4182-93e7-c686685b911b-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-5.job => C:\Program Files (x86)\Plus-HD-9.1\9afed05b-4983-4182-93e7-c686685b911b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-6.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-novainstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\9afed05b-4983-4182-93e7-c686685b911b-7.job => C:\Program Files (x86)\Plus-HD-9.1\Plus-HD-9.1-nova.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\v04BlockAndSurf\v02BlockAndSurfV21.exe <==== ATTENTION
Task: C:\Windows\Tasks\BlockAndSurf_wd.job => C:\Program Files (x86)\v04BlockAndSurf\w4BlockAndSurfF.exe <==== ATTENTION
Task: C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-1.job => C:\Program Files (x86)\S10\S10-codedownloader.exe
Task: C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-11.job => C:\Program Files (x86)\S10\e897c2f8-56b0-4114-8d77-acc0480b1272-11.exe
Task: C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-3.job => C:\Program Files (x86)\S10\e897c2f8-56b0-4114-8d77-acc0480b1272-3.exe
Task: C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-4.job => C:\Program Files (x86)\S10\e897c2f8-56b0-4114-8d77-acc0480b1272-4.exe
Task: C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-5.job => C:\Program Files (x86)\S10\e897c2f8-56b0-4114-8d77-acc0480b1272-5.exe
Task: C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-6.job => C:\Program Files (x86)\S10\S10-novainstaller.exe
Task: C:\Windows\Tasks\e897c2f8-56b0-4114-8d77-acc0480b1272-7.job => C:\Program Files (x86)\S10\S10-nova.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Speedial.job => C:\Users\Nicole\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-08-21 12:33 - 2014-09-04 16:52 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-09-16 11:29 - 2014-09-16 11:29 - 00011776 _____ () C:\Program Files (x86)\FastPlayer\FastPlayerUpdaterService.exe
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 _____ () C:\monitor.exe
2014-06-19 19:52 - 2014-06-19 19:52 - 00055808 _____ () C:\Users\Nicole\AppData\Roaming\VOPackage\VOsrv.exe
2014-08-21 12:32 - 2014-09-04 16:52 - 00733576 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2014-06-19 20:26 - 2014-06-19 11:52 - 03354096 _____ () C:\Users\Nicole\AppData\Local\fst_de_51\upfst_de_51.exe
2014-07-20 14:50 - 2014-07-20 14:50 - 00130560 _____ () C:\Program Files (x86)\v04BlockAndSurf\BlockAndSurf.exe
2014-06-19 20:26 - 2014-06-19 11:52 - 03980272 _____ () C:\Program Files (x86)\fst_de_51\fst_de_51.exe
2014-08-21 12:33 - 2014-09-04 16:52 - 00023944 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-09-04 01:24 - 2014-09-04 01:24 - 00827392 _____ () C:\Program Files (x86)\pctrunner\pcproxydll.dll
2014-03-30 19:19 - 2014-03-30 19:19 - 00612664 _____ () C:\Program Files (x86)\v04BlockAndSurf\sqlite3.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-09-14 12:11 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-14 12:11 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-14 12:11 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-14 12:11 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-14 12:11 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-28 17:55 - 2014-09-28 17:55 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f34f9ebcfd653494c2b22c4457aff1d9\IsdiInterop.ni.dll
2011-08-11 22:01 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-09-14 12:11 - 2014-09-04 05:01 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-4251113089-1256187818-3322489946-500 - Administrator - Disabled)
Gast (S-1-5-21-4251113089-1256187818-3322489946-501 - Limited - Disabled)
Nicole (S-1-5-21-4251113089-1256187818-3322489946-1002 - Administrator - Enabled) => C:\Users\Nicole
UpdatusUser (S-1-5-21-4251113089-1256187818-3322489946-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/28/2014 11:19:18 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (712FFB1E) (80131506).
Error: (09/28/2014 10:11:49 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8007000e) festgestellt.
Error: (09/28/2014 10:11:19 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8007000e) festgestellt.
Error: (09/28/2014 10:11:08 PM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - ProgrammfehlerDie Anwendung hat einen Ausnahmefehler generiert, der nicht verarbeitet werden konnte.
Prozess-ID=0xba4 (2980), Thread-ID=0xb78 (2936)
Klicken Sie auf "OK", um die Anwendung zu beenden,
oder auf "Abbrechen", um sie zu debuggen.
Error: (09/28/2014 06:30:45 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Nicole-PC)
Description: Die Anwendung oder der Dienst "linmsl" konnte nicht heruntergefahren werden.
Error: (09/28/2014 06:23:19 PM) (Source: Registry Helper Service) (EventID: 109) (User: )
Description: Error: Service started
Error: (09/28/2014 05:41:53 PM) (Source: Registry Helper Service) (EventID: 109) (User: )
Description: Error: Service started
Error: (09/28/2014 05:37:53 PM) (Source: Registry Helper Service) (EventID: 109) (User: )
Description: Error: Service started
Error: (09/18/2014 08:03:24 PM) (Source: Registry Helper Service) (EventID: 109) (User: )
Description: Error: Service started
Error: (09/17/2014 05:53:42 PM) (Source: MsiInstaller) (EventID: 11309) (User: Nicole-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.
System errors:
=============
Error: (09/30/2014 10:42:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Protect Monitor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/30/2014 10:42:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Protect Monitor erreicht.
Error: (09/29/2014 01:20:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Protect Monitor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/29/2014 01:20:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Protect Monitor erreicht.
Error: (09/28/2014 11:42:23 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff8800f946ff9, 0xfffff88004025bb8, 0xfffff88004025410)C:\Windows\MEMORY.DMP092814-27440-01
Error: (09/28/2014 11:42:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Protect Monitor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/28/2014 11:42:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Protect Monitor erreicht.
Error: (09/28/2014 11:41:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 28.09.2014 um 23:39:58 unerwartet heruntergefahren.
Error: (09/28/2014 11:24:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IePlugin Services" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/28/2014 10:32:12 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 23) (User: NT-AUTORITÄT)
Description: Der Ereignisprotokollierungsdienst hat einen Fehler (Auflösung=1450) beim Initialisieren der Protokollierung der Ressourcen für Kanal "Setup" erkannt.
Microsoft Office Sessions:
=========================
Error: (09/28/2014 11:19:18 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (712FFB1E) (80131506).
Error: (09/28/2014 10:11:49 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8007000e
Error: (09/28/2014 10:11:19 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8007000e
Error: (09/28/2014 10:11:08 PM) (Source: .NET Runtime) (EventID: 0) (User: )
Description: .NET Runtime version : 2.0.50727.5485 - ProgrammfehlerDie Anwendung hat einen Ausnahmefehler generiert, der nicht verarbeitet werden konnte.
Prozess-ID=0xba4 (2980), Thread-ID=0xb78 (2936)
Klicken Sie auf "OK", um die Anwendung zu beenden,
oder auf "Abbrechen", um sie zu debuggen.
Error: (09/28/2014 06:30:45 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Nicole-PC)
Description: 1C:\Program Files (x86)\LPT\linmsl.exelinmsl0511760680
Error: (09/28/2014 06:23:19 PM) (Source: Registry Helper Service) (EventID: 109) (User: )
Description: Service started
Error: (09/28/2014 05:41:53 PM) (Source: Registry Helper Service) (EventID: 109) (User: )
Description: Service started
Error: (09/28/2014 05:37:53 PM) (Source: Registry Helper Service) (EventID: 109) (User: )
Description: Service started
Error: (09/18/2014 08:03:24 PM) (Source: Registry Helper Service) (EventID: 109) (User: )
Description: Service started
Error: (09/17/2014 05:53:42 PM) (Source: MsiInstaller) (EventID: 11309) (User: Nicole-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 43%
Total physical RAM: 4077.64 MB
Available physical RAM: 2319.81 MB
Total Pagefile: 8153.46 MB
Available Pagefile: 5909.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:1678.13 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:25.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
