| mixery45 | 01.04.2015 11:04 |
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Heike at 2015-04-01 11:45:53
Running from C:\Users\Heike\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.17.916 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{7E6316CA-5ED0-4EF9-9920-A92115E286B7}) (Version: 0.7.17.916 - BlueStack Systems, Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2728.0 - CyberLink Corp.)
ETDWare PS/2-X64 11.6.8.001_WHQL (HKLM\...\Elantech) (Version: 11.6.8.001 - ELAN Microelectronic Corp.)
Free Video Call Recorder for Skype version 1.2.16.605 (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.16.605 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Jabra PC Suite 2.14.5888 (HKLM-x32\...\{6D22DD53-EC7D-45E7-A996-A18CB7C8DFE9}) (Version: 2.14.5888.0 - GN Netcom A/S)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.23.20150119 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.108.06300 (HKLM-x32\...\{FC091743-5193-2B65-E49E-E03BC9E8B728}) (Version: 2.12.108.06300 - Sony)
Microsoft OneDrive (HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: - )
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
SaveSense (HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\SaveSense) (Version: - ) <==== ATTENTION
SecurityUtility (HKLM-x32\...\SecurityUtility) (Version: 1.0.0.1974 - )
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Snap.Do Engine (HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\{baeb0754-84dd-421e-a224-508a1f27808a}) (Version: 11.8.1.13233 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\{baeb0754-84dd-421e-a224-508a1f27808a}) (Version: 11.8.1.13233 - ReSoft Ltd.) <==== ATTENTION
Softonic for Windows (HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\Softonic for Windows) (Version: 1.5.11 - Softonic International S.L.) <==== ATTENTION
Softonic for Windows (HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\Softonic for Windows) (Version: 1.5.9 - Softonic International S.L.) <==== ATTENTION
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.3.201402131509 - Sony Mobile Communications AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
ValueApps (HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\ValueApps) (Version: 1.4.0.3 - Conduit) <==== ATTENTION
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WEB.DE Online-Speicher 1.5.1894.0 (HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\WEB.DE Application {sync-000021}) (Version: 1.5.1894.0 - 1&1 Mail & Media GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3821324423-2982179996-1734844203-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Heike\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
12-03-2015 12:17:49 Windows Update
21-03-2015 17:47:21 Geplanter Prüfpunkt
25-03-2015 15:20:54 Installiert LG United Mobile Driver
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {004A9BD8-EDC7-4DE8-A894-8EE41E1131B5} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {03E75CB6-43BE-4A82-BEC4-9C20FB40B17A} - \Feven Pro 1.2-updater No Task File <==== ATTENTION
Task: {0B3FDCB9-B0B4-47BD-8400-49E99D7A64A6} - System32\Tasks\{746B2722-4CDB-465E-B517-E9675956E232} => pcalua.exe -a E:\.\Setup.exe -d E:\ -c AUTORUN=1
Task: {10EAFB74-F441-441F-B1B6-9B631AF7C1FA} - \MediaPlayerEnhance-chromeinstaller No Task File <==== ATTENTION
Task: {132B318E-2C7D-463A-B011-C3F4D3EDE1EF} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe
Task: {15BB5F2D-7E82-4E8C-893F-C42C1AE3E6E3} - System32\Tasks\UNELEVATE_19818 => C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe <==== ATTENTION
Task: {1983278E-4295-449D-8A18-DFBE9A2D0CB2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {1EC90C4C-7E86-40E3-8C09-BCA17A3924CC} - System32\Tasks\DoctorPC_Start => C:\Program Files (x86)\Doctor PC\DoctorPC.exe
Task: {2CEAC2AE-051D-4459-81BD-64A449AF94BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-12] (Microsoft Corporation)
Task: {30BCF48B-2A1C-4B44-9ECE-2D254B272687} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe
Task: {31075835-8A83-41C1-B9B0-6DD2AED5B2AE} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2014-02-13] (Acer Incorporated)
Task: {3506DCEB-8DBE-44FB-A1C0-AF957F855FBB} - \SaveSenseLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {36C2B6D5-CCD1-48E7-A833-1473D0F706BE} - System32\Tasks\DoctorPC_Popup => C:\Program Files (x86)\Doctor PC\Splash.exe
Task: {38EBB2F9-8F29-4294-820C-40EE500A0DB7} - \MediaPlayerEnhance-enabler No Task File <==== ATTENTION
Task: {3AD6B743-24A4-447E-9CA8-92367158839F} - \MediaPlayerEnhance-codedownloader No Task File <==== ATTENTION
Task: {400BFB4E-660E-4F32-8CA7-CEF261688561} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
Task: {42177194-C44C-42EC-B442-9EE4F6B9D230} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {43B16386-FA9F-437E-9D70-32A49D320219} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {43CCEFED-6D94-4D9D-AC2B-007DC5BFB5D7} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {44D51EDA-01CB-4AE7-81B3-8319186F0798} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {48724A3F-31F8-41FF-836F-C4A5BBDECB89} - \MediaPlayerEnhance-firefoxinstaller No Task File <==== ATTENTION
Task: {4B449396-35DA-4AE5-A6E9-7497D5F83739} - \YTDownloader No Task File <==== ATTENTION
Task: {4B7F2325-4267-49E3-9710-A55F295D65EA} - \Plus-HD-2.3-firefoxinstaller No Task File <==== ATTENTION
Task: {56D7622C-7870-4AE5-962B-CDADE77E7424} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-13] (Google Inc.)
Task: {5A7B77D5-B0EB-4B51-8C8F-881D296DF95D} - \Plus-HD-2.3-codedownloader No Task File <==== ATTENTION
Task: {5CAE400C-7B98-42A7-96F7-C56B79E0B300} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit\Re-markit_wd.exe <==== ATTENTION
Task: {6154F844-034C-43AC-B464-72DFCB771846} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-13] (Google Inc.)
Task: {61B1227C-A366-4C41-BEE7-C13630C80ABE} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3821324423-2982179996-1734844203-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {6664A5B9-A0D7-4B5E-94EA-BA6BF33DB802} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {66FA40D8-46CA-4894-AD0A-03BDF40FA844} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {67A8B0C5-9E77-4000-9508-3C79BBC8E509} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {689DFB71-E915-4943-B7DD-7229ACE7E4EB} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {689E6335-08B7-4464-924A-7A21366B3A10} - System32\Tasks\2d3b8e18-8252-455d-9ce6-7b9742666487-4 => C:\Program Files (x86)\Internet Speed Checker\2d3b8e18-8252-455d-9ce6-7b9742666487-4.exe <==== ATTENTION
Task: {6909D9C9-D8B7-4773-ACF7-0D5CD165E007} - \MediaPlayerEnhance-updater No Task File <==== ATTENTION
Task: {6CEDD6E2-E7EA-4233-AFDA-FFA454E894D4} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {81698307-4E1B-4975-AD16-74B268F39A50} - \Feven Pro 1.2-enabler No Task File <==== ATTENTION
Task: {855603F8-93C6-47CC-A519-3D9C450F2ED0} - System32\Tasks\{D10ABFEE-3DC7-4805-BC08-0356439A5B2A} => pcalua.exe -a "C:\Program Files (x86)\di1BlockAndSurf\Uninstall.exe"
Task: {89C8CCE9-4606-4EDD-BEC8-CD226218949C} - System32\Tasks\{B29E8942-89A6-4503-9F3E-CD59A3FDAC57} => pcalua.exe -a "C:\Program Files\McAfee\MSC\mcuihost.exe" -c /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall
Task: {8C7C1DD6-3A10-4B34-BF9A-90C876D95757} - \Plus-HD-2.3-enabler No Task File <==== ATTENTION
Task: {90B585DD-B0F7-4FE7-B0C8-D8F5F7E26B16} - \Feven Pro 1.2-chromeinstaller No Task File <==== ATTENTION
Task: {9997C14C-D8D6-47BC-BD7C-B5D35172844D} - \Plus-HD-2.3-updater No Task File <==== ATTENTION
Task: {A4E963AE-0DD4-4D43-B53F-86F765E828D3} - \Feven Pro 1.2-firefoxinstaller No Task File <==== ATTENTION
Task: {A751E975-AAAF-4EEF-A1CB-BDBE87CB6AB0} - \SaveSense No Task File <==== ATTENTION
Task: {A776AB8E-5E5B-4E08-BCE2-BEE79D7C5E28} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {B186B64F-B6FA-446A-8FCE-F13E40401EF3} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {B28D1463-ABD2-48BF-8702-682EB3EAA2F2} - \Plus-HD-2.3-chromeinstaller No Task File <==== ATTENTION
Task: {CE294ACA-F7C0-4801-A6CB-ED18469F7646} - \AmiUpdXp No Task File <==== ATTENTION
Task: {D4E8B87B-7D7B-4A74-8C57-E350B346F519} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {E83098B9-BC16-4E14-8258-B9D09A0A3B0D} - \Feven Pro 1.2-codedownloader No Task File <==== ATTENTION
Task: {EF53AB77-A471-41CC-9B09-5001A7BA21AC} - \Re-markit Update No Task File <==== ATTENTION
Task: {F1516FAA-A4B8-41B9-8CAE-F87F1A483F26} - System32\Tasks\{78FD969F-3B2C-4970-A9CB-8A8E6B4FF3A6} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.59.105/de/go/help.faq.installer?LastError=1638
Task: {F9D6D5E4-5D4B-47CA-9837-7EDC49E76312} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {FC5DEDDD-27C7-4462-B376-09F94D9274E7} - System32\Tasks\Groovorio Updater => C:\Users\Heike\AppData\Roaming\GroovorioUpdater\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: C:\WINDOWS\Tasks\2d3b8e18-8252-455d-9ce6-7b9742666487-4.job => C:\Program Files (x86)\Internet Speed Checker\2d3b8e18-8252-455d-9ce6-7b9742666487-4.exe�/cCZMfeSA /EULsgStB='Internet Speed Checker' /RanEoJ C:\Program Files (x86)\Internet Speed Checker\2d3b8e18-8252-455d-9ce6-7b9742666487.xpi' /qZerxEp=60135 /LAGNHump='001726' /zlGDEpa='0' /HVzXtNy='0' /ggHcsUA=C76E374ED44942EBACE974BA260CD894IE /aMfofmGBR=a5f2f2f61e20d057dbf1acab553b48fb /ZYSIh=1_34_07_01 /UfsKgx=1.34.7.1 /oPfzFlAg=1405775161 /HVFDO=http:/stats.genstatsnet.com /aSYWFrS=http:/errors.genstatsnet.com /EiEqtOy=300 /pwecmz=55431e5d-afb5-4773-b44d-96e3ce673068@76f43df1-6250-4906-af5f-9b1077a5a103.com /QLZumaMwy=0.95 /zZXXloF=a55431e5dafb54773b44d96e3ce67306876f43df162504906af5f9b1077a5a103com60135 /zorOFLDxT=https:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/60135.rdf /aAiVVgDmZ='Internet Speed Checker' /qPdhclo='Test your internet speed with 1-click' /eVbrN='Speedchecker' /INsFsII=ch /TGNMdcyOR='{asw:[4, 257, 4096]}' /JTyUet /cSPRk /lDxORFfy /zYPeaB='http:/update.genstatsnet.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Groovorio Updater.job => C:\Users\Heike\AppData\Roaming\GROOVO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit\Re-markit_wd.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) ==============
2013-06-27 21:55 - 2013-08-06 17:21 - 00358968 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2015-02-13 18:08 - 2015-02-12 19:46 - 00518144 _____ () C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe
2013-09-05 03:36 - 2013-09-05 03:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-07 02:48 - 2013-09-07 02:48 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 02:45 - 2013-09-07 02:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 02:52 - 2013-09-07 02:52 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-01-06 15:18 - 2015-01-06 15:18 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2012-08-30 06:40 - 2012-08-30 06:40 - 03331216 _____ () C:\Program Files (x86)\Acer\Live Updater\updater.exe
2012-11-02 17:38 - 2012-11-02 17:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-02 17:37 - 2012-11-02 17:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-02 17:38 - 2012-11-02 17:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-02 17:37 - 2012-11-02 17:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-02 17:37 - 2012-11-02 17:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-02 17:37 - 2012-11-02 17:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-02 17:37 - 2012-11-02 17:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-11-05 23:00 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-02-13 16:12 - 2014-02-13 16:12 - 00279296 _____ () C:\Program Files (x86)\Acer\Acer Portal\libcurl.dll
2013-12-06 18:08 - 2013-12-06 18:08 - 00048384 _____ () C:\Program Files (x86)\Acer\Acer Portal\LocalDevice.dll
2013-12-06 18:08 - 2013-12-06 18:08 - 00030464 _____ () C:\Program Files (x86)\Acer\Acer Portal\LocalDeviceDiscovery.dll
2013-12-06 18:08 - 2013-12-06 18:08 - 00081664 _____ () C:\Program Files (x86)\Acer\Acer Portal\GREGCommLib.dll
2015-03-21 15:05 - 2015-03-14 12:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-21 15:05 - 2015-03-14 12:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-21 15:05 - 2015-03-14 12:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-21 15:05 - 2015-03-14 12:12 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:05E9FFE5
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:792D4CF1
AlternateDataStreams: C:\ProgramData\Temp:DBC416F8
AlternateDataStreams: C:\Users\Heike\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Heike\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Heike\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img9.jpg
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^StartUp^Jabra Device Service.lnk => C:\Windows\pss\Jabra Device Service.lnkCommon Startup
HKLM\...\StartupApproved\StartupFolder: => "Launcher.lnk"
HKLM\...\StartupApproved\Run32: => "LManager"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\StartupApproved\Run: => "Badoo Desktop"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\StartupApproved\Run: => "DVSSkypeRecorder"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\StartupApproved\Run: => "WEB.DE Application {sync-000021}"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\StartupApproved\Run: => "Softonic for Windows"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\StartupApproved\Run: => "WEB.DE Application {sync-000021}"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\StartupApproved\Run: => "Softonic for Windows"
==================== Accounts: =============================
Administrator (S-1-5-21-3821324423-2982179996-1734844203-500 - Administrator - Disabled)
Gast (S-1-5-21-3821324423-2982179996-1734844203-501 - Limited - Disabled)
Heike (S-1-5-21-3821324423-2982179996-1734844203-1002 - Administrator - Enabled) => C:\Users\Heike
HomeGroupUser$ (S-1-5-21-3821324423-2982179996-1734844203-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3821324423-2982179996-1734844203-1005 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: IWD Bus Enumerator
Description: IWD Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: iwdbus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (03/31/2015 02:19:05 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/">.
Error: (03/31/2015 02:19:04 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/">.
Error: (03/31/2015 02:10:00 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=41.0.2272.101;lang=;guid=D705264B45134EB3AE758BA22350B498;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\00064423-12f0-45ac-87df-78e11db4e6aa.dmp
Error: (03/31/2015 09:42:44 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/">.
Error: (03/31/2015 09:42:42 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/">.
Error: (03/30/2015 06:10:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (03/30/2015 05:51:03 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/">.
Error: (03/30/2015 05:51:02 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/">.
Error: (03/30/2015 05:50:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/">.
Error: (03/30/2015 05:50:32 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/">.
System errors:
=============
Error: (03/30/2015 00:55:28 AM) (Source: DCOM) (EventID: 10010) (User: HEIKEPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (03/30/2015 00:55:28 AM) (Source: DCOM) (EventID: 10010) (User: HEIKEPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (03/20/2015 01:15:43 PM) (Source: DCOM) (EventID: 10005) (User: HEIKEPC)
Description: 1053WSearchNicht verfügbar{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (03/20/2015 01:15:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/20/2015 01:15:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (03/20/2015 01:15:43 PM) (Source: DCOM) (EventID: 10005) (User: HEIKEPC)
Description: 1053WSearchNicht verfügbar{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (03/20/2015 01:15:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/20/2015 01:15:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (03/20/2015 01:15:42 PM) (Source: DCOM) (EventID: 10005) (User: HEIKEPC)
Description: 1053WSearchNicht verfügbar{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (03/20/2015 01:15:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (03/31/2015 02:19:05 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/
Error: (03/31/2015 02:19:04 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/
Error: (03/31/2015 02:10:00 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=41.0.2272.101;lang=;guid=D705264B45134EB3AE758BA22350B498;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\00064423-12f0-45ac-87df-78e11db4e6aa.dmp
Error: (03/31/2015 09:42:44 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/
Error: (03/31/2015 09:42:42 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/
Error: (03/30/2015 06:10:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe
Error: (03/30/2015 05:51:03 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/
Error: (03/30/2015 05:51:02 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/
Error: (03/30/2015 05:50:34 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/
Error: (03/30/2015 05:50:32 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: 300x80040d07iehistory://{S-1-5-21-3821324423-2982179996-1734844203-1002}/
CodeIntegrity Errors:
===================================
Date: 2015-03-22 00:26:25.922
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-22 00:26:25.828
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-22 00:26:25.734
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-22 00:25:40.359
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-22 00:25:40.250
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-15 20:41:23.998
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-15 20:41:23.812
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-15 20:20:43.565
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-15 20:20:43.362
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-15 20:20:13.024
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 3911.27 MB
Available physical RAM: 2237.78 MB
Total Pagefile: 7504.58 MB
Available Pagefile: 4707.34 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:448.41 GB) (Free:391.2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4FB70184)
Partition: GPT Partition Type.
==================== End Of Log ============================
--- --- ---
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Heike (administrator) on HEIKEPC on 01-04-2015 11:55:41
Running from C:\Users\Heike\Downloads
Loaded Profiles: Heike & UpdatusUser (Available profiles: Heike & UpdatusUser)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Over the Rainbow Tech) C:\ProgramData\SecurityUtility\ColorMedia.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
() C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Time Lapse Solutions) C:\ProgramData\dgNuXr\dBGPEai.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-08-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [fst_de_64] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18247424 2014-02-13] (Acer Incorporated)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [1067232 2012-12-24] (Badoo)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\Run: [DVSSkypeRecorder] => C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe [868408 2013-11-25] (DVDVideoSoft Ltd.)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\Run: [Softonic for Windows] => C:\Users\Heike\AppData\Local\Softonic\Softonic.exe [4170224 2014-04-29] (Softonic)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31346784 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\MountPoints2: {33d51658-6174-11e3-bf9e-001e101f9bec} - "E:\.\Setup.exe" AUTORUN=1
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\MountPoints2: {6c1d4d35-d27f-11e4-8027-b888e3d0d8e8} - "E:\LG_PC_Programs.exe"
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18247424 2014-02-13] (Acer Incorporated)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [1067232 2012-12-24] (Badoo)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\Run: [DVSSkypeRecorder] => C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe [868408 2013-11-25] (DVDVideoSoft Ltd.)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31346784 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\Run: [Softonic for Windows] => C:\Users\Heike\AppData\Local\Softonic\Softonic.exe [4170224 2014-04-29] (Softonic)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hppp&ts=1423843662&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hppp&ts=1423843662&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NSBU&pvid=22.0.0.110
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAapxXtpnEEtDOcqilq3fDgC_d3U2mAqPoovDNcqgOL88BXAPefVsbfb-CMjcN1cGxw7BuAK07CTj9psEw9bD6ZmXB7i6gnUYxuYZRz7BUll9dxYTPMP1cSeTspFFURtazMEYxlNQk--l2kKPNwy7YZTfDxhPJOLpg,,&q={searchTerms}
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://badoo.com/startpage/
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hppp&ts=1423843662&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808
HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAapxXtpnEEtDOcqilq3fDgC_d3U2mAqPoovDNcqgOL88BXAPefVsbfb-CMjcN1cGxw7BuAK07CTj9psEw9bD6ZmXB7i6gnUYxuYZRz7BUll9dxYTPMP1cSeTspFFURtazMEYxlNQk--l2kKPNwy7YZTfDxhPJOLpg,,&q={searchTerms}
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NSBU&pvid=22.0.0.110
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAapxXtpnEEtDOcqilq3fDgC_d3U2mAqPoovDNcqgOL88BXAPefVsbfb-CMjcN1cGxw7BuAK07CTj9psEw9bD6ZmXB7i6gnUYxuYZRz7BUll9dxYTPMP1cSeTspFFURtazMEY10KH6EuVopMej1oC1Ixh3sJAKHKJ91LM3pS&q={searchTerms}
HKU\S-1-5-21-3821324423-2982179996-1734844203-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAapxXtpnEEtDOcqilq3fDgC_d3U2mAqPoovDNcqgOL88BXAPefVsbfb-CMjcN1cGxw7BuAK07CTj9psEw9bD6ZmXB7i6gnUYxuYZRz7BUll9dxYTPMP1cSeTspFFURtazMEY10KH6EuVopMej1oC1Ixh3sJAKHKJ91LM3pS&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=dspp&ts=1423843662&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&q={searchTerms}
SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=dspp&ts=1423843662&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=219&itype=a&ver=12791&tm=388&src=ds&p={searchTerms}
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=dspp&ts=1423843662&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAapxXtpnEEtDOcqilq3fDgC_d3U2mAqPoovDNcqgOL88BXAPefVsbfb-CMjcN1cGxw7BuAK07CTj9psEw9bD6ZmXB7i6gnUYxuYZRz7BUll9dxYTPMP1cSeTspFFURtazMEY10KH6EuVopMej1oC1Ixh3sJAKHKJ91LM3pS&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=dspp&ts=1423843662&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {e4a1ece8-ed94-4f93-80ea-75f978ceaf24} URL =
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1002 -> DefaultScope {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&ts=1423843676&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&ts=1423843676&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1002 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&ts=1423843676&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=dspp&ts=1423843662&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1002 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1002 -> {e4a1ece8-ed94-4f93-80ea-75f978ceaf24} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&ts=1423843676&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1002 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&ts=1423843676&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1005 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAapxXtpnEEtDOcqilq3fDgC_d3U2mAqPoovDNcqgOL88BXAPefVsbfb-CMjcN1cGxw7BuAK07CTj9psEw9bD6ZmXB7i6gnUYxuYZRz7BUll9dxYTPMP1cSeTspFFURtazMEY10KH6EuVopMej1oC1Ixh3sJAKHKJ91LM3pS&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1005 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&ts=1423843676&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1005 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=dspp&ts=1423843662&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1005 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1005 -> {e4a1ece8-ed94-4f93-80ea-75f978ceaf24} URL =
SearchScopes: HKU\S-1-5-21-3821324423-2982179996-1734844203-1005 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://istart.webssearches.com/web/?utm_source=b&utm_medium=cvs&utm_campaign=install_ie&utm_content=ds&from=cvs&uid=WDCXWD5000LPVT-22G33T0_WD-WX31A82T7808T7808&ts=1423843676&type=default&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-05-27] (DVDVideoSoft Ltd.)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-01-16] (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-19] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-07-16] (DVDVideoSoft Ltd.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\ColorMedia64.dll [364024] (Over the Rainbow Tech)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\ColorMedia64.dll [364024] (Over the Rainbow Tech)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\ColorMedia64.dll [364024] (Over the Rainbow Tech)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\ColorMedia64.dll [364024] (Over the Rainbow Tech)
Winsock: Catalog9-x64 05 C:\WINDOWS\system32\ColorMedia64.dll [364024] (Over the Rainbow Tech)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3821324423-2982179996-1734844203-1002: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-10-26]
Chrome:
=======
CHR StartupUrls: Profile 2 -> "https://www.google.de/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Heike\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1217157.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
CHR Profile: C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (GMX MailCheck) - C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\camnampocfohlcgbajligmemmabnljcm [2015-02-13]
CHR Extension: (Adblock Plus) - C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-25]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-17]
CHR Extension: (Tube Downloader NEW) - C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\enbmcodjijkmopehldojdnpcndhcieeg [2015-03-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-13]
CHR Extension: (PDF Viewer) - C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2015-03-17]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-03-17]
CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3821324423-2982179996-1734844203-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-10-26]
CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - No Path Or update_url value
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-08-06] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
R2 ColorMedia; C:\ProgramData\SecurityUtility\ColorMedia.exe [1546208 2015-02-07] (Over the Rainbow Tech) [File not signed]
R2 dBGPEai; C:\ProgramData\dgNuXr\dBGPEai.exe [2733544 2015-02-13] (Time Lapse Solutions)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-11-05] (Dritek System INC.)
R2 SecurityUtility Service; C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe [518144 2015-02-12] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [487056 2015-02-13] (SysTool PasSame LIMITED)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
R3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2013-06-27] (Huawei Technologies Co., Ltd.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-11-05] (Dritek System Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-01 11:55 - 2015-04-01 11:55 - 00032909 _____ () C:\Users\Heike\Downloads\FRST.txt
2015-04-01 11:47 - 2015-04-01 11:47 - 00037600 _____ () C:\Users\Heike\Downloads\scan.txt
2015-04-01 11:45 - 2015-04-01 11:55 - 00038465 _____ () C:\Users\Heike\Downloads\Addition.txt
2015-04-01 11:43 - 2015-04-01 11:55 - 00000000 ____D () C:\FRST
2015-04-01 11:42 - 2015-04-01 11:42 - 02095616 _____ (Farbar) C:\Users\Heike\Downloads\FRST64.exe
2015-03-30 18:12 - 2015-03-30 18:12 - 00000000 ____D () C:\Users\Heike\Tracing
2015-03-28 01:10 - 2015-03-28 01:10 - 00000000 ____D () C:\ProgramData\NetEngine
2015-03-27 16:17 - 2015-03-27 16:17 - 05346704 _____ (Piriform Ltd) C:\Users\Heike\Downloads\ccsetup504pro.exe
2015-03-25 15:54 - 2015-03-25 15:54 - 00000000 ____D () C:\Users\Heike\AppData\Roaming\ML
2015-03-25 15:48 - 2015-03-25 15:48 - 00000000 ____D () C:\Users\Heike\Documents\LG PC Suite
2015-03-25 15:44 - 2015-03-25 15:55 - 00000000 ____D () C:\Users\Heike\AppData\Roaming\LG Electronics
2015-03-25 15:42 - 2015-03-25 15:42 - 00001238 _____ () C:\Users\Public\Desktop\LG PC Suite.lnk
2015-03-25 15:40 - 2015-03-25 15:41 - 12819864 _____ (LG Electronics) C:\Users\Heike\Downloads\LGUnitedMobileDriver_S52MAN314AP22_ML_WHQL_Ver_3.14.1 (1).exe
2015-03-25 15:36 - 2015-03-25 15:41 - 235936216 _____ (LG Electronics) C:\Users\Heike\Downloads\LGPCSuite_Setup (1).exe
2015-03-25 15:25 - 2015-03-25 15:25 - 00000000 ____D () C:\Users\Heike\AppData\Local\LG Electronics
2015-03-25 15:25 - 2015-03-25 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2015-03-25 15:23 - 2015-03-25 15:29 - 00000000 ____D () C:\LGD855
2015-03-25 15:21 - 2015-03-25 15:47 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2015-03-25 15:19 - 2015-03-25 15:28 - 00002411 _____ () C:\WINDOWS\SysWOW64\lgAxconfig.ini
2015-03-25 15:19 - 2015-03-25 15:28 - 00000851 _____ () C:\Users\Heike\Desktop\LGMobile Support Tool.lnk
2015-03-25 15:19 - 2015-03-25 15:20 - 00000000 ____D () C:\ProgramData\LGMOBILEAX
2015-03-25 15:19 - 2015-03-25 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
2015-03-25 15:19 - 2011-05-06 11:37 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr90.dll
2015-03-25 15:19 - 2011-05-06 11:37 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp90.dll
2015-03-25 15:19 - 2011-05-06 11:37 - 00224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcm90.dll
2015-03-25 15:19 - 2006-04-30 06:33 - 00053248 _____ () C:\WINDOWS\SysWOW64\CommonDL.dll
2015-03-25 15:18 - 2015-03-25 15:23 - 235936216 _____ (LG Electronics) C:\Users\Heike\Downloads\LGPCSuite_Setup.exe
2015-03-25 15:18 - 2015-03-25 15:19 - 12819864 _____ (LG Electronics) C:\Users\Heike\Downloads\LGUnitedMobileDriver_S52MAN314AP22_ML_WHQL_Ver_3.14.1.exe
2015-03-25 15:18 - 2015-03-25 15:19 - 00261208 _____ (LG Electronics) C:\Users\Heike\Downloads\B2CAppSetup.exe
2015-03-12 15:31 - 2015-03-04 23:24 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-12 15:31 - 2015-03-04 23:24 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-11 12:33 - 2015-02-07 01:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-11 12:33 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-11 12:33 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 12:33 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-11 12:33 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-11 12:33 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 12:33 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-11 12:33 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 12:33 - 2014-10-29 04:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2015-03-11 12:33 - 2014-10-29 04:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-03-11 12:33 - 2014-10-29 04:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2015-03-11 12:33 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2015-03-11 12:33 - 2014-10-29 03:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2015-03-11 12:33 - 2014-10-29 03:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-03-11 12:33 - 2014-10-29 03:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2015-03-11 12:33 - 2014-10-29 03:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2015-03-11 12:33 - 2014-10-29 03:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-03-11 12:33 - 2014-10-29 03:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2015-03-11 12:33 - 2014-10-29 02:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2015-03-11 12:33 - 2014-10-29 02:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2015-03-11 12:33 - 2014-10-29 02:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2015-03-11 12:33 - 2014-10-29 02:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2015-03-11 12:32 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-11 12:32 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 12:32 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-11 12:32 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-11 12:32 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 12:32 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 12:32 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 12:32 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 12:32 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-11 12:32 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 12:32 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-11 12:32 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-11 12:32 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-11 12:32 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-11 12:32 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-11 12:32 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-11 12:32 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-11 12:32 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-11 12:32 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 12:32 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 12:32 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 12:32 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-11 12:32 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 12:32 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-11 12:32 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 12:32 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-11 12:32 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 12:32 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-11 12:32 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-11 12:32 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-11 12:32 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-11 12:32 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-11 12:32 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 12:32 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 12:32 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-11 12:32 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-11 12:32 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 12:32 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 12:32 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 12:32 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-11 12:32 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-11 12:32 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 12:32 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 12:32 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 12:32 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-11 12:32 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 12:32 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-11 12:32 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-11 12:32 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-11 12:32 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-11 12:32 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 12:32 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-11 12:32 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-11 12:32 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 12:32 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-11 12:32 - 2015-01-30 05:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-11 12:32 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-11 12:32 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-11 12:32 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-11 12:32 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 12:32 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 12:32 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 12:32 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-11 12:32 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 12:32 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-11 12:32 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 12:32 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 12:32 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-11 12:32 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 12:32 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-11 12:32 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 12:32 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:32 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 12:32 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-11 12:32 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-11 12:32 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 12:32 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 12:32 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-11 12:32 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-11 12:32 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 12:32 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-11 12:32 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-11 12:32 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-11 12:32 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 12:32 - 2014-10-29 05:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-03-11 12:32 - 2014-10-29 04:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-03-11 12:32 - 2014-10-29 04:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-03-11 12:32 - 2014-10-29 04:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-03-11 12:32 - 2014-10-29 04:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-03-11 12:32 - 2014-10-29 04:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-03-11 12:32 - 2014-10-29 04:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-03-11 12:32 - 2014-10-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-03-11 12:32 - 2014-10-29 04:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-03-11 12:32 - 2014-10-29 04:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-03-11 12:32 - 2014-10-29 03:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2015-03-11 12:32 - 2014-10-29 03:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-03-11 12:32 - 2014-10-29 03:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-03-11 12:32 - 2014-10-29 02:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2015-03-11 12:32 - 2014-10-29 02:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 12:31 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-11 12:31 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 12:31 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-11 12:31 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 12:31 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-11 12:31 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 12:31 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-11 12:31 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-11 12:31 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-11 12:31 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 12:31 - 2015-01-21 07:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-11 12:31 - 2015-01-21 07:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-11 12:31 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-10 20:41 - 2015-03-10 20:41 - 00003094 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3821324423-2982179996-1734844203-1002
2015-03-09 23:24 - 2015-03-09 23:24 - 05325696 _____ (Piriform Ltd) C:\Users\Heike\Downloads\ccsetup503.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-01 11:55 - 2013-11-30 13:50 - 00000946 _____ () C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2015-04-01 11:53 - 2013-06-23 11:44 - 00506880 ___SH () C:\Users\Heike\Downloads\Thumbs.db
2015-04-01 11:04 - 2013-06-13 21:02 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-01 11:01 - 2015-02-17 22:15 - 01746447 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-01 11:01 - 2014-07-19 15:01 - 00000308 _____ () C:\WINDOWS\Tasks\Groovorio Updater.job
2015-04-01 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-01 09:30 - 2013-11-30 14:48 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{210C90EC-F5D4-48E3-B443-EB60618F6B6C}
2015-04-01 09:29 - 2015-02-17 22:46 - 00000000 __RDO () C:\Users\Heike\OneDrive
2015-04-01 09:29 - 2013-06-13 21:02 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-01 09:28 - 2014-07-19 15:06 - 00002344 _____ () C:\WINDOWS\Tasks\2d3b8e18-8252-455d-9ce6-7b9742666487-4.job
2015-04-01 09:28 - 2014-02-20 21:23 - 00000386 _____ () C:\WINDOWS\Tasks\Re-markit_wd.job
2015-04-01 00:01 - 2014-02-11 13:50 - 00000188 _____ () C:\Users\Heike\AppData\Roaming\WB.CFG
2015-03-31 11:58 - 2014-03-18 12:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-31 11:58 - 2014-03-18 11:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-31 11:58 - 2014-03-18 11:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-30 19:01 - 2013-08-01 01:04 - 00000000 ____D () C:\Users\Heike\AppData\Roaming\Skype
2015-03-30 18:12 - 2015-02-17 22:20 - 00000000 ____D () C:\Users\Heike
2015-03-30 18:10 - 2014-06-26 20:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-30 18:10 - 2013-08-01 01:04 - 00000000 ____D () C:\ProgramData\Skype
2015-03-29 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-27 17:00 - 2013-01-31 14:48 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3821324423-2982179996-1734844203-1002
2015-03-27 16:18 - 2015-02-13 18:45 - 00000000 ____D () C:\Users\Heike\AppData\Local\ZombieInvasion
2015-03-27 16:18 - 2013-02-06 01:11 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-27 16:17 - 2013-02-06 01:11 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-25 15:39 - 2013-08-22 16:46 - 00338007 _____ () C:\WINDOWS\setupact.log
2015-03-25 15:21 - 2012-09-01 20:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-21 15:05 - 2015-02-22 13:03 - 00002421 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-20 17:10 - 2015-02-13 18:11 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-03-20 13:14 - 2015-02-13 18:09 - 00005304 _____ () C:\WINDOWS\SysWOW64\ColorMedia.ini
2015-03-20 13:14 - 2015-02-13 18:09 - 00002904 _____ () C:\WINDOWS\SysWOW64\ColorMediaOff.ini
2015-03-20 13:14 - 2015-02-13 18:09 - 00002904 _____ () C:\WINDOWS\system32\ColorMediaOff.ini
2015-03-20 13:14 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-16 22:05 - 2013-08-21 21:23 - 00000000 ____D () C:\Users\Heike\AppData\Local\Adobe
2015-03-16 22:05 - 2013-01-31 14:40 - 00000000 ____D () C:\Users\Heike\AppData\Roaming\Adobe
2015-03-14 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-12 15:31 - 2013-08-22 16:44 - 00508280 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-12 13:40 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-12 13:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 13:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 13:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-12 13:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-12 13:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-12 13:38 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-12 13:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-12 12:37 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-12 12:30 - 2013-08-07 16:26 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-12 12:25 - 2013-02-05 21:39 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-05 19:19 - 2015-02-22 13:03 - 00002254 _____ () C:\Users\Heike\Desktop\Profil 2 - Chrome.lnk
2015-03-05 19:19 - 2015-02-22 13:03 - 00002222 _____ () C:\Users\Heike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-03-03 15:17 - 2013-06-18 14:56 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2014-06-21 13:02 - 2014-06-21 15:16 - 0000318 _____ () C:\Users\Heike\AppData\Roaming\aps.uninstall.scan.results
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Heike\AppData\Roaming\KO
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Heike\AppData\Roaming\OZSFQLSW
2014-02-11 13:50 - 2015-04-01 00:01 - 0000188 _____ () C:\Users\Heike\AppData\Roaming\WB.CFG
2014-12-02 02:01 - 2014-12-17 01:01 - 0000010 _____ () C:\Users\Heike\AppData\Local\DSI.DAT
2014-12-17 01:01 - 2014-12-17 01:01 - 0022528 _____ () C:\Users\Heike\AppData\Local\dsisetup3688576562.exe
2014-12-02 02:01 - 2014-12-02 02:01 - 0022528 _____ () C:\Users\Heike\AppData\Local\dsisetup5718629682.exe
2015-02-17 22:15 - 2015-02-17 22:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Heike\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-29 05:55
==================== End Of Log ============================
--- --- ---
--- --- --- |
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
dann auf 
und dann auf 
. 