Lollipop und andere Viren entfernen- Windows8; 64bit

Swoopy · 16.04.2014, 18:18

Ich hab mir vor paar Tagen wie auch immer "Lollipop" auf meinen Rechner geholt... Mittlerweile macht das Programm hier soviel Schaden, dass immer wieder der Internetbrowser von allein aufgeht mit diversen Seiten, einige Seiten ständig neu geladen werden und man mit denen nicht arbeiten kann (auch bei diesem Forum- musste das Neuladen durch klicken aufs X unterbinden, damit der nicht ständig vom Forum wegspringt).

Entfernen kann ich Lollipop von allein nicht, hab ich schon versucht.

Ich hab leider den Überblick verloren, was bereits alles geschädigt ist.

Mein Betriebssystem:

Windows 8
64 bit

Ich brauche euch dringend

Bitte Bitte

Gez.
eine Jungfer in Nöten

schrauber · 16.04.2014, 18:26

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Swoopy · 17.04.2014, 10:19

Vielen Dank! Hier das Ergebnis:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-04-2014 01
Ran by Shy at 2014-04-16 19:35:54
Running from C:\Users\Shy\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12594 - Systweak Software) <==== ATTENTION
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden
Bandizip (HKCU\...\Bandizip) (Version: 3.07 - Bandisoft.com)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.1.4319 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DomaIQ Uninstaller (HKLM-x32\...\DomaIQ Uninstaller) (Version:  - Tuguu SLU)
DownTango (HKLM-x32\...\DownTango) (Version: 1.0.714 - Red Sky Sp. z o.o.) <==== ATTENTION
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
DTV (HKLM-x32\...\InstallShield_{D1BA1F1C-D88B-405D-953F-D7074B65453D}) (Version: 1.4.36.633 build 1244 - )
DTV (x32 Version: 1.4.36.633 build 1244 - ) Hidden
Extended Update (HKCU\...\UpdaterEX) (Version:  - )
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Flyff (HKLM-x32\...\{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1) (Version: Flyff - Gala Networks Europe Limited)
GameCenter (HKLM-x32\...\GameCenter) (Version:  - )
Gameforge Live 1.6.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.6.0 - Gameforge)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
G'MIC for GIMP Version 1.5.6.1 (HKLM-x32\...\G'MIC for GIMP_is1) (Version: 1.5.6.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.29302 (CD 2.4d) - Hauppauge Computer Works)
HDvid Codec V1 (HKLM-x32\...\HDvid Codec V1) (Version: 1.27.153.8 - installdaddy) <==== ATTENTION
HDVidCodec (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com) <==== ATTENTION
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
ICQ 8.0 (build 5981, für aktuellen Benutzer) (HKCU\...\ICQ) (Version: 8.0.5981.0 - Mail.Ru)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 15 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217015FF}) (Version: 7.0.150 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Livebrush Mini (HKLM-x32\...\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1) (Version: 1.5 - MoreMeYou)
Livebrush Mini (x32 Version: 1.5 - MoreMeYou) Hidden
Lollipop (HKCU\...\lollipop_04111938) (Version:  - Lollipop Network, S.L.) <==== ATTENTION
MediaPlayerplus (HKLM-x32\...\MediaPlayerplus) (Version: 1.34.3.28 - Freeven)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MoodTuner (HKLM-x32\...\com.gugga.radiomini) (Version: 1.1 - GUGA EOOD)
MoodTuner (x32 Version: 1.1 - GUGA EOOD) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.2.0.38 - Symantec Corporation)
NVIDIA Grafiktreiber 311.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.41 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.41 (Version: 311.41 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Save Sense (remove only) (HKCU\...\Save Sense) (Version: 6.4.1.0 - SaveSense) <==== ATTENTION
SaveSense (HKCU\...\SaveSense) (Version:  - SaveSense) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.20.154 - Conduit) <==== ATTENTION
Shopping Helper Smartbar (HKLM-x32\...\{7DD65DA0-AD4F-4974-AAC6-5834DD7F6841}) (Version: 11.43.63.16271 - ReSoft Ltd.) <==== ATTENTION
Skype™ 6.9 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.9.106 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Sumo Paint Bamboo 2.2 (HKLM-x32\...\com.sumopaint.bamboo.E63110E28E55D139F7D67D94E57B73BDB07BA618.1) (Version: v2.2 - UNKNOWN)
Sumo Paint Bamboo 2.2 (x32 Version: 2.2 - UNKNOWN) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - )
Vodafone Mobile Connect Lite (HKLM-x32\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.17550 - Vodafone)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
Whilokii 1.0.0 (HKLM\...\Whilokii) (Version: 1.0.0 - Whilokii) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wizard101(DE) (HKCU\...\Wizard101(DE)_is1) (Version:  - Gameforge 4D GmbH)
WPM17.8.0.3442 (HKLM-x32\...\WPM) (Version: 17.8.0.3442 - Cherished Technololgy LIMITED) <==== ATTENTION
Zipper (HKLM-x32\...\{40B325F7-2A46-41E0-BE2F-23C19F7F101E}) (Version: 1.0.3 - Tuguu SL)

==================== Restore Points  =========================

28-03-2014 17:58:17 Geplanter Prüfpunkt
09-04-2014 19:34:10 Removed SweetIM for Messenger 3.7
09-04-2014 19:34:37 Removed SweetIM for Messenger 3.7
13-04-2014 07:46:07 Windows Update
16-04-2014 14:39:00 Removed Bonjour

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0980E8C7-0085-4C8B-B5BE-AA50F8607490} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {0B8403A4-6237-4633-A95E-C85C18B0D69A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {27BF7ED3-D4BC-484C-985D-2491EA904B84} - System32\Tasks\bedfe857-1851-4105-9b92-9447f52989ce-3 => C:\Program Files (x86)\Freeven Pro 1.3\bedfe857-1851-4105-9b92-9447f52989ce-3.exe [2014-03-28] (Freeven)
Task: {3279BF0D-955F-4B5D-9269-FAA665E24D6D} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {466E6ED5-33F6-41B7-93EE-B36628260189} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-04-09] (SaveSense) <==== ATTENTION
Task: {55113738-D1EA-4864-AF3D-19045F664215} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5AAA6364-BF65-44ED-B344-5213E9FD9C7B} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {5B4C96BC-12D6-46E5-9A8E-5EC014DAF866} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6C4F3685-7325-4D34-994B-ED8B60E9D218} - System32\Tasks\1d58acf1-29e5-4c8e-a536-e04dd320ab01-3 => C:\Program Files (x86)\MediaPlayerplus\1d58acf1-29e5-4c8e-a536-e04dd320ab01-3.exe [2014-03-28] (Freeven)
Task: {72560691-588B-47DB-960D-15B8C852DE3C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {7EE8A961-26FB-4A23-A8C1-F3411161463C} - System32\Tasks\UpdaterEX => C:\Users\Shy\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {84B271A6-1207-49C2-86FD-B69F99B3D76D} - System32\Tasks\SaveSense => C:\Users\Shy\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {85C77070-72E2-4CE7-B9E0-7E7ADAACC96B} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-04-09] (SaveSense) <==== ATTENTION
Task: {8BBA5135-A136-4606-A27D-B5C1485DBD56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {8DF25D0A-9650-490C-94FA-39E1A54BB9C2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {A68D5F16-D904-4C7B-830A-E15AAA3AED02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AE577C77-D37A-489B-AB80-8097C3AA2EE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {B577135B-8198-4532-A9F7-EDB2C6D54922} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8262C1E-9E02-4FE4-B207-4AA16D42A1B8} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F09C0D5E-B42C-4658-8DF1-DC218C98C9CC} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-02-28] (Systweak) <==== ATTENTION
Task: {F15EE7C0-BFA8-4E65-BAB2-CF5DD8C821F6} - System32\Tasks\HPCeeScheduleForShy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: C:\windows\Tasks\1d58acf1-29e5-4c8e-a536-e04dd320ab01-3.job => C:\Program Files (x86)\MediaPlayerplus\1d58acf1-29e5-4c8e-a536-e04dd320ab01-3.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\bedfe857-1851-4105-9b92-9447f52989ce-3.job => C:\Program Files (x86)\Freeven Pro 1.3\bedfe857-1851-4105-9b92-9447f52989ce-3.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForShy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\SaveSense.job => C:\Users\Shy\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\windows\Tasks\UpdaterEX.job => C:\Users\Shy\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-10-05 03:05 - 2014-04-16 03:49 - 00350488 _____ () C:\Program Files (x86)\Whilokii\updateWhilokii.exe
2013-10-25 17:30 - 2014-04-16 03:16 - 00350488 _____ () C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe
2014-03-26 03:36 - 2014-03-26 03:36 - 00355328 _____ () C:\Users\Shy\AppData\Roaming\VOPackage\VOsrv.exe
2012-08-06 23:50 - 2012-08-06 23:50 - 00607744 _____ () C:\windows\system32\spool\DRIVERS\x64\3\JobCapsA.DLL
2012-08-29 12:02 - 2012-08-29 12:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-08-16 10:57 - 2012-12-11 13:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2012-10-16 11:39 - 2012-10-16 11:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2013-01-12 12:57 - 2013-01-12 12:57 - 00120224 _____ () C:\Users\Shy\AppData\Local\assembly\dl3\EDVMC1YE.5ND\YTH0BKO7.5K1\88588a02\0017145d_cd85cd01\HPItunesModule.DLL
2014-03-21 01:26 - 2014-03-21 01:26 - 00287000 _____ () C:\Program Files (x86)\Whilokii\bin\FilterApp_C64.exe
2014-04-09 21:57 - 2014-04-08 00:02 - 00095512 _____ () C:\Program Files (x86)\Whilokii\bin\Whilokii.BrowserAdapter.exe
2013-06-10 00:23 - 2011-10-27 21:16 - 00018944 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2012-12-04 05:21 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-09 21:16 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-04-09 21:16 - 2014-02-28 18:29 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2013-01-12 16:47 - 2013-01-12 16:47 - 00851456 _____ () C:\Users\Shy\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2012-12-04 05:27 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 17:50 - 2012-08-10 17:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00046624 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00068640 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\srau.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00165408 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 02283040 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00066592 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\spbl.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00154656 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00014368 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\siem.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00063520 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\sppsm.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00696864 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00014880 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00078880 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00027168 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00056864 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\srut.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00029216 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\srsbs.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00065568 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00030752 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\srom.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00030752 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\smtu.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00038944 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\smta.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00024096 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\sgml.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00043552 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\srbu.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00061472 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00024608 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\srpdm.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00043040 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-03-30 10:48 - 2014-03-30 10:48 - 00026656 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00035360 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00193056 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\sgmu.dll
2014-03-30 10:46 - 2014-03-30 10:46 - 00061440 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00255008 _____ () C:\Users\Shy\AppData\Local\Smartbar\Application\srns.dll
2013-10-14 05:33 - 2013-11-26 10:48 - 03008624 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-10-14 05:33 - 2013-11-26 10:48 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-10-14 05:33 - 2013-11-26 10:48 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-04-09 00:30 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-09 21:57 - 2014-04-08 00:02 - 00179480 _____ () C:\Program Files (x86)\Whilokii\bin\WhilokiiBAApp.dll
2014-04-09 00:30 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-09 00:30 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-09 00:30 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-09 00:30 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-09 00:30 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-04-09 00:30 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2014 05:54:03 PM) (Source: MsiInstaller) (User: BeShy)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.

Error: (04/16/2014 05:32:37 PM) (Source: Windows Search Service) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.

Error: (04/16/2014 05:32:36 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (04/16/2014 05:32:34 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Error: (04/16/2014 05:32:33 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (04/16/2014 05:14:51 PM) (Source: MsiInstaller) (User: BeShy)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.

Error: (04/16/2014 05:12:47 PM) (Source: Windows Search Service) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.

Error: (04/16/2014 05:12:44 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (04/16/2014 05:12:40 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Error: (04/16/2014 05:12:38 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue


System errors:
=============
Error: (04/16/2014 05:53:32 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (04/16/2014 05:34:40 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (04/16/2014 05:32:03 PM) (Source: ps6ahqjb) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (04/16/2014 05:15:16 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (04/16/2014 05:15:16 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (04/16/2014 05:11:49 PM) (Source: ps6ahqjb) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (04/16/2014 05:11:00 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (04/16/2014 05:04:56 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (04/16/2014 05:04:52 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (04/16/2014 05:01:35 PM) (Source: ps6ahqjb) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.


Microsoft Office Sessions:
=========================
Error: (04/16/2014 05:54:03 PM) (Source: MsiInstaller)(User: BeShy)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/16/2014 05:32:37 PM) (Source: Windows Search Service)(User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.   0x0

Error: (04/16/2014 05:32:36 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog

Error: (04/16/2014 05:32:34 PM) (Source: Windows Search Service)(User: )
Description: 

Error: (04/16/2014 05:32:33 PM) (Source: VMCService)(User: )
Description: conflictManagerTypeValue

Error: (04/16/2014 05:14:51 PM) (Source: MsiInstaller)(User: BeShy)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/16/2014 05:12:47 PM) (Source: Windows Search Service)(User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.   0x0

Error: (04/16/2014 05:12:44 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog

Error: (04/16/2014 05:12:40 PM) (Source: Windows Search Service)(User: )
Description: 

Error: (04/16/2014 05:12:38 PM) (Source: VMCService)(User: )
Description: conflictManagerTypeValue


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 8147.36 MB
Available physical RAM: 5155.2 MB
Total Pagefile: 10003.36 MB
Available Pagefile: 6377.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1850.33 GB) (Free:1753.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: B67D538B)

Partition: GPT Partition Type.

==================== End Of Log ============================

Entschuldige, das FRST. vergessen:

FRST Log.

Addition steht oben drüber. Ich danke dir.

[CODE]ï»¿
FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 01
Ran by Shy (administrator) on BESHY on 16-04-2014 19:35:29
Running from C:\Users\Shy\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenUSB.exe
() C:\Program Files (x86)\Whilokii\updateWhilokii.exe
() C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe
() C:\Users\Shy\AppData\Roaming\VOPackage\VOsrv.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(ICQ) C:\Users\Shy\AppData\Roaming\ICQM\icq.exe
(Spotify Ltd) C:\Users\Shy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Smartbar) C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.exe
() C:\Program Files (x86)\Whilokii\bin\FilterApp_C64.exe
() C:\Program Files (x86)\Whilokii\bin\Whilokii.BrowserAdapter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [DTVRemote] => C:\Program Files (x86)\DTV\RemoteControl.exe [61440 2006-07-11] ()
HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2403840 2009-09-11] (Vodafone)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-08] (Hewlett-Packard)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\Run: [icq] => C:\Users\Shy\AppData\Roaming\ICQM\icq.exe [26606072 2013-01-12] (ICQ)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\Run: [Spotify] => C:\Users\Shy\AppData\Roaming\Spotify\Spotify.exe [6087224 2014-04-09] (Spotify Ltd)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\Run: [Spotify Web Helper] => C:\Users\Shy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-09] (Spotify Ltd)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20473504 2013-10-02] (Skype Technologies S.A.)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Shy\AppData\Local\Smartbar\Application\Smartbar.exe [28192 2014-03-30] (Smartbar)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\MountPoints2: {85048ddc-7369-11e2-be74-10604b5f8bb4} - "G:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\MountPoints2: {85048e17-7369-11e2-be74-10604b5f8bb4} - "G:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\MountPoints2: {85048f0f-7369-11e2-be74-10604b5f8bb4} - "I:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\MountPoints2: {ab3b5baa-554b-11e3-bea8-10604b5f8bb4} - "G:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\MountPoints2: {e2788c9e-dcde-11e2-be89-001e101f906f} - "G:\setup_vmc_lite.exe" /checkApplicationPresence
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355552 2014-04-08] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050912 2014-04-08] (Conduit)
Startup: C:\Users\Schiffer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Shy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=M790A6934-938D-4DED-9959-B45D7F348ECF&SearchSource=55&CUI=&UM=5&UP=SP553419F1-CDC6-48EE-BA12-1C16327F3C0C&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396038229&from=tugs&uid=ST2000DM001-9YN164_Z1E1TSQV
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd50FSSGyZbxU0FG-KnUAfpo7yM5hHrNk3zbJub_C1RcPz57D9IsZuzwQzdGbKLnEWMBumsc8sP78z_DRz17_pbj7ERDZiRCyTTFdJR9qzHsbBTNEcBdYj0gECOL6Lc_rc,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd50FSSGyZbxU0FG-KnUAfpo7yM5hHrNk3zbJub_C1RcPz57D9IsZuzwQzdGbKLnEWMBumsc8sP78z_DRz17_pbj7ERDZiRCyTTFdJR9qzHsbBTNEcBdYj0gECOL6Lc_rc,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396038229&from=tugs&uid=ST2000DM001-9YN164_Z1E1TSQV&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396038229&from=tugs&uid=ST2000DM001-9YN164_Z1E1TSQV
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzutCtDyCtDyE0ByD0Fzz0B0ByEyC0CyE0EtN0D0Tzu0SzztAyCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCtB0CyDzzyCtBtDtG0DzztD0FtGtCyCtB0BtG0FzzyB0BtGtA0AyEyDzzzy0AyC0F0FtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtAtDtCtAyByEyEtG0A0ByCtAtGtAzzyCtCtG0A0Azy0CtGyEyBtCyEtCyE0F0AzzyEtBtA2Q&cr=167206671&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396038229&from=tugs&uid=ST2000DM001-9YN164_Z1E1TSQV&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396038229&from=tugs&uid=ST2000DM001-9YN164_Z1E1TSQV&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396038229&from=tugs&uid=ST2000DM001-9YN164_Z1E1TSQV
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzutCtDyCtDyE0ByD0Fzz0B0ByEyC0CyE0EtN0D0Tzu0SzztAyCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCtB0CyDzzyCtBtDtG0DzztD0FtGtCyCtB0BtG0FzzyB0BtGtA0AyEyDzzzy0AyC0F0FtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtAtDtCtAyByEyEtG0A0ByCtAtGtAzzyCtCtG0A0Azy0CtGyEyBtCyEtCyE0F0AzzyEtBtA2Q&cr=167206671&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396038229&from=tugs&uid=ST2000DM001-9YN164_Z1E1TSQV&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396038229&from=tugs&uid=ST2000DM001-9YN164_Z1E1TSQV
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396038229&from=tugs&uid=ST2000DM001-9YN164_Z1E1TSQV&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396038229&from=tugs&uid=ST2000DM001-9YN164_Z1E1TSQV&q={searchTerms}
SearchScopes: HKLM - {34417101-EE22-45BE-B7BC-128EC8F60190} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd50FSSGyZbxU0FG-KnUAfpo7yM5hHrNk3zbJub_C1RcPz57D9IsZuzwQzdGbKLnEWMBumsc8sP78z_DRz17_pbj7ERDZiRCyTTFdJR9qzHsbBTNEcBdYj0gECOL6Lc_rU,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd50FSSGyZbxU0FG-KnUAfpo7yM5hHrNk3zbJub_C1RcPz57D9IsZuzwQzdGbKLnEWMBumsc8sP78z_DRz17_pbj7ERDZiRCyTTFdJR9qzHsbBTNEcBdYj0gECOL6Lc_rU,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd50FSSGyZbxU0FG-KnUAfpo7yM5hHrNk3zbJub_C1RcPz57D9IsZuzwQzdGbKLnEWMBumsc8sP78z_DRz17_pbj7ERDZiRCyTTFdJR9qzHsbBTNEcBdYj0gECOL6Lc_rc,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd50FSSGyZbxU0FG-KnUAfpo7yM5hHrNk3zbJub_C1RcPz57D9IsZuzwQzdGbKLnEWMBumsc8sP78z_DRz17_pbj7ERDZiRCyTTFdJR9qzHsbBTNEcBdYj0gECOL6Lc_rc,&q={searchTerms}
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd50FSSGyZbxU0FG-KnUAfpo7yM5hHrNk3zbJub_C1RcPz57D9IsZuzwQzdGbKLnEWMBumsc8sP78z_DRz17_pbj7ERDZiRCyTTFdJR9qzHsbBTNEcBdYj0gECOL6Lc_rY,&q={searchTerms}
BHO: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll (Freeven)
BHO: Freeven Pro 1.3 - {11111111-1111-1111-1111-110511421155} - C:\Program Files (x86)\Freeven Pro 1.3\Freeven Pro 1.3-bho64.dll (Freeven)
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO-x32: Freeven Pro 1.3 - {11111111-1111-1111-1111-110511421155} - C:\Program Files (x86)\Freeven Pro 1.3\Freeven Pro 1.3-bho.dll (Freeven)
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: SaveSense - {71e129ff-6c2a-4984-818c-7e2c998b8d99} - C:\Users\Shy\AppData\Local\SaveSense\SaveSenseIE.dll (SaveSense)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default
FF user.js: detected! => C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\user.js
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Mysearchdial
FF SearchEngineOrder.1: Mysearchdial
FF SelectedSearchEngine: Mysearchdial
FF Homepage: www.google.de
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd50FSSGyZbxU0FG-KnUAfpo7yM5hHrNk3zbJub_C1RcPz57D9IsZuzwQzdGbKLnEWMBumsc8sP78z_DRz17_pbj7ERDZiRCyTTFdJR9qzHsbBTNEcBdYj0gECOL6Lc_rE,&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LyricsFriend - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\Extensions\131 [2013-09-03]
FF Extension: Plus-HD-2.2 - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com [2014-03-28]
FF Extension: MediaPlayerplus - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-03-28]
FF Extension: Freeven Pro 1.3 - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\Extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com [2014-03-28]
FF Extension: Whilokii - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\Extensions\firefox@whilokii.net [2013-10-21]
FF Extension: Quick Start - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\Extensions\quick_start@gmail.com [2014-04-10]
FF Extension: SaveSense - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [2014-04-09]
FF Extension: HDvid Codec 3 - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\Extensions\hdvc3@hdvidcodec.com.xpi [2013-06-30]
FF Extension: MySearchDial - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\extensions\quick_start@gmail.com [2014-04-10]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\IPSFF [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [{ae82ce55-d4ae-4a75-a1b7-002cc9fa5781}] - C:\Program Files (x86)\LyricsFriend\131.xpi

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=M790A6934-938D-4DED-9959-B45D7F348ECF&SearchSource=55&CUI=&UM=5&UP=SP553419F1-CDC6-48EE-BA12-1C16327F3C0C&SSPV=
CHR DefaultSearchKeyword: mysearchdial.com
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzutCtDyCtDyE0ByD0Fzz0B0ByEyC0CyE0EtN0D0Tzu0SzztAyCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCtB0CyDzzyCtBtDtG0DzztD0FtGtCyCtB0BtG0FzzyB0BtGtA0AyEyDzzzy0AyC0F0FtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtAtDtCtAyByEyEtG0A0ByCtAtGtAzzyCtCtG0A0Azy0CtGyEyBtCyEtCyE0F0AzzyEtBtA2Q&cr=167206671&ir=
CHR DefaultNewTabURL: &a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzutCtDyCtDyE0ByD0Fzz0B0ByEyC0CyE0EtN0D0Tzu0SzztAyCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCtB0CyDzzyCtBtDtG0DzztD0FtGtCyCtB0BtG0FzzyB0BtGtA0AyEyDzzzy0AyC0F0FtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtAtDtCtAyByEyEtG0A0ByCtAtGtAzzyCtCtG0A0Azy0CtGyEyBtCyEtCyE0F0AzzyEtBtA2Q&cr=167206671&ir=
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (IntelÂ® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (IntelÂ® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows LiveÂ™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Freeven Pro 1.3) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj [2014-03-28]
CHR Extension: (Newhub) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoejbmmillcdifgagjpdlaamnalbielp [2014-03-20]
CHR Extension: (Google Docs) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-22]
CHR Extension: (Google Drive) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-22]
CHR Extension: (YouTube) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-22]
CHR Extension: (Google Search) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-22]
CHR Extension: (MySearchDial New Tab) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-16]
CHR Extension: (Plus-HD-2.2) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo [2013-08-29]
CHR Extension: (MediaPlayerplus) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-03-28]
CHR Extension: (Norton Identity Protection) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-02-22]
CHR Extension: (Google Wallet) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-10]
CHR Extension: (Widget context) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp [2014-04-14]
CHR Extension: (Gmail) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-22]
CHR HKLM\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Shy\AppData\Local\nwhb-v9.4.15.crx [2014-03-20]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Shy\AppData\Local\speedial.crx [2014-04-16]
CHR HKCU\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Shy\AppData\Local\nwhb-v9.4.15.crx [2014-03-20]
CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Shy\AppData\Local\speedial.crx [2014-04-16]
CHR HKLM-x32\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Shy\AppData\Local\nwhb-v9.4.15.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [dljhohhmfjfhgfhpgkfefjoojfobodhn] - C:\Program Files (x86)\Whilokii\dljhohhmfjfhgfhpgkfefjoojfobodhn.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [dnllcmllkjofnojidnaknldfehfhehoo] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Shy\AppData\Local\speedial.crx [2014-04-16]
CHR HKLM-x32\...\Chrome\Extension: [lkifdcciaffpfomcpapoccoefeejeagi] - C:\Program Files (x86)\LyricsFriend\131.crx [2014-04-16]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-04-16]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-28]

==================== Services (Whitelisted) =================

R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2470688 2014-04-08] (Conduit)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [570368 2011-10-27] (Hauppauge Computer Works)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [5268336 2014-03-25] (INCA Internet Co., Ltd.)
S2 pr2ahqjb; C:\Windows\system32\pr2ahqjb.exe [754304 2007-03-29] (Koch Media)
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-04-09] (SaveSense)
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-04-09] (SaveSense)
R2 Update Whilokii; C:\Program Files (x86)\Whilokii\updateWhilokii.exe [350488 2014-04-16] ()
R2 Util Whilokii; C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe [350488 2014-04-16] ()
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone)
R2 vosr; C:\Users\Shy\AppData\Roaming\VOPackage\VOsrv.exe [355328 2014-03-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-04-09] (Cherished Technololgy LIMITED)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-04-09] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-04-15] (Symantec Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R3 hcw17bda; C:\Windows\system32\drivers\hcw17bda.sys [67456 2010-01-27] (Hauppauge Computer Works, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20140415.001\IDSvia64.sys [525016 2014-04-15] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140415.025\ENG64.SYS [126040 2014-04-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140415.025\EX64.SYS [2099288 2014-04-15] (Symantec Corporation)
R0 pe3ahqjb; C:\Windows\System32\drivers\pe3ahqjb.sys [72576 2007-03-29] (Koch Media)
R0 ps6ahqjb; C:\Windows\System32\drivers\ps6ahqjb.sys [73608 2007-03-29] (Koch Media)
R0 SMR410; C:\Windows\System32\drivers\SMR410.SYS [96856 2014-04-16] (Symantec Corporation)
R1 SRTSP; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1502000.026\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-04-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17528 2012-11-20] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23184 2012-11-20] (Texas Instruments, Inc.)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-21] (StdLib)
S3 wacomvhid; \SystemRoot\System32\drivers\wacomvhid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-16 19:35 - 2014-04-16 19:35 - 00036167 _____ () C:\Users\Shy\Downloads\FRST.txt
2014-04-16 19:35 - 2014-04-16 19:35 - 00000000 ____D () C:\FRST
2014-04-16 19:34 - 2014-04-16 19:34 - 02158080 _____ (Farbar) C:\Users\Shy\Downloads\FRST64.exe
2014-04-16 19:30 - 2014-04-16 19:30 - 00993712 _____ () C:\Users\Shy\Downloads\setup (3).exe
2014-04-16 18:30 - 2014-04-16 18:30 - 00000000 ____D () C:\Users\Shy\AppData\Local\SearchProtect
2014-04-16 18:30 - 2014-04-16 18:30 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-16 18:26 - 2014-04-16 18:27 - 00993712 _____ () C:\Users\Shy\Downloads\setup (2).exe
2014-04-16 18:02 - 2014-04-16 18:02 - 00001078 _____ () C:\Users\Shy\Desktop\Continue VuuPC Installation.lnk
2014-04-16 17:54 - 2014-04-16 17:54 - 00096856 _____ (Symantec Corporation) C:\windows\system32\Drivers\SMR410.SYS
2014-04-16 17:54 - 2014-04-16 17:54 - 00000020 _____ () C:\windows\system32\Drivers\SMR410.dat
2014-04-16 17:26 - 2014-04-16 17:30 - 00000000 ____D () C:\Users\Shy\Desktop\Blabla
2014-04-16 17:17 - 2014-04-16 17:17 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-04-16 17:10 - 2014-04-16 17:54 - 00000000 ____D () C:\Users\Shy\AppData\Local\NPE
2014-04-16 17:07 - 2014-04-16 17:07 - 00000000 ____D () C:\Users\Shy\Documents\Symantec
2014-04-16 17:05 - 2014-04-16 17:54 - 00003118 _____ () C:\windows\System32\Tasks\Advanced System Protector_startup
2014-04-16 17:05 - 2014-04-16 17:05 - 00177752 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2014-04-16 17:05 - 2014-04-16 17:05 - 00008222 _____ () C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2014-04-16 17:05 - 2014-04-16 17:05 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-04-16 17:05 - 2014-04-16 17:05 - 00002389 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-04-16 17:05 - 2014-04-16 17:05 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-04-16 17:02 - 2014-04-16 17:02 - 00000000 ____D () C:\windows\system32\Drivers\N360x64
2014-04-16 17:02 - 2014-04-16 17:02 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-04-16 16:50 - 2014-04-16 16:50 - 00000000 ____D () C:\ProgramData\PCSettings
2014-04-16 16:33 - 2014-04-16 16:33 - 01021952 _____ (Symantec Corporation) C:\Users\Shy\Downloads\NortonN360Downloader.exe
2014-04-16 03:49 - 2014-04-16 03:49 - 00000000 ____D () C:\Users\Shy\Documents\Optimizer Pro
2014-04-16 03:46 - 2014-04-16 03:47 - 00000320 _____ () C:\Users\Shy\AppData\Roaming\aps.uninstall.scan.results
2014-04-16 03:45 - 2014-04-16 16:38 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-16 03:44 - 2014-04-16 03:44 - 00358193 _____ () C:\Users\Shy\AppData\Local\speedial.crx
2014-04-16 03:44 - 2014-04-11 23:13 - 01079839 _____ (AnyProtect.com) C:\Users\Shy\AppData\Local\AnyProtectScannerSetup.exe
2014-04-12 02:40 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 02:40 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 02:40 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-12 02:40 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-12 02:40 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 02:40 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 02:40 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 02:40 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-12 02:40 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 02:40 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 02:40 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 02:40 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 02:40 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 02:40 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 02:40 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 02:40 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 02:40 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 02:40 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 02:40 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 02:40 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-12 02:39 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-12 02:39 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-12 02:39 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-12 02:39 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-12 02:39 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-12 02:39 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-12 02:39 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-12 02:39 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-12 02:39 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-12 02:39 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-12 02:39 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-12 02:39 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-12 02:39 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-12 02:39 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-12 02:39 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-12 02:39 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-10 21:36 - 2014-04-10 21:36 - 00872872 _____ (AirInstaller ) C:\Users\Shy\Downloads\setup (1).exe
2014-04-10 20:48 - 2014-04-10 20:48 - 00441752 _____ () C:\Users\Shy\Downloads\Java(1).exe
2014-04-09 23:57 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 23:57 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-09 23:57 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-09 23:57 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 21:34 - 2014-04-09 21:34 - 01070840 _____ (Solid State Networks) C:\Users\Shy\Downloads\install_flashplayer13x32au_mssd_aaa_aih.exe
2014-04-09 21:20 - 2014-04-11 09:15 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-09 21:20 - 2014-04-09 21:20 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\SupTab
2014-04-09 21:20 - 2014-04-09 21:20 - 00000000 ____D () C:\ProgramData\WPM
2014-04-09 21:20 - 2014-04-09 21:20 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-09 21:18 - 2014-04-16 18:30 - 00001064 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-09 21:18 - 2014-04-09 21:18 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-09 21:16 - 2014-04-09 21:16 - 00000000 ____D () C:\ProgramData\Systweak
2014-04-09 21:16 - 2014-04-09 21:16 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-04-09 21:16 - 2012-07-25 12:03 - 00016896 _____ () C:\windows\system32\sasnative64.exe
2014-04-09 21:15 - 2014-04-16 19:20 - 00000938 _____ () C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-04-09 21:15 - 2014-04-16 19:16 - 00000296 _____ () C:\windows\Tasks\SaveSense.job
2014-04-09 21:15 - 2014-04-16 17:53 - 00000934 _____ () C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-04-09 21:15 - 2014-04-09 21:57 - 00000000 ____D () C:\Users\Shy\AppData\Local\Mobogenie
2014-04-09 21:15 - 2014-04-09 21:16 - 00002634 _____ () C:\windows\System32\Tasks\SaveSense
2014-04-09 21:15 - 2014-04-09 21:16 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-09 21:15 - 2014-04-09 21:15 - 00003910 _____ () C:\windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA
2014-04-09 21:15 - 2014-04-09 21:15 - 00003674 _____ () C:\windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
2014-04-09 21:15 - 2014-04-09 21:15 - 00002440 _____ () C:\Users\Shy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\Documents\Mobogenie
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\SaveSense
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Local\SaveSenseLive
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Local\SaveSense
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Local\cache
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\.android
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\ProgramData\SaveSenseLive
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Program Files (x86)\SaveSenseLive
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 _____ () C:\Users\Shy\daemonprocess.txt
2014-04-09 21:14 - 2014-04-09 21:14 - 00000000 ____D () C:\Users\Shy\AppData\Local\Smartbar
2014-04-09 21:14 - 2014-04-09 21:14 - 00000000 ____D () C:\Users\Shy\AppData\Local\LPT
2014-04-09 21:10 - 2014-04-09 21:10 - 00993712 _____ () C:\Users\Shy\Downloads\setup(2).exe
2014-04-09 21:09 - 2014-04-09 21:09 - 00441768 _____ () C:\Users\Shy\Downloads\Setup_V2.exe
2014-04-09 21:08 - 2014-04-09 21:09 - 00993712 _____ () C:\Users\Shy\Downloads\setup(1).exe
2014-03-29 11:21 - 2014-04-16 18:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 22:27 - 2014-04-16 18:14 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-03-28 22:27 - 2014-04-16 17:53 - 00003466 _____ () C:\windows\Tasks\1d58acf1-29e5-4c8e-a536-e04dd320ab01-3.job
2014-03-28 22:27 - 2014-03-28 22:27 - 00006470 _____ () C:\windows\System32\Tasks\1d58acf1-29e5-4c8e-a536-e04dd320ab01-3
2014-03-28 22:25 - 2014-04-16 18:14 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-03-28 22:25 - 2014-03-28 22:25 - 01172776 _____ (AnyProtect.com) C:\Users\Shy\AppData\Local\nsh4CE8.tmp
2014-03-28 22:24 - 2014-04-16 18:17 - 00000000 ____D () C:\Program Files (x86)\Freeven Pro 1.3
2014-03-28 22:24 - 2014-04-16 17:53 - 00003130 _____ () C:\windows\Tasks\bedfe857-1851-4105-9b92-9447f52989ce-3.job
2014-03-28 22:24 - 2014-04-16 17:10 - 00000000 ____D () C:\Users\Shy\AppData\Local\Lollipop
2014-03-28 22:24 - 2014-03-28 22:24 - 00006134 _____ () C:\windows\System32\Tasks\bedfe857-1851-4105-9b92-9447f52989ce-3
2014-03-28 22:24 - 2014-03-28 22:24 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\VOPackage
2014-03-28 22:24 - 2014-03-28 22:24 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-03-28 22:19 - 2014-03-28 22:19 - 00563488 _____ () C:\Users\Shy\Downloads\Java.exe
2014-03-28 09:53 - 2014-03-28 09:53 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-03-28 09:53 - 2014-03-25 09:31 - 05268336 _____ (INCA Internet Co., Ltd.) C:\windows\SysWOW64\GameMon.des
2014-03-28 09:28 - 2014-03-28 09:49 - 00001569 _____ () C:\Users\Public\Desktop\Flyff.lnk
2014-03-28 09:24 - 2014-03-28 09:24 - 00000000 ____D () C:\Program Files\gPotato.eu
2014-03-28 09:22 - 2014-03-28 09:39 - 1178858003 _____ (Gala Networks Europe Limited ) C:\Users\Shy\Desktop\Flyff_DE_setup.exe
2014-03-27 02:12 - 2014-03-27 02:12 - 00321256 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-21 01:26 - 2014-03-21 01:26 - 00061112 _____ (StdLib) C:\windows\system32\Drivers\wStLib64.sys
2014-03-20 01:05 - 2014-03-20 01:05 - 00686631 _____ () C:\Users\Shy\AppData\Local\nwhb-v9.4.15.crx

==================== One Month Modified Files and Folders =======

2014-04-16 19:35 - 2014-04-16 19:35 - 00036167 _____ () C:\Users\Shy\Downloads\FRST.txt
2014-04-16 19:35 - 2014-04-16 19:35 - 00000000 ____D () C:\FRST
2014-04-16 19:34 - 2014-04-16 19:34 - 02158080 _____ (Farbar) C:\Users\Shy\Downloads\FRST64.exe
2014-04-16 19:30 - 2014-04-16 19:30 - 00993712 _____ () C:\Users\Shy\Downloads\setup (3).exe
2014-04-16 19:26 - 2013-02-22 18:19 - 00001116 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-16 19:23 - 2013-01-12 12:55 - 01209617 _____ () C:\windows\WindowsUpdate.log
2014-04-16 19:20 - 2014-04-09 21:15 - 00000938 _____ () C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-04-16 19:16 - 2014-04-09 21:15 - 00000296 _____ () C:\windows\Tasks\SaveSense.job
2014-04-16 19:06 - 2013-05-27 00:57 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-16 19:05 - 2013-10-21 18:01 - 00000296 _____ () C:\windows\Tasks\UpdaterEX.job
2014-04-16 19:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-16 18:49 - 2013-01-12 13:01 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-682942366-826570152-479843046-1001
2014-04-16 18:32 - 2012-07-26 07:26 - 00000292 _____ () C:\windows\win.ini
2014-04-16 18:30 - 2014-04-16 18:30 - 00000000 ____D () C:\Users\Shy\AppData\Local\SearchProtect
2014-04-16 18:30 - 2014-04-16 18:30 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-16 18:30 - 2014-04-09 21:18 - 00001064 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-16 18:27 - 2014-04-16 18:26 - 00993712 _____ () C:\Users\Shy\Downloads\setup (2).exe
2014-04-16 18:23 - 2014-03-29 11:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-16 18:17 - 2014-03-28 22:24 - 00000000 ____D () C:\Program Files (x86)\Freeven Pro 1.3
2014-04-16 18:14 - 2014-03-28 22:27 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-16 18:14 - 2014-03-28 22:25 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-04-16 18:14 - 2013-01-19 17:35 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-04-16 18:02 - 2014-04-16 18:02 - 00001078 _____ () C:\Users\Shy\Desktop\Continue VuuPC Installation.lnk
2014-04-16 17:56 - 2012-12-04 14:10 - 00745562 _____ () C:\windows\system32\perfh007.dat
2014-04-16 17:56 - 2012-12-04 14:10 - 00169488 _____ () C:\windows\system32\perfc007.dat
2014-04-16 17:56 - 2012-07-26 09:28 - 01752656 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-16 17:54 - 2014-04-16 17:54 - 00096856 _____ (Symantec Corporation) C:\windows\system32\Drivers\SMR410.SYS
2014-04-16 17:54 - 2014-04-16 17:54 - 00000020 _____ () C:\windows\system32\Drivers\SMR410.dat
2014-04-16 17:54 - 2014-04-16 17:10 - 00000000 ____D () C:\Users\Shy\AppData\Local\NPE
2014-04-16 17:54 - 2014-04-16 17:05 - 00003118 _____ () C:\windows\System32\Tasks\Advanced System Protector_startup
2014-04-16 17:54 - 2013-10-21 18:10 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\Skype
2014-04-16 17:54 - 2013-06-12 18:43 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\Spotify
2014-04-16 17:53 - 2014-04-09 21:15 - 00000934 _____ () C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-04-16 17:53 - 2014-03-28 22:27 - 00003466 _____ () C:\windows\Tasks\1d58acf1-29e5-4c8e-a536-e04dd320ab01-3.job
2014-04-16 17:53 - 2014-03-28 22:24 - 00003130 _____ () C:\windows\Tasks\bedfe857-1851-4105-9b92-9447f52989ce-3.job
2014-04-16 17:53 - 2013-02-22 18:19 - 00001112 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-16 17:32 - 2013-06-25 18:20 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2014-04-16 17:32 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\tracing
2014-04-16 17:32 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-16 17:31 - 2012-08-01 19:02 - 01749296 _____ () C:\windows\PFRO.log
2014-04-16 17:30 - 2014-04-16 17:26 - 00000000 ____D () C:\Users\Shy\Desktop\Blabla
2014-04-16 17:17 - 2014-04-16 17:17 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-04-16 17:15 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\NDF
2014-04-16 17:11 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-16 17:10 - 2014-03-28 22:24 - 00000000 ____D () C:\Users\Shy\AppData\Local\Lollipop
2014-04-16 17:10 - 2012-12-04 05:34 - 00000000 ____D () C:\ProgramData\Norton
2014-04-16 17:07 - 2014-04-16 17:07 - 00000000 ____D () C:\Users\Shy\Documents\Symantec
2014-04-16 17:06 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-16 17:05 - 2014-04-16 17:05 - 00177752 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2014-04-16 17:05 - 2014-04-16 17:05 - 00008222 _____ () C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2014-04-16 17:05 - 2014-04-16 17:05 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-04-16 17:05 - 2014-04-16 17:05 - 00002389 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-04-16 17:05 - 2014-04-16 17:05 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-04-16 17:05 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-04-16 17:03 - 2013-02-21 18:33 - 00583680 ___SH () C:\Users\Shy\Desktop\Thumbs.db
2014-04-16 17:02 - 2014-04-16 17:02 - 00000000 ____D () C:\windows\system32\Drivers\N360x64
2014-04-16 17:02 - 2014-04-16 17:02 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-04-16 16:50 - 2014-04-16 16:50 - 00000000 ____D () C:\ProgramData\PCSettings
2014-04-16 16:38 - 2014-04-16 03:45 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-16 16:34 - 2013-11-16 11:15 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-04-16 16:33 - 2014-04-16 16:33 - 01021952 _____ (Symantec Corporation) C:\Users\Shy\Downloads\NortonN360Downloader.exe
2014-04-16 16:21 - 2013-06-12 18:45 - 00000000 ____D () C:\Users\Shy\AppData\Local\Spotify
2014-04-16 16:19 - 2014-03-02 21:02 - 00000336 _____ () C:\windows\Tasks\HPCeeScheduleForShy.job
2014-04-16 03:49 - 2014-04-16 03:49 - 00000000 ____D () C:\Users\Shy\Documents\Optimizer Pro
2014-04-16 03:47 - 2014-04-16 03:46 - 00000320 _____ () C:\Users\Shy\AppData\Roaming\aps.uninstall.scan.results
2014-04-16 03:45 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-04-16 03:45 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-04-16 03:44 - 2014-04-16 03:44 - 00358193 _____ () C:\Users\Shy\AppData\Local\speedial.crx
2014-04-14 23:51 - 2014-03-02 21:02 - 00003146 _____ () C:\windows\System32\Tasks\HPCeeScheduleForShy
2014-04-14 23:51 - 2013-01-12 12:55 - 00000000 ____D () C:\Users\Shy
2014-04-14 23:49 - 2013-09-22 19:51 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-04-14 23:48 - 2013-09-22 19:51 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-13 23:48 - 2013-01-12 12:56 - 00000000 ___RD () C:\Users\Shy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 23:48 - 2013-01-12 12:56 - 00000000 ___RD () C:\Users\Shy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-13 23:37 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-04-13 23:10 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-13 23:10 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-04-11 23:59 - 2013-07-24 07:08 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 23:57 - 2013-01-14 08:45 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-11 23:13 - 2014-04-16 03:44 - 01079839 _____ (AnyProtect.com) C:\Users\Shy\AppData\Local\AnyProtectScannerSetup.exe
2014-04-11 09:15 - 2014-04-09 21:20 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-10 21:36 - 2014-04-10 21:36 - 00872872 _____ (AirInstaller ) C:\Users\Shy\Downloads\setup (1).exe
2014-04-10 20:48 - 2014-04-10 20:48 - 00441752 _____ () C:\Users\Shy\Downloads\Java(1).exe
2014-04-09 21:57 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Local\Mobogenie
2014-04-09 21:36 - 2013-10-21 18:00 - 00000000 ____D () C:\Program Files (x86)\BonanzaDeals
2014-04-09 21:34 - 2014-04-09 21:34 - 01070840 _____ (Solid State Networks) C:\Users\Shy\Downloads\install_flashplayer13x32au_mssd_aaa_aih.exe
2014-04-09 21:25 - 2013-01-30 19:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-09 21:20 - 2014-04-09 21:20 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\SupTab
2014-04-09 21:20 - 2014-04-09 21:20 - 00000000 ____D () C:\ProgramData\WPM
2014-04-09 21:20 - 2014-04-09 21:20 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-09 21:18 - 2014-04-09 21:18 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-09 21:16 - 2014-04-09 21:16 - 00000000 ____D () C:\ProgramData\Systweak
2014-04-09 21:16 - 2014-04-09 21:16 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-04-09 21:16 - 2014-04-09 21:15 - 00002634 _____ () C:\windows\System32\Tasks\SaveSense
2014-04-09 21:16 - 2014-04-09 21:15 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-09 21:16 - 2014-01-27 00:05 - 00000174 _____ () C:\Users\Shy\AppData\Roaming\WB.CFG
2014-04-09 21:16 - 2013-10-21 17:59 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\Systweak
2014-04-09 21:15 - 2014-04-09 21:15 - 00003910 _____ () C:\windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA
2014-04-09 21:15 - 2014-04-09 21:15 - 00003674 _____ () C:\windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
2014-04-09 21:15 - 2014-04-09 21:15 - 00002440 _____ () C:\Users\Shy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\Documents\Mobogenie
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\SaveSense
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Local\SaveSenseLive
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Local\SaveSense
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Local\cache
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\.android
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\ProgramData\SaveSenseLive
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Program Files (x86)\SaveSenseLive
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 _____ () C:\Users\Shy\daemonprocess.txt
2014-04-09 21:14 - 2014-04-09 21:14 - 00000000 ____D () C:\Users\Shy\AppData\Local\Smartbar
2014-04-09 21:14 - 2014-04-09 21:14 - 00000000 ____D () C:\Users\Shy\AppData\Local\LPT
2014-04-09 21:10 - 2014-04-09 21:10 - 00993712 _____ () C:\Users\Shy\Downloads\setup(2).exe
2014-04-09 21:09 - 2014-04-09 21:09 - 00441768 _____ () C:\Users\Shy\Downloads\Setup_V2.exe
2014-04-09 21:09 - 2014-04-09 21:08 - 00993712 _____ () C:\Users\Shy\Downloads\setup(1).exe
2014-04-09 00:30 - 2013-02-22 18:21 - 00002369 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-07 02:40 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-31 23:18 - 2014-02-26 23:27 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-02-26 23:27 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-28 22:27 - 2014-03-28 22:27 - 00006470 _____ () C:\windows\System32\Tasks\1d58acf1-29e5-4c8e-a536-e04dd320ab01-3
2014-03-28 22:25 - 2014-03-28 22:25 - 01172776 _____ (AnyProtect.com) C:\Users\Shy\AppData\Local\nsh4CE8.tmp
2014-03-28 22:24 - 2014-03-28 22:24 - 00006134 _____ () C:\windows\System32\Tasks\bedfe857-1851-4105-9b92-9447f52989ce-3
2014-03-28 22:24 - 2014-03-28 22:24 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\VOPackage
2014-03-28 22:24 - 2014-03-28 22:24 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-03-28 22:24 - 2013-01-12 12:56 - 00001640 _____ () C:\Users\Shy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-28 22:19 - 2014-03-28 22:19 - 00563488 _____ () C:\Users\Shy\Downloads\Java.exe
2014-03-28 09:53 - 2014-03-28 09:53 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-03-28 09:49 - 2014-03-28 09:28 - 00001569 _____ () C:\Users\Public\Desktop\Flyff.lnk
2014-03-28 09:39 - 2014-03-28 09:22 - 1178858003 _____ (Gala Networks Europe Limited ) C:\Users\Shy\Desktop\Flyff_DE_setup.exe
2014-03-28 09:24 - 2014-03-28 09:24 - 00000000 ____D () C:\Program Files\gPotato.eu
2014-03-27 02:21 - 2013-02-22 18:19 - 00004088 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 02:21 - 2013-02-22 18:19 - 00003852 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-27 02:12 - 2014-03-27 02:12 - 00321256 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-25 09:31 - 2014-03-28 09:53 - 05268336 _____ (INCA Internet Co., Ltd.) C:\windows\SysWOW64\GameMon.des
2014-03-24 01:09 - 2012-12-04 05:20 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-21 01:26 - 2014-03-21 01:26 - 00061112 _____ (StdLib) C:\windows\system32\Drivers\wStLib64.sys
2014-03-21 01:26 - 2013-10-21 18:00 - 00000000 ____D () C:\Program Files (x86)\Whilokii
2014-03-20 06:53 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-20 06:53 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-20 06:53 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-20 06:53 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-20 01:05 - 2014-03-20 01:05 - 00686631 _____ () C:\Users\Shy\AppData\Local\nwhb-v9.4.15.crx

Some content of TEMP:
====================
C:\Users\Shy\AppData\Local\Temp\6_Offer_11.exe
C:\Users\Shy\AppData\Local\Temp\APNStub.exe
C:\Users\Shy\AppData\Local\Temp\app.exe
C:\Users\Shy\AppData\Local\Temp\AutoRun.exe
C:\Users\Shy\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Shy\AppData\Local\Temp\BackupSetup.exe
C:\Users\Shy\AppData\Local\Temp\Extract.exe
C:\Users\Shy\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Shy\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Shy\AppData\Local\Temp\htmlayout.dll
C:\Users\Shy\AppData\Local\Temp\instract.exe
C:\Users\Shy\AppData\Local\Temp\instruct.exe
C:\Users\Shy\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Shy\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Shy\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Shy\AppData\Local\Temp\nsbC606.exe
C:\Users\Shy\AppData\Local\Temp\nsdA395.exe
C:\Users\Shy\AppData\Local\Temp\nsjA53C.exe
C:\Users\Shy\AppData\Local\Temp\nsqC440.exe
C:\Users\Shy\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Shy\AppData\Local\Temp\setup.exe
C:\Users\Shy\AppData\Local\Temp\Shortcut_SweetIM_2.exe
C:\Users\Shy\AppData\Local\Temp\SimboApp.exe
C:\Users\Shy\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Shy\AppData\Local\Temp\SP59485.exe
C:\Users\Shy\AppData\Local\Temp\SP60467.exe
C:\Users\Shy\AppData\Local\Temp\SP61665.exe
C:\Users\Shy\AppData\Local\Temp\SP62732.exe
C:\Users\Shy\AppData\Local\Temp\SP63146.exe
C:\Users\Shy\AppData\Local\Temp\SP63187.exe
C:\Users\Shy\AppData\Local\Temp\sp64126.exe
C:\Users\Shy\AppData\Local\Temp\SpOrder.dll
C:\Users\Shy\AppData\Local\Temp\TouchURL.exe
C:\Users\Shy\AppData\Local\Temp\uninst1.exe
C:\Users\Shy\AppData\Local\Temp\uninstaller.exe
C:\Users\Shy\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Shy\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-13 09:46

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

schrauber · 18.04.2014, 09:45

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Swoopy · 22.04.2014, 15:26

MBAM:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 22.04.2014
Suchlauf-Zeit: 16:09:14
Logdatei: TB_MBAM_03.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.22.04
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Shy

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 309703
Verstrichene Zeit: 7 Min, 53 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

ADW-Cleaner:

Code:

ATTFilter

# AdwCleaner v3.102 - Bericht erstellt am 22/04/2014 um 16:14:01
# Aktualisiert 21/04/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Shy - BESHY
# Gestartet von : C:\Users\Shy\Downloads\AdwCleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Schiffer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
Ordner Gelöscht : C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{BBDA0591-3099-440a-AA10-41764D9DB4DB}]

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v19.0 (de)

[ Datei : C:\Users\Schiffer\AppData\Roaming\Mozilla\Firefox\Profiles\fgy06bj6.default\prefs.js ]


[ Datei : C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default\prefs.js ]


-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Schiffer\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [47097 octets] - [21/04/2014 23:00:52]
AdwCleaner[R1].txt - [1659 octets] - [22/04/2014 16:12:59]
AdwCleaner[S0].txt - [42291 octets] - [21/04/2014 23:01:45]
AdwCleaner[S1].txt - [1580 octets] - [22/04/2014 16:14:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1640 octets] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Shy on 22.04.2014 at 16:17:11,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.04.2014 at 16:20:28,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST-Log:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-04-2014 02
Ran by Shy (administrator) on BESHY on 22-04-2014 16:24:17
Running from C:\Users\Shy\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenUSB.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(ICQ) C:\Users\Shy\AppData\Roaming\ICQM\icq.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\windows\splwow64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-19] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [DTVRemote] => "C:\Program Files (x86)\DTV\RemoteControl.exe"
HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2403840 2009-09-11] (Vodafone)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-08] (Hewlett-Packard)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\Run: [icq] => C:\Users\Shy\AppData\Roaming\ICQM\icq.exe [26606072 2013-01-12] (ICQ)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\Run: [Spotify] => C:\Users\Shy\AppData\Roaming\Spotify\Spotify.exe [6087224 2014-04-09] (Spotify Ltd)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\Run: [Spotify Web Helper] => C:\Users\Shy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-09] (Spotify Ltd)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20473504 2013-10-02] (Skype Technologies S.A.)
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\MountPoints2: {85048ddc-7369-11e2-be74-10604b5f8bb4} - "G:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\MountPoints2: {85048e17-7369-11e2-be74-10604b5f8bb4} - "G:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\MountPoints2: {85048f0f-7369-11e2-be74-10604b5f8bb4} - "I:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\MountPoints2: {ab3b5baa-554b-11e3-bea8-10604b5f8bb4} - "G:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-682942366-826570152-479843046-1001\...\MountPoints2: {e2788c9e-dcde-11e2-be89-001e101f906f} - "G:\setup_vmc_lite.exe" /checkApplicationPresence
Startup: C:\Users\Schiffer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {34417101-EE22-45BE-B7BC-128EC8F60190} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Shy\AppData\Roaming\Mozilla\Firefox\Profiles\qrwdqtn7.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\IPSFF [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [{ae82ce55-d4ae-4a75-a1b7-002cc9fa5781}] - C:\Program Files (x86)\LyricsFriend\131.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://search.conduit.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=M790A6934-938D-4DED-9959-B45D7F348ECF&SearchSource=55&CUI=&UM=5&UP=SP553419F1-CDC6-48EE-BA12-1C16327F3C0C&SSPV="
CHR DefaultSearchProvider: Mysearchdial
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: &a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzutCtDyCtDyE0ByD0Fzz0B0ByEyC0CyE0EtN0D0Tzu0SzztAyCtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCtB0CyDzzyCtBtDtG0DzztD0FtGtCyCtB0BtG0FzzyB0BtGtA0AyEyDzzzy0AyC0F0FtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtAtDtCtAyByEyEtG0A0ByCtAtGtAzzyCtCtG0A0Azy0CtGyEyBtCyEtCyE0F0AzzyEtBtA2Q&cr=167206671&ir=
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (IntelÂ® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (IntelÂ® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows LiveÂ™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Newhub) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoejbmmillcdifgagjpdlaamnalbielp [2014-03-20]
CHR Extension: (Google Docs) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-22]
CHR Extension: (Google Drive) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-22]
CHR Extension: (YouTube) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-22]
CHR Extension: (Google Search) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-22]
CHR Extension: (Norton Identity Protection) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-02-22]
CHR Extension: (Google Wallet) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-10]
CHR Extension: (Gmail) - C:\Users\Shy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-22]
CHR HKLM\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Shy\AppData\Local\nwhb-v9.4.15.crx [2014-03-20]
CHR HKCU\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Shy\AppData\Local\nwhb-v9.4.15.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Shy\AppData\Local\nwhb-v9.4.15.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [dljhohhmfjfhgfhpgkfefjoojfobodhn] - C:\Program Files (x86)\Whilokii\dljhohhmfjfhgfhpgkfefjoojfobodhn.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [lkifdcciaffpfomcpapoccoefeejeagi] - C:\Program Files (x86)\LyricsFriend\131.crx [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-04-16]

==================== Services (Whitelisted) =================

R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [570368 2011-10-27] (Hauppauge Computer Works)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [5268336 2014-03-25] (INCA Internet Co., Ltd.)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-04-09] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-04-15] (Symantec Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R3 hcw17bda; C:\Windows\system32\drivers\hcw17bda.sys [67456 2010-01-27] (Hauppauge Computer Works, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20140421.001\IDSvia64.sys [525016 2014-04-15] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140421.033\ENG64.SYS [126040 2014-04-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20140421.033\EX64.SYS [2099288 2014-04-15] (Symantec Corporation)
R1 SRTSP; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1502000.026\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-04-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [17528 2012-11-20] (Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [23184 2012-11-20] (Texas Instruments, Inc.)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-21] (StdLib)
S3 wacomvhid; \SystemRoot\System32\drivers\wacomvhid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-22 16:20 - 2014-04-22 16:20 - 00000610 _____ () C:\Users\Shy\Desktop\JRT.txt
2014-04-22 00:04 - 2014-04-22 16:10 - 00001137 _____ () C:\TB_MBAM_03.txt
2014-04-22 00:00 - 2014-04-22 00:00 - 00000000 ____D () C:\Users\Shy\Downloads\FRST-OlderVersion
2014-04-21 23:39 - 2014-04-21 23:39 - 00003114 _____ () C:\JRT.txt
2014-04-21 23:36 - 2014-04-21 23:36 - 00000000 ____D () C:\windows\ERUNT
2014-04-21 23:35 - 2014-04-21 23:35 - 01016261 _____ (Thisisu) C:\Users\Shy\Downloads\JRT.exe
2014-04-21 23:27 - 2014-04-21 23:27 - 00115751 _____ () C:\TB_MBAM_02.txt
2014-04-21 23:07 - 2014-04-21 23:07 - 00000000 ____D () C:\Users\Shy\Downloads\Trojaner-Board
2014-04-21 23:00 - 2014-04-22 16:16 - 00000000 ____D () C:\AdwCleaner
2014-04-21 22:59 - 2014-04-21 22:59 - 01322687 _____ () C:\Users\Shy\Downloads\AdwCleaner.exe
2014-04-21 22:56 - 2014-04-21 22:56 - 00397390 _____ () C:\Trojaner-Board_1_MBAM.txt
2014-04-21 22:40 - 2014-04-22 16:01 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 22:39 - 2014-04-21 22:39 - 00001100 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-21 22:39 - 2014-04-21 22:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-21 22:39 - 2014-04-21 22:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-21 22:39 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-21 22:39 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-21 22:39 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-21 22:37 - 2014-04-21 22:37 - 00000355 _____ () C:\Users\Shy\Desktop\Computer - Verknüpfung.lnk
2014-04-21 22:01 - 2014-04-21 22:02 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Shy\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-21 21:54 - 2014-04-21 21:54 - 00001262 _____ () C:\Users\Shy\Desktop\Revo Uninstaller.lnk
2014-04-21 21:54 - 2014-04-21 21:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-21 21:53 - 2014-04-21 21:53 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Shy\Downloads\revosetup95.exe
2014-04-21 20:50 - 2014-04-21 20:50 - 00772680 _____ (Realtek ) C:\windows\system32\Drivers\Rt630x64.sys
2014-04-21 20:50 - 2014-04-21 20:50 - 00078920 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-04-21 20:50 - 2014-04-21 20:50 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-04-21 20:25 - 2014-04-21 20:26 - 00000000 ____D () C:\Program Files (x86)\The Mighty Quest For Epic Loot
2014-04-21 20:25 - 2014-04-21 20:25 - 00001398 _____ () C:\Users\Public\Desktop\The Mighty Quest For Epic Loot.lnk
2014-04-21 20:23 - 2014-04-21 20:24 - 30041832 _____ ( ) C:\Users\Shy\Downloads\MightyQuestSetup_234953.exe
2014-04-21 20:19 - 2014-04-21 20:19 - 00001145 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-21 20:17 - 2014-04-21 20:17 - 00283192 _____ (Mozilla) C:\Users\Shy\Downloads\Firefox Setup Stub 28.0.exe
2014-04-17 11:00 - 2014-04-22 16:11 - 00000000 ____D () C:\Users\Shy\AppData\Local\CrashDumps
2014-04-16 19:35 - 2014-04-22 16:24 - 00021027 _____ () C:\Users\Shy\Downloads\FRST.txt
2014-04-16 19:35 - 2014-04-22 16:24 - 00000000 ____D () C:\FRST
2014-04-16 19:35 - 2014-04-22 00:01 - 00011254 _____ () C:\Users\Shy\Downloads\Addition.txt
2014-04-16 19:34 - 2014-04-22 00:00 - 02061312 _____ (Farbar) C:\Users\Shy\Downloads\FRST64.exe
2014-04-16 17:26 - 2014-04-21 23:01 - 00000000 ____D () C:\Users\Shy\Desktop\Blabla
2014-04-16 17:17 - 2014-04-16 17:17 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-04-16 17:10 - 2014-04-16 17:54 - 00000000 ____D () C:\Users\Shy\AppData\Local\NPE
2014-04-16 17:07 - 2014-04-16 17:07 - 00000000 ____D () C:\Users\Shy\Documents\Symantec
2014-04-16 17:05 - 2014-04-16 17:05 - 00177752 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2014-04-16 17:05 - 2014-04-16 17:05 - 00008222 _____ () C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2014-04-16 17:05 - 2014-04-16 17:05 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-04-16 17:05 - 2014-04-16 17:05 - 00002389 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-04-16 17:05 - 2014-04-16 17:05 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-04-16 17:02 - 2014-04-16 17:02 - 00000000 ____D () C:\windows\system32\Drivers\N360x64
2014-04-16 17:02 - 2014-04-16 17:02 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-04-16 16:50 - 2014-04-16 16:50 - 00000000 ____D () C:\ProgramData\PCSettings
2014-04-16 16:33 - 2014-04-16 16:33 - 01021952 _____ (Symantec Corporation) C:\Users\Shy\Downloads\NortonN360Downloader.exe
2014-04-16 03:45 - 2014-04-16 16:38 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-16 03:44 - 2014-04-11 23:13 - 01079839 _____ (AnyProtect.com) C:\Users\Shy\AppData\Local\AnyProtectScannerSetup.exe
2014-04-12 02:40 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 02:40 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 02:40 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-12 02:40 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-12 02:40 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 02:40 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 02:40 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 02:40 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-12 02:40 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 02:40 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 02:40 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 02:40 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 02:40 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 02:40 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 02:40 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 02:40 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 02:40 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 02:40 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 02:40 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 02:40 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-12 02:39 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-12 02:39 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-12 02:39 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-12 02:39 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-12 02:39 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-12 02:39 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-12 02:39 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-12 02:39 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-12 02:39 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-12 02:39 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-12 02:39 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-12 02:39 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-12 02:39 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-12 02:39 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-12 02:39 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-12 02:39 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-12 02:39 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-12 02:39 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-09 23:57 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 23:57 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-09 23:57 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-09 23:57 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 21:34 - 2014-04-09 21:34 - 01070840 _____ (Solid State Networks) C:\Users\Shy\Downloads\install_flashplayer13x32au_mssd_aaa_aih.exe
2014-04-09 21:18 - 2014-04-16 18:30 - 00001064 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-09 21:18 - 2014-04-09 21:18 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-09 21:16 - 2012-07-25 12:03 - 00016896 _____ () C:\windows\system32\sasnative64.exe
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Local\cache
2014-03-29 11:21 - 2014-04-22 16:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 22:25 - 2014-03-28 22:25 - 01172776 _____ (AnyProtect.com) C:\Users\Shy\AppData\Local\nsh4CE8.tmp
2014-03-28 09:53 - 2014-03-28 09:53 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-03-28 09:53 - 2014-03-25 09:31 - 05268336 _____ (INCA Internet Co., Ltd.) C:\windows\SysWOW64\GameMon.des
2014-03-28 09:28 - 2014-03-28 09:49 - 00001569 _____ () C:\Users\Public\Desktop\Flyff.lnk
2014-03-28 09:24 - 2014-03-28 09:24 - 00000000 ____D () C:\Program Files\gPotato.eu
2014-03-28 09:22 - 2014-03-28 09:39 - 1178858003 _____ (Gala Networks Europe Limited ) C:\Users\Shy\Desktop\Flyff_DE_setup.exe
2014-03-27 02:12 - 2014-03-27 02:12 - 00321256 _____ () C:\windows\system32\FNTCACHE.DAT

==================== One Month Modified Files and Folders =======

2014-04-22 16:24 - 2014-04-16 19:35 - 00021027 _____ () C:\Users\Shy\Downloads\FRST.txt
2014-04-22 16:24 - 2014-04-16 19:35 - 00000000 ____D () C:\FRST
2014-04-22 16:23 - 2013-01-12 13:01 - 00003592 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-682942366-826570152-479843046-1001
2014-04-22 16:21 - 2012-12-04 14:10 - 00745562 _____ () C:\windows\system32\perfh007.dat
2014-04-22 16:21 - 2012-12-04 14:10 - 00169488 _____ () C:\windows\system32\perfc007.dat
2014-04-22 16:21 - 2012-07-26 09:28 - 01752656 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-22 16:20 - 2014-04-22 16:20 - 00000610 _____ () C:\Users\Shy\Desktop\JRT.txt
2014-04-22 16:20 - 2014-03-29 11:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 16:16 - 2014-04-21 23:00 - 00000000 ____D () C:\AdwCleaner
2014-04-22 16:16 - 2013-01-12 12:55 - 01603509 _____ () C:\windows\WindowsUpdate.log
2014-04-22 16:15 - 2014-03-02 21:02 - 00000336 _____ () C:\windows\Tasks\HPCeeScheduleForShy.job
2014-04-22 16:15 - 2013-06-25 18:20 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2014-04-22 16:15 - 2013-02-22 18:19 - 00001112 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-22 16:15 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-22 16:11 - 2014-04-17 11:00 - 00000000 ____D () C:\Users\Shy\AppData\Local\CrashDumps
2014-04-22 16:10 - 2014-04-22 00:04 - 00001137 _____ () C:\TB_MBAM_03.txt
2014-04-22 16:06 - 2013-05-27 00:57 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-22 16:01 - 2014-04-21 22:40 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-22 16:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-22 15:26 - 2013-02-22 18:19 - 00001116 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-22 00:01 - 2014-04-16 19:35 - 00011254 _____ () C:\Users\Shy\Downloads\Addition.txt
2014-04-22 00:00 - 2014-04-22 00:00 - 00000000 ____D () C:\Users\Shy\Downloads\FRST-OlderVersion
2014-04-22 00:00 - 2014-04-16 19:34 - 02061312 _____ (Farbar) C:\Users\Shy\Downloads\FRST64.exe
2014-04-21 23:51 - 2014-03-02 21:02 - 00003146 _____ () C:\windows\System32\Tasks\HPCeeScheduleForShy
2014-04-21 23:51 - 2013-01-12 12:55 - 00000000 ____D () C:\Users\Shy
2014-04-21 23:39 - 2014-04-21 23:39 - 00003114 _____ () C:\JRT.txt
2014-04-21 23:36 - 2014-04-21 23:36 - 00000000 ____D () C:\windows\ERUNT
2014-04-21 23:35 - 2014-04-21 23:35 - 01016261 _____ (Thisisu) C:\Users\Shy\Downloads\JRT.exe
2014-04-21 23:29 - 2012-08-01 19:02 - 01922698 _____ () C:\windows\PFRO.log
2014-04-21 23:29 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\TAPI
2014-04-21 23:27 - 2014-04-21 23:27 - 00115751 _____ () C:\TB_MBAM_02.txt
2014-04-21 23:07 - 2014-04-21 23:07 - 00000000 ____D () C:\Users\Shy\Downloads\Trojaner-Board
2014-04-21 23:06 - 2013-11-17 23:13 - 00000000 ____D () C:\Users\Shy\SyncFolder
2014-04-21 23:04 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\tracing
2014-04-21 23:03 - 2013-01-30 19:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-21 23:02 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-21 23:01 - 2014-04-16 17:26 - 00000000 ____D () C:\Users\Shy\Desktop\Blabla
2014-04-21 23:01 - 2013-02-22 18:21 - 00001276 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-21 22:59 - 2014-04-21 22:59 - 01322687 _____ () C:\Users\Shy\Downloads\AdwCleaner.exe
2014-04-21 22:56 - 2014-04-21 22:56 - 00397390 _____ () C:\Trojaner-Board_1_MBAM.txt
2014-04-21 22:39 - 2014-04-21 22:39 - 00001100 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-21 22:39 - 2014-04-21 22:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-21 22:39 - 2014-04-21 22:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-21 22:37 - 2014-04-21 22:37 - 00000355 _____ () C:\Users\Shy\Desktop\Computer - Verknüpfung.lnk
2014-04-21 22:20 - 2013-01-19 17:22 - 00000000 ____D () C:\Program Files (x86)\DTV
2014-04-21 22:14 - 2013-07-30 08:04 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-04-21 22:02 - 2014-04-21 22:01 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Shy\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-21 21:54 - 2014-04-21 21:54 - 00001262 _____ () C:\Users\Shy\Desktop\Revo Uninstaller.lnk
2014-04-21 21:54 - 2014-04-21 21:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-21 21:53 - 2014-04-21 21:53 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Shy\Downloads\revosetup95.exe
2014-04-21 20:52 - 2012-08-02 05:15 - 00000000 ____D () C:\SWSETUP
2014-04-21 20:50 - 2014-04-21 20:50 - 00772680 _____ (Realtek ) C:\windows\system32\Drivers\Rt630x64.sys
2014-04-21 20:50 - 2014-04-21 20:50 - 00078920 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-04-21 20:50 - 2014-04-21 20:50 - 00000000 ____D () C:\windows\LastGood.Tmp
2014-04-21 20:27 - 2013-01-13 05:20 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\NVIDIA
2014-04-21 20:26 - 2014-04-21 20:25 - 00000000 ____D () C:\Program Files (x86)\The Mighty Quest For Epic Loot
2014-04-21 20:25 - 2014-04-21 20:25 - 00001398 _____ () C:\Users\Public\Desktop\The Mighty Quest For Epic Loot.lnk
2014-04-21 20:24 - 2014-04-21 20:23 - 30041832 _____ ( ) C:\Users\Shy\Downloads\MightyQuestSetup_234953.exe
2014-04-21 20:19 - 2014-04-21 20:19 - 00001145 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-21 20:19 - 2013-09-22 19:51 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-04-21 20:19 - 2013-09-22 19:51 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-21 20:17 - 2014-04-21 20:17 - 00283192 _____ (Mozilla) C:\Users\Shy\Downloads\Firefox Setup Stub 28.0.exe
2014-04-21 20:11 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-17 15:52 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-04-16 23:39 - 2012-07-26 07:26 - 00000292 _____ () C:\windows\win.ini
2014-04-16 18:30 - 2014-04-09 21:18 - 00001064 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-04-16 17:54 - 2014-04-16 17:10 - 00000000 ____D () C:\Users\Shy\AppData\Local\NPE
2014-04-16 17:54 - 2013-10-21 18:10 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\Skype
2014-04-16 17:54 - 2013-06-12 18:43 - 00000000 ____D () C:\Users\Shy\AppData\Roaming\Spotify
2014-04-16 17:17 - 2014-04-16 17:17 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-04-16 17:15 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\NDF
2014-04-16 17:10 - 2012-12-04 05:34 - 00000000 ____D () C:\ProgramData\Norton
2014-04-16 17:07 - 2014-04-16 17:07 - 00000000 ____D () C:\Users\Shy\Documents\Symantec
2014-04-16 17:05 - 2014-04-16 17:05 - 00177752 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2014-04-16 17:05 - 2014-04-16 17:05 - 00008222 _____ () C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2014-04-16 17:05 - 2014-04-16 17:05 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-04-16 17:05 - 2014-04-16 17:05 - 00002389 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-04-16 17:05 - 2014-04-16 17:05 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-04-16 17:05 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-04-16 17:03 - 2013-02-21 18:33 - 00583680 ___SH () C:\Users\Shy\Desktop\Thumbs.db
2014-04-16 17:02 - 2014-04-16 17:02 - 00000000 ____D () C:\windows\system32\Drivers\N360x64
2014-04-16 17:02 - 2014-04-16 17:02 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-04-16 16:50 - 2014-04-16 16:50 - 00000000 ____D () C:\ProgramData\PCSettings
2014-04-16 16:38 - 2014-04-16 03:45 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-16 16:34 - 2013-11-16 11:15 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-04-16 16:33 - 2014-04-16 16:33 - 01021952 _____ (Symantec Corporation) C:\Users\Shy\Downloads\NortonN360Downloader.exe
2014-04-16 16:21 - 2013-06-12 18:45 - 00000000 ____D () C:\Users\Shy\AppData\Local\Spotify
2014-04-16 03:45 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-04-16 03:45 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-04-13 23:37 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-04-13 23:10 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-13 23:10 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-04-11 23:59 - 2013-07-24 07:08 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 23:57 - 2013-01-14 08:45 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-11 23:13 - 2014-04-16 03:44 - 01079839 _____ (AnyProtect.com) C:\Users\Shy\AppData\Local\AnyProtectScannerSetup.exe
2014-04-09 21:34 - 2014-04-09 21:34 - 01070840 _____ (Solid State Networks) C:\Users\Shy\Downloads\install_flashplayer13x32au_mssd_aaa_aih.exe
2014-04-09 21:18 - 2014-04-09 21:18 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-09 21:16 - 2014-01-27 00:05 - 00000174 _____ () C:\Users\Shy\AppData\Roaming\WB.CFG
2014-04-09 21:15 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Shy\AppData\Local\cache
2014-04-03 09:51 - 2014-04-21 22:39 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-21 22:39 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-21 22:39 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-03-31 23:18 - 2014-02-26 23:27 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-02-26 23:27 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-28 22:25 - 2014-03-28 22:25 - 01172776 _____ (AnyProtect.com) C:\Users\Shy\AppData\Local\nsh4CE8.tmp
2014-03-28 09:53 - 2014-03-28 09:53 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-03-28 09:49 - 2014-03-28 09:28 - 00001569 _____ () C:\Users\Public\Desktop\Flyff.lnk
2014-03-28 09:39 - 2014-03-28 09:22 - 1178858003 _____ (Gala Networks Europe Limited ) C:\Users\Shy\Desktop\Flyff_DE_setup.exe
2014-03-28 09:24 - 2014-03-28 09:24 - 00000000 ____D () C:\Program Files\gPotato.eu
2014-03-27 02:21 - 2013-02-22 18:19 - 00004088 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 02:21 - 2013-02-22 18:19 - 00003852 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-27 02:12 - 2014-03-27 02:12 - 00321256 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-25 09:31 - 2014-03-28 09:53 - 05268336 _____ (INCA Internet Co., Ltd.) C:\windows\SysWOW64\GameMon.des
2014-03-24 01:09 - 2012-12-04 05:20 - 00000000 ____D () C:\ProgramData\Hewlett-Packard

Some content of TEMP:
====================
C:\Users\Shy\AppData\Local\Temp\Extract.exe
C:\Users\Shy\AppData\Local\Temp\Quarantine.exe
C:\Users\Shy\AppData\Local\Temp\SP60467.exe
C:\Users\Shy\AppData\Local\Temp\SP61665.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 11:07

==================== End Of Log ============================

--- --- ---

FRST-Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-04-2014 02
Ran by Shy at 2014-04-22 16:25:52
Running from C:\Users\Shy\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Bandizip (HKCU\...\Bandizip) (Version: 3.07 - Bandisoft.com)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
ICQ 8.0 (build 5981, für aktuellen Benutzer) (HKCU\...\ICQ) (Version: 8.0.5981.0 - Mail.Ru)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Grafiktreiber 311.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.41 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.41 (Version: 311.41 - NVIDIA Corporation) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

13-04-2014 07:46:07 Windows Update
16-04-2014 14:39:00 Removed Bonjour
21-04-2014 18:20:36 HPSF Applying updates

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0980E8C7-0085-4C8B-B5BE-AA50F8607490} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {0B8403A4-6237-4633-A95E-C85C18B0D69A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3279BF0D-955F-4B5D-9269-FAA665E24D6D} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {466E6ED5-33F6-41B7-93EE-B36628260189} - \SaveSenseLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {55113738-D1EA-4864-AF3D-19045F664215} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5AAA6364-BF65-44ED-B344-5213E9FD9C7B} - \LaunchApp No Task File <==== ATTENTION
Task: {5B4C96BC-12D6-46E5-9A8E-5EC014DAF866} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {72560691-588B-47DB-960D-15B8C852DE3C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {7EE8A961-26FB-4A23-A8C1-F3411161463C} - \UpdaterEX No Task File <==== ATTENTION
Task: {8BBA5135-A136-4606-A27D-B5C1485DBD56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {8DF25D0A-9650-490C-94FA-39E1A54BB9C2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {945C632A-5BA1-4383-8DD7-7245C6E5C74D} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {A68D5F16-D904-4C7B-830A-E15AAA3AED02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AE577C77-D37A-489B-AB80-8097C3AA2EE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {B577135B-8198-4532-A9F7-EDB2C6D54922} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8262C1E-9E02-4FE4-B207-4AA16D42A1B8} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F15EE7C0-BFA8-4E65-BAB2-CF5DD8C821F6} - System32\Tasks\HPCeeScheduleForShy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForShy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-08-06 23:50 - 2012-08-06 23:50 - 00607744 _____ () C:\windows\system32\spool\DRIVERS\x64\3\JobCapsA.DLL
2013-08-16 10:57 - 2012-12-11 13:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 12:02 - 2012-08-29 12:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-01-12 12:57 - 2013-01-12 12:57 - 00120224 _____ () C:\Users\Shy\AppData\Local\assembly\dl3\EDVMC1YE.5ND\YTH0BKO7.5K1\88588a02\0017145d_cd85cd01\HPItunesModule.DLL
2013-06-10 00:23 - 2011-10-27 21:16 - 00018944 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2013-01-12 16:47 - 2013-01-12 16:47 - 00851456 _____ () C:\Users\Shy\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2013-09-03 22:20 - 2012-04-09 00:40 - 03470848 _____ () C:\Program Files (x86)\ffdshow\ffdshow.ax
2013-08-29 20:44 - 2012-04-09 00:42 - 04427264 _____ () C:\Program Files (x86)\ffdshow\ffmpeg.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 17:50 - 2012-08-10 17:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2012-12-04 05:21 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-21 20:19 - 2013-02-16 02:34 - 03067288 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 8147.36 MB
Available physical RAM: 6244.06 MB
Total Pagefile: 10003.36 MB
Available Pagefile: 7914.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1850.33 GB) (Free:1755.78 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: B67D538B)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 22.04.2014, 19:20

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Lollipop und andere Viren entfernen- Windows8; 64bit

Plagegeister aller Art und deren Bekämpfung: Lollipop und andere Viren entfernen- Windows8; 64bit