Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PC total langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.06.2015, 21:45   #1
littleafrica
 
PC total langsam - Standard

PC total langsam



Hey mein laptop ist plötzlich total langsam....

Alt 20.06.2015, 06:45   #2
schrauber
/// the machine
/// TB-Ausbilder
 

PC total langsam - Standard

PC total langsam



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 20.06.2015, 10:54   #3
littleafrica
 
PC total langsam - Standard

PC total langsam



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Admin (administrator) on GABS-NOTEBOOK on 20-06-2015 11:42:16
Running from C:\Users\Admin\Downloads
Loaded Profiles: Admin (Available Profiles: Gabs & Admin)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
() C:\Windows\PLFSetI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Oberon Media ) C:\Program Files (x86)\GamesBar\update\SearchEngineProtection.exe
(Yontoo LLC) C:\Users\Admin\AppData\Roaming\Yontoo\YontooDesktop.exe
(Smartbar) C:\Users\Admin\AppData\Local\Smartbar\Application\SnapDo.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
(Suyin) C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\plugin-nm-server.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Users\Admin\AppData\Local\Smartbar\Application\Lrcnta.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer) C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-04-09] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9913376 2009-12-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860704 2010-03-17] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [258560 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VideoWebCamera] => C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [1480032 2010-05-03] (Suyin)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-08-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [748736 2014-08-30] ()
HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [922112 2014-07-06] ()
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\Run: [SDP] => C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe [200784 2012-05-31] (Somoto)
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1238528 2014-04-28] (RemoteMouse.net)
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\Run: [SearchEngineProtection] => C:\Program Files (x86)\GamesBar\update\SearchEngineProtection.exe [620480 2013-03-09] (Oberon Media )
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\Run: [Yontoo Desktop] => C:\Users\Admin\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-04-17] (Yontoo LLC)
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Admin\AppData\Local\Smartbar\Application\SnapDo.exe [29728 2014-08-28] (Smartbar)
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [861512 2015-06-05] (Google Inc.)
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\Run: [Cheba] => C:\Users\Admin\AppData\Local\Cheba\Cheba.exe
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\MountPoints2: {ae0ebfa2-93c5-11e1-9459-806e6f6e6963} - D:\Autorun.exe
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Packard Bell.scr [453152 2009-12-24] ()
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll File not found
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2014-07-06]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Gabs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2012-09-06]
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Admin\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-3956717685-86706544-1684571685-1001] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-3956717685-86706544-1684571685-1001] => http=127.0.0.1:49572;https=127.0.0.1:49572
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172&q={searchTerms}
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Chew&co=DE&userid=5a7cacff-293c-41ef-bdc4-47687ec61501&barcodeid=22&installDate=01/01/2014&searchtype=ds&q={searchTerms}
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=Chew&co=DE&userid=5a7cacff-293c-41ef-bdc4-47687ec61501&barcodeid=22&installDate=01/01/2014&searchtype=hp
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=7CF270F1A1BB3FA5&affID=121529&tsp=4947
HKU\S-1-5-21-3956717685-86706544-1684571685-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Chew&co=DE&userid=5a7cacff-293c-41ef-bdc4-47687ec61501&barcodeid=22&installDate=01/01/2014&searchtype=ds&q={searchTerms}
URLSearchHook: HKLM-x32 - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172&q={searchTerms}
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=5a7cacff-293c-41ef-bdc4-47687ec61501&searchtype=ds&q={searchTerms}&installDate=25/04/2013
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3956717685-86706544-1684571685-1001 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Chew&co=DE&userid=5a7cacff-293c-41ef-bdc4-47687ec61501&barcodeid=22&installDate=01/01/2014&searchtype=ds&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3956717685-86706544-1684571685-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3956717685-86706544-1684571685-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Chew&co=DE&userid=5a7cacff-293c-41ef-bdc4-47687ec61501&barcodeid=22&installDate=01/01/2014&searchtype=ds&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3956717685-86706544-1684571685-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=7CF270F1A1BB3FA5&affID=121529&tsp=4947
SearchScopes: HKU\S-1-5-21-3956717685-86706544-1684571685-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3956717685-86706544-1684571685-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3956717685-86706544-1684571685-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=5a7cacff-293c-41ef-bdc4-47687ec61501&searchtype=ds&q={searchTerms}&installDate=25/04/2013
BHO: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll [2009-11-25] (Microsoft Corporation)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll [2013-06-30] ()
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-21] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-30] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: PriceGong - Price Comparison -> {1631550F-191D-4826-B069-D9439253D926} -> C:\Program Files (x86)\PriceGong\2.6.11\PriceGongIE.dll [2013-03-04] (PriceGong)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: GamesBar (W) -> {2e94b700-eafb-4c9e-a696-77200aa3f89b} -> C:\Program Files (x86)\gamesagogo_w3i\encyclopediabritannicagamesbarX.dll [2012-10-17] ()
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-04-16] (RealDownloader)
BHO-x32: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll [2009-11-25] (Microsoft Corporation)
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll [2013-06-30] ()
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Incredibar.com Helper Object -> {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} -> C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-22] (Montera Technologeis LTD)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-21] (Kaspersky Lab ZAO)
BHO-x32: No Name -> {78e516ef-11de-47a1-8364-a99b917ec5ee} ->  No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-30] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04] (SweetIM Technologies Ltd.)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll [2009-11-25] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-30] (Google Inc.)
Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-22] (Montera Technologeis LTD)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04] (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - GamesBar (W) - {2e94b700-eafb-4c9e-a696-77200aa3f89b} - C:\Program Files (x86)\gamesagogo_w3i\encyclopediabritannicagamesbarX.dll [2012-10-17] ()
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll [2009-11-25] (Microsoft Corporation)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-30] (Google Inc.)
Toolbar: HKU\S-1-5-21-3956717685-86706544-1684571685-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-30] (Google Inc.)
Toolbar: HKU\S-1-5-21-3956717685-86706544-1684571685-1001 -> No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKU\S-1-5-21-3956717685-86706544-1684571685-1001 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 80.69.100.110 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1400155537&from=vit&uid=WDCXWD3200BEVT-22A23T0_WD-WXD1A501617216172

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-21] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-21] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-21] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-08-20] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-08-20] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-04-16] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-19] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-09-01]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-20]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-08-27]

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-25]
CHR Extension: (Snap.Do ) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2014-11-25]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-25]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-25]
CHR Extension: (PriceGong) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-25]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-25]
CHR Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-11-25]
CHR Extension: (Delta Toolbar) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2015-01-26]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-25]
CHR Extension: (RealDownloader) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-01-26]
CHR Extension: (Fun Media Bar V10) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokhogohoamdhejdbenjbjkhjmjlggab [2014-11-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-19]
CHR Extension: (Skype Click to Call) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-25]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-25]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-01]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Admin\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKU\S-1-5-21-3956717685-86706544-1684571685-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Admin\AppData\Local\Smartbar/Application\1Extension.crx [2013-04-09]
CHR HKU\S-1-5-21-3956717685-86706544-1684571685-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iokhogohoamdhejdbenjbjkhjmjlggab] - C:\Users\Admin\AppData\Local\CRE\iokhogohoamdhejdbenjbjkhjmjlggab.crx [2013-11-18]
CHR HKU\S-1-5-21-3956717685-86706544-1684571685-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Admin\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.11\pricegong.crx [2013-03-04]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-01]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Admin\AppData\Roaming\BabSolution\CR\Delta.crx [2013-04-21]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [iokhogohoamdhejdbenjbjkhjmjlggab] - C:\Users\Admin\AppData\Local\CRE\iokhogohoamdhejdbenjbjkhjmjlggab.crx [2013-11-18]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Admin\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53320 2014-11-13] (Just Develop It) <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [866336 2010-03-17] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2013-01-31] (Freemake) [File not signed]
S3 GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [238328 2009-10-10] (WildTangent, Inc.)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-08-07] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 Yontoo Desktop Updater; C:\Users\Admin\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-04-17] (Yontoo LLC)
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-21] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-21] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-20 11:42 - 2015-06-20 11:47 - 00039181 _____ C:\Users\Admin\Downloads\FRST.txt
2015-06-20 11:42 - 2015-06-20 11:42 - 00000000 ____D C:\FRST
2015-06-20 11:40 - 2015-06-20 11:40 - 02109952 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2015-06-20 11:33 - 2015-06-20 11:33 - 00003350 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3956717685-86706544-1684571685-1001
2015-06-20 11:33 - 2015-06-20 11:33 - 00003216 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3956717685-86706544-1684571685-1001
2015-06-20 03:34 - 2015-06-20 03:34 - 00000000 ____D C:\Windows\system32\SPReview
2015-06-19 23:22 - 2015-05-22 18:47 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-19 23:22 - 2015-05-22 18:47 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-19 23:22 - 2015-05-22 18:47 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-19 23:22 - 2015-05-22 18:47 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-19 23:22 - 2015-05-22 18:47 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-19 23:22 - 2015-05-22 18:47 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-19 23:22 - 2015-05-22 18:42 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-19 23:22 - 2015-05-21 15:12 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-19 23:21 - 2015-03-19 05:07 - 05503416 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-19 23:21 - 2015-03-19 04:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-19 23:21 - 2015-03-19 04:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-19 21:57 - 2015-06-19 21:57 - 00262144 ____N C:\Windows\Minidump\061915-26785-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-20 11:44 - 2013-12-23 13:44 - 00000292 _____ C:\Windows\Tasks\MySearchDial.job
2015-06-20 11:43 - 2012-05-01 21:45 - 01818114 _____ C:\Windows\WindowsUpdate.log
2015-06-20 11:43 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-20 11:43 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-20 11:41 - 2012-09-06 14:36 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3956717685-86706544-1684571685-1000UA.job
2015-06-20 11:37 - 2012-05-02 07:32 - 00697082 _____ C:\Windows\system32\perfh007.dat
2015-06-20 11:37 - 2012-05-02 07:32 - 00148346 _____ C:\Windows\system32\perfc007.dat
2015-06-20 11:37 - 2009-07-14 07:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-20 11:34 - 2012-05-05 18:51 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2015-06-20 11:33 - 2014-08-27 08:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-20 11:32 - 2012-05-01 22:11 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-20 11:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-20 11:31 - 2009-07-14 06:51 - 00087626 _____ C:\Windows\setupact.log
2015-06-20 11:17 - 2012-05-01 22:11 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-20 10:49 - 2012-05-06 18:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-20 10:33 - 2013-04-25 18:31 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Yontoo
2015-06-20 10:12 - 2014-08-27 10:24 - 00262144 _____ C:\Windows\system32\config\elam
2015-06-20 10:11 - 2013-12-23 19:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\newnext.me
2015-06-20 10:11 - 2013-12-23 19:50 - 00000000 ____D C:\Users\Admin\AppData\Local\genienext
2015-06-20 10:09 - 2015-03-30 11:05 - 00000000 ____D C:\Users\Admin\AppData\Local\Cheba
2015-06-20 10:09 - 2013-03-09 08:57 - 00000000 ____D C:\Program Files (x86)\File Type Assistant
2015-06-20 04:21 - 2013-03-18 17:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-20 04:21 - 2010-04-26 07:29 - 00265870 _____ C:\Windows\PFRO.log
2015-06-20 04:21 - 2010-04-26 07:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-20 04:20 - 2014-12-14 20:29 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-20 04:20 - 2014-08-27 12:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-20 03:49 - 2010-04-26 07:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-20 03:40 - 2012-05-05 14:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-20 03:40 - 2012-05-05 14:32 - 00000000 ____D C:\ProgramData\Skype
2015-06-20 03:30 - 2013-07-23 11:21 - 00000000 ____D C:\Windows\system32\MRT
2015-06-20 03:07 - 2013-03-22 04:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-19 23:04 - 2014-09-14 18:16 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-19 22:51 - 2012-05-06 18:04 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-19 22:51 - 2012-05-06 18:04 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 22:51 - 2012-05-06 18:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-19 22:05 - 2012-05-01 22:11 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-19 22:05 - 2012-05-01 22:11 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-19 21:57 - 2012-05-02 12:21 - 00000000 ____D C:\Windows\Minidump
2015-05-27 00:04 - 2012-05-06 10:13 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-07-06 17:45 - 2015-03-30 11:04 - 0000110 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG
2013-12-23 13:43 - 2013-12-23 13:41 - 0351124 _____ () C:\Users\Admin\AppData\Local\mysearchdial-speeddial.crx
2013-04-27 22:32 - 2013-04-27 22:32 - 0004914 _____ () C:\ProgramData\bzoyeojg.eew

Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\-ajqzscf.dll
C:\Users\Admin\AppData\Local\Temp\-gvqwqem.dll
C:\Users\Admin\AppData\Local\Temp\1einbv1v.dll
C:\Users\Admin\AppData\Local\Temp\4yibm1g_.dll
C:\Users\Admin\AppData\Local\Temp\7.2.20.2-EasyShrx.Dll
C:\Users\Admin\AppData\Local\Temp\7z920.exe
C:\Users\Admin\AppData\Local\Temp\9ekmgned.dll
C:\Users\Admin\AppData\Local\Temp\aff_setup.exe
C:\Users\Admin\AppData\Local\Temp\asiloapv.dll
C:\Users\Admin\AppData\Local\Temp\AskSLib.dll
C:\Users\Admin\AppData\Local\Temp\AutoRun.exe
C:\Users\Admin\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\b00bInstaller.exe
C:\Users\Admin\AppData\Local\Temp\bl-yczwt.dll
C:\Users\Admin\AppData\Local\Temp\botyxfuu.dll
C:\Users\Admin\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Admin\AppData\Local\Temp\CloudBackup7980.exe
C:\Users\Admin\AppData\Local\Temp\comver.dll
C:\Users\Admin\AppData\Local\Temp\dyabb0pj.dll
C:\Users\Admin\AppData\Local\Temp\e-yawim2.dll
C:\Users\Admin\AppData\Local\Temp\EAInstall.dll
C:\Users\Admin\AppData\Local\Temp\eepdqzbl.dll
C:\Users\Admin\AppData\Local\Temp\etj6zecx.dll
C:\Users\Admin\AppData\Local\Temp\fdtpyztr.dll
C:\Users\Admin\AppData\Local\Temp\ffm5oihk.dll
C:\Users\Admin\AppData\Local\Temp\FreemakeVideoConverter_3.2.1.5.exe
C:\Users\Admin\AppData\Local\Temp\hu63fkku.dll
C:\Users\Admin\AppData\Local\Temp\h_mq2ve7.dll
C:\Users\Admin\AppData\Local\Temp\i1ajlgxu.dll
C:\Users\Admin\AppData\Local\Temp\ifu-nkb1.dll
C:\Users\Admin\AppData\Local\Temp\incredibar_installer.exe
C:\Users\Admin\AppData\Local\Temp\instloffer.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMPwlsetup-all.exe
C:\Users\Admin\AppData\Local\Temp\jkv2sfor.dll
C:\Users\Admin\AppData\Local\Temp\k8sxwd5j.dll
C:\Users\Admin\AppData\Local\Temp\lowproc.exe
C:\Users\Admin\AppData\Local\Temp\lwymso-9.dll
C:\Users\Admin\AppData\Local\Temp\ma-hjzxl.dll
C:\Users\Admin\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\Admin\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Admin\AppData\Local\Temp\m_itlfgc.dll
C:\Users\Admin\AppData\Local\Temp\okfmsifr.dll
C:\Users\Admin\AppData\Local\Temp\okmst98m.dll
C:\Users\Admin\AppData\Local\Temp\ose00000.exe
C:\Users\Admin\AppData\Local\Temp\pm.exe
C:\Users\Admin\AppData\Local\Temp\qtwf_bdy.dll
C:\Users\Admin\AppData\Local\Temp\rzqeorz1.dll
C:\Users\Admin\AppData\Local\Temp\sdpupdater.exe
C:\Users\Admin\AppData\Local\Temp\Shortcut_SweetIM_2.exe
C:\Users\Admin\AppData\Local\Temp\Shortcut_WinRARSDM.exe
C:\Users\Admin\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Admin\AppData\Local\Temp\smpvamoy.dll
C:\Users\Admin\AppData\Local\Temp\stubhelper.dll
C:\Users\Admin\AppData\Local\Temp\SymInstallStub.exe
C:\Users\Admin\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Admin\AppData\Local\Temp\tbedrs.dll
C:\Users\Admin\AppData\Local\Temp\TB_4F67.exe
C:\Users\Admin\AppData\Local\Temp\t_7kvffv.dll
C:\Users\Admin\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Admin\AppData\Local\Temp\vb9wpug_.dll
C:\Users\Admin\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Admin\AppData\Local\Temp\WhiteLabelSetup.exe
C:\Users\Admin\AppData\Local\Temp\wlsetup-all.exe
C:\Users\Admin\AppData\Local\Temp\wnubi8uf.dll
C:\Users\Admin\AppData\Local\Temp\xqh9lxxc.dll
C:\Users\Admin\AppData\Local\Temp\zl0-meke.dll
C:\Users\Admin\AppData\Local\Temp\zr594xev.dll
C:\Users\Admin\AppData\Local\Temp\zvoc99w6.dll
C:\Users\Admin\AppData\Local\Temp\_cygutuj.dll
C:\Users\Admin\AppData\Local\Temp\_hdhz_fp.dll
C:\Users\Gabs\AppData\Local\Temp\0vjky_vf.dll
C:\Users\Gabs\AppData\Local\Temp\AskSLib.dll
C:\Users\Gabs\AppData\Local\Temp\avgnt.exe
C:\Users\Gabs\AppData\Local\Temp\azfsnbs5.dll
C:\Users\Gabs\AppData\Local\Temp\CmdLineExt.dll
C:\Users\Gabs\AppData\Local\Temp\drm_dyndata_7300015.dll
C:\Users\Gabs\AppData\Local\Temp\RDtemp.exe
C:\Users\Gabs\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-16 13:29

==================== End of log ============================
         
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Admin at 2015-06-20 11:49:02
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-3956717685-86706544-1684571685-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3956717685-86706544-1684571685-500 - Administrator - Disabled)
Gabs (S-1-5-21-3956717685-86706544-1684571685-1000 - Limited - Enabled) => C:\Users\Gabs
Gast (S-1-5-21-3956717685-86706544-1684571685-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}) (Version: 3.0.758.0 - ATI Technologies, Inc.)
AVS Audio Editor 7.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bob the Builder Can-Do-Zoo (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.04 - Broadcom Corporation)
BrowserSafeguard with RocketTab (HKLM-x32\...\BrowserSafeguard) (Version:  - BrowserSafeguard with RocketTab)
Build-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
ccc-core-static (x32 Version: 2010.0122.858.16002 - Ihr Firmenname) Hidden
Chicken Invaders 3 - Revenge of the Yolk (x32 Version: 2.2.0.82 - WildTangent) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta) <==== ATTENTION
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version: 2014.5.6.0 - )
FileConverter 1.3 Toolbar (HKLM-x32\...\FileConverter_1.3 Toolbar) (Version: 6.9.0.16 - FileConverter 1.3)
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version:  - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Freemake Video Converter Version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
GamesBar (W) (HKLM-x32\...\gamesagogo_w3i) (Version: 3.2.0.36 - Visicom Media inc.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Incredibar Toolbar  on IE (HKLM-x32\...\incredibar) (Version:  - ) <==== ATTENTION
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Installer (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM-x32\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.)
iTunes (HKLM\...\{427174C0-096E-40D9-9684-9C109BEE2CBF}) (Version: 11.0.5.5 - Apple Inc.)
jahPlayer (HKLM-x32\...\jahPlayer) (Version:  - )
Jahshaka (HKLM-x32\...\Jahshaka) (Version:  - )
Jewel Quest (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.8 - Packard Bell)
Mahjongg Artifacts (x32 Version: 2.2.0.82 - WildTangent) Hidden
Metaboli (HKLM-x32\...\Metaboli) (Version: 1.00.0008 - Packard Bell)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
msxml4 (HKLM-x32\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd)
Mysearchdial (HKLM-x32\...\mysearchdial) (Version:  - Mysearchdial)
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version:  - )
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1108 - Electronic Arts)
Nero 9 Essentials (HKLM-x32\...\{707bfad4-e437-40ed-9c9c-32dbc1d89a23}) (Version:  - Nero AG)
OpenLibraries (HKLM-x32\...\OpenLibraries) (Version:  - )
Packard Bell Game Console (x32 Version:  - WildTangent) Hidden
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.0.80 - WildTangent)
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3003 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3002 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0414.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 1.0.1517 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 1.0.1517 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Packard Bell)
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Pool (x32 Version: 2.2.0.82 - WildTangent) Hidden
PriceGong 2.6.11 (HKLM-x32\...\PriceGong) (Version: 2.6.11 - PriceGong)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Race Driver 2 (HKLM-x32\...\InstallShield_{D474A0E8-4421-43C0-BE8E-F454F91E2E2A}) (Version: 1.01.0000 - Codemasters)
Race Driver 2 (x32 Version: 1.01.0000 - Codemasters) Hidden
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6015 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30118 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SILKYPIX Developer Studio 3.0 LE (HKLM-x32\...\InstallShield_{7F3487F5-E4FA-4A28-8196-6C9F785BC638}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.0 LE (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Snap.Do (HKLM-x32\...\{D2C05307-0683-4E57-BE95-65F46B65FF7B}) (Version: 1.6.1.830 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKU\S-1-5-21-3956717685-86706544-1684571685-1001\...\{50a829e7-55a2-4960-b6a6-1a1bda15247e}) (Version: 1.6.1.830 - ReSoft Ltd.) <==== ATTENTION
Superstars® V8 Racing (x32 Version: 1.00.0000 - Black Bean Games) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Test Drive Unlimited (HKLM-x32\...\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}) (Version: 0.10.0000 - Ihr Firmenname)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.4 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.)
Video Web Camera (HKLM-x32\...\{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}) (Version: 0.5.35.1 - SuYin)
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - A New Home (x32 Version: 2.2.0.82 - WildTangent) Hidden
Web Assistant 2.0.0.604 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.604 - IncrediBar)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.01.3002 - Packard Bell)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WPM18.8.0.304 (HKLM-x32\...\WPM) (Version: 18.8.0.304 - Cherished Technololgy LIMITED) <==== ATTENTION
Yahtzee (x32 Version: 2.2.0.82 - WildTangent) Hidden
Yontoo 2.052 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 2.052 - Yontoo LLC)
Zipper (HKLM-x32\...\{40B325F7-2A46-41E0-BE2F-23C19F7F101E}) (Version: 1.0.3 - Tuguu SL) <==== ATTENTION
Zuma Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

25-01-2015 14:02:30 Windows 7 Service Pack 1
25-01-2015 15:16:56 Windows-Sicherung
25-01-2015 23:28:21 Windows Update
26-01-2015 14:44:03 Windows Modules Installer
30-03-2015 11:06:59 Windows Update
30-03-2015 13:26:35 Windows Update
19-06-2015 22:10:46 Windows-Sicherung
19-06-2015 23:15:44 Windows Update
20-06-2015 03:01:14 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07CE1556-FC46-47F5-9797-D8667F42F0A6} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3956717685-86706544-1684571685-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {09053300-F93F-4093-A538-9904B83244B6} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3956717685-86706544-1684571685-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {13CF6C3C-9001-4610-B6E8-C5E9D0782A53} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2014-05-06] (FTA ApS) <==== ATTENTION
Task: {1EA52FC6-F185-4CD3-98E6-D641D9E2B5EA} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3956717685-86706544-1684571685-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {247827FF-739E-4C5E-94EB-369AC49C412F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3956717685-86706544-1684571685-1000UA => C:\Users\Gabs\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-06] (Facebook Inc.)
Task: {2D699C13-7373-49B7-9205-58E072D9729A} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3956717685-86706544-1684571685-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {5FAB117C-6CC6-4C55-8763-396336306CC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {6627FB45-275B-405A-AF82-12110C56CC61} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files (x86)\File Type Assistant\tsasetup.exe [2014-05-16] (                                                            ) <==== ATTENTION
Task: {668AF371-A208-4FC5-8C4F-C4D96D835D5D} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files (x86)\real\realplayer\Update\realsched.exe [2013-08-20] (RealNetworks, Inc.)
Task: {7384F0E1-318E-4742-968D-83C9AD4583DB} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3956717685-86706544-1684571685-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {7407CA3B-938A-48B3-A6E1-2C1777A7EBD9} - \BrowserSafeguard Update Task No Task File <==== ATTENTION
Task: {79643962-2282-45F4-B1FB-97450D84A55C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3956717685-86706544-1684571685-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {7975649A-F4DE-4EA8-9214-181D473296CA} - \MySearchDial No Task File <==== ATTENTION
Task: {8DD0992F-6F14-49DE-85AC-2D9B035A173C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3956717685-86706544-1684571685-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {94992103-1C4A-4E0E-9D98-D86DCCD77367} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {9603EE9C-35D2-4951-A09A-B0AC3ED8EF71} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3956717685-86706544-1684571685-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {968C9D9B-BBA8-4C03-AA00-F3ECB056CCB7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-09-19] (TuneUp Software)
Task: {A2230EEC-4523-4F48-AB1D-4947F16EED48} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3956717685-86706544-1684571685-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {A35B1388-9896-48D4-A993-4A21A9859D8C} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2010-03-26] (Acer)
Task: {A4AFCAA8-8D15-44A6-8FA7-B89C42A6D19F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3956717685-86706544-1684571685-1000Core => C:\Users\Gabs\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-06] (Facebook Inc.)
Task: {A8815683-0692-4899-AA2D-511119CF4149} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3956717685-86706544-1684571685-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {B3A5FB9B-3D43-4233-A361-0E76BDA3EDB1} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3956717685-86706544-1684571685-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {B62299D1-6C84-4A09-BE86-B93A42EA2B79} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3956717685-86706544-1684571685-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {B9BDF7FA-E240-4D42-85B0-B4038CE17209} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3956717685-86706544-1684571685-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {C0374A32-1D6D-4DB7-9E5C-8CC877C2102E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-04-05] (Apple Inc.)
Task: {CCE02ECA-A125-4879-A926-8C9AE63F1D6A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-19] (Adobe Systems Incorporated)
Task: {D5255CC6-8E06-46F1-8B80-B429515D0BDE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3956717685-86706544-1684571685-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {DBC4EB62-FFF3-4E02-B99F-369BCD80DB81} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {E3AA3AD0-99A6-4528-A629-B8E0C405D95E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3956717685-86706544-1684571685-1000Core.job => C:\Users\Gabs\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3956717685-86706544-1684571685-1000UA.job => C:\Users\Gabs\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\Admin\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2012-08-07 21:57 - 2012-08-07 22:20 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-04-16 03:07 - 2013-04-16 03:07 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2012-05-01 22:35 - 2010-04-09 09:49 - 00206208 _____ () C:\Windows\PLFSetI.exe
2014-11-13 11:59 - 2014-11-13 11:58 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-11-13 11:59 - 2014-11-13 11:57 - 00060928 _____ () C:\Program Files (x86)\MyPC Backup\LinqBridge.dll
2014-11-13 11:59 - 2014-11-13 11:57 - 00270336 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
2013-12-23 13:53 - 2014-08-30 12:36 - 00748736 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2015-06-19 23:03 - 2015-06-05 21:20 - 01670472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-19 23:03 - 2015-06-05 21:20 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2014-07-06 17:46 - 2014-07-06 17:46 - 00922112 _____ () C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
2014-08-28 23:49 - 2014-08-28 23:49 - 00025120 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Lrcnta.exe
2010-01-07 14:42 - 2010-01-07 14:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-05-01 21:46 - 2012-05-01 21:46 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-04-26 07:20 - 2010-03-26 23:49 - 00136520 _____ () C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\MSBurningEngine.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2010-03-09 02:18 - 2010-03-09 02:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
2010-03-09 02:13 - 2010-03-09 02:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\ACE.dll
2010-04-26 06:55 - 2009-12-24 02:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-07-06 17:40 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2013-08-20 12:39 - 2015-06-20 11:33 - 00013600 _____ () C:\Users\Admin\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 00052256 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00087584 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\srau.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00167456 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 02426912 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00068640 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\spbl.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00160288 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 00015904 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\siem.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00069152 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\sppsm.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 00698400 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 00016416 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 00080416 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00028704 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00071712 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\srut.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00030752 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\srsbs.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00067104 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00152096 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\smti.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00075296 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\smsp.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 00011808 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\sidc.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00032288 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\smtu.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00040480 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\smta.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00032800 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\srom.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 00025632 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\sgml.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00063520 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00049184 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\srbu.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00026656 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\srpdm.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 00045088 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-08-28 23:48 - 2014-08-28 23:48 - 00026656 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00036896 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 00194592 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\sgmu.dll
2014-05-12 03:46 - 2014-05-12 03:46 - 00061440 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-08-28 23:50 - 2014-08-28 23:50 - 00257056 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\srns.dll
2012-05-01 22:34 - 2010-05-03 15:15 - 00046328 _____ () C:\Program Files (x86)\VideoWebCamera\sy_Utility.dll
2012-05-01 22:34 - 2010-05-03 15:15 - 00038136 _____ () C:\Program Files (x86)\VideoWebCamera\VWC_ENG.dll
2010-04-26 07:37 - 2009-05-20 08:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2014-02-07 16:52 - 2014-08-30 12:36 - 00065728 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-02-07 16:52 - 2014-08-30 12:36 - 00474816 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2014-08-28 23:49 - 2014-08-28 23:49 - 00034848 _____ () C:\Users\Admin\AppData\Local\Smartbar\Application\lrcnt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3956717685-86706544-1684571685-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 80.69.100.110 - 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{652B1EF8-0240-4C36-A487-17F6B534C0CA}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{BC24F05A-3376-4F26-A9E2-4FEBE5915798}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{EB72079A-40DD-4C1C-AF79-4E4E49F7F7B6}] => (Allow) svchost.exe
FirewallRules: [{AB37C7D3-2A7D-46AD-990E-90540F7BEFE9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A8078759-0F51-4EB0-8F67-516EE047E6D0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{77BB70E5-27F5-4826-B034-D066EA8A7ADF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FED9361F-EFFB-4CCC-ABB2-56A1FBAEA383}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C57D266E-F986-48EF-870C-2B1AC3A2DB62}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E75C4E10-F09D-4E4B-A00C-69C17DF11772}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{4E5E97DC-38E4-4D13-B3C8-7449D5B97811}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe] => (Block) C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe
FirewallRules: [UDP Query User{E04FFDE3-56C9-4180-8F8B-83E7F618F8A7}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe] => (Block) C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe
FirewallRules: [TCP Query User{A21F705D-20D3-4A8A-85F1-83A98C250B7A}C:\program files (x86)\electronic arts\need for speed carbon\nfsc.exe] => (Block) C:\program files (x86)\electronic arts\need for speed carbon\nfsc.exe
FirewallRules: [UDP Query User{753137E6-723A-49A4-9658-6B1ABC8E6430}C:\program files (x86)\electronic arts\need for speed carbon\nfsc.exe] => (Block) C:\program files (x86)\electronic arts\need for speed carbon\nfsc.exe
FirewallRules: [TCP Query User{030E47AC-E240-4040-81EE-C66B94431BBE}C:\program files (x86)\gamespy\comrade\comrade.exe] => (Block) C:\program files (x86)\gamespy\comrade\comrade.exe
FirewallRules: [UDP Query User{CAF2DAA8-ED06-4E42-9F09-A1ED5F7E2C2D}C:\program files (x86)\gamespy\comrade\comrade.exe] => (Block) C:\program files (x86)\gamespy\comrade\comrade.exe
FirewallRules: [{CC3B5D29-1077-4E44-8EC1-4F7476496AB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D463D210-01E6-47F7-AF10-A53018DE0110}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3DB1840F-677B-4ED3-87AE-2D6AC9A9C7DD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CC624BF8-7051-4828-B721-AABEC17CE5A8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{B32E7768-4BBA-4F26-B3E4-611626EFD980}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{247A7462-174E-498C-9479-9038ED2ED985}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [TCP Query User{C002B67F-B095-4C3B-811A-8E85B1B28C74}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{CCAB8BE3-6477-4464-9F34-6F0263D108AB}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{3BC63F3E-08E6-428F-8699-DC059AE4172F}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{B60EA9B3-1E0B-4F2B-B275-023F3A8C5472}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{B20B3FE5-7AFC-4451-9BA0-C57F34B9FE2C}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{4E7C7F73-6327-4E7D-9B62-2FB976063C3C}] => (Allow) C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{A29B8B87-6877-47FB-B6B4-2F1D4CFB8F66}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{B3D53D50-A64E-48C0-9685-7A851D037E05}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Block) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{EF3B5DAA-7542-41C4-BD4D-72AF7485E24A}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{BBC1F915-4655-4A05-806C-2D8CCBFD77CD}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{5F07BEDC-B7F2-4B4B-987C-C30A8FCEE4B3}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{97117DA0-E1A7-4617-AACB-E627F7A893DD}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{303BA42B-6839-41B3-A1F3-04CAB6904DB7}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [UDP Query User{7CCD4120-8752-49C0-B7E4-137438659990}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [{CE642108-70EC-4D24-9628-1826BB2B3DA8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6AA55024-AAC3-4C95-BB28-26F4ACD6AEC2}] => (Allow) LPort=2869
FirewallRules: [{F47DA4B2-BB14-459E-A244-9326CEA5717A}] => (Allow) LPort=1900
FirewallRules: [{30C495D3-0D76-4BA2-9C92-416D076D476A}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{667B1BF6-2D25-4101-8A9E-351F9B3585AD}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{A2B67BCD-86CB-42C5-B8AB-5A1A86A354C9}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
FirewallRules: [{E86224D3-1891-469A-BF9C-C89E9BDAA734}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
FirewallRules: [{E81A6428-A9A4-4894-85D3-0E2269BCB7DB}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
FirewallRules: [{A475ECBB-4C5F-4BA8-AF22-BF2BC9161F54}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
FirewallRules: [{6B9A27DF-7D69-4576-A362-A86E7110D8D8}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{5EC08A4F-732B-4691-AB05-B322D3111378}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/20/2015 03:44:50 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (01/27/2015 11:13:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (01/27/2015 11:13:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021

Error: (01/27/2015 11:13:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2015 11:13:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2465

Error: (01/27/2015 11:13:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2465

Error: (01/27/2015 11:13:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2015 11:13:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43208003

Error: (01/27/2015 11:13:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43208003

Error: (01/27/2015 11:13:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/20/2015 11:41:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (06/20/2015 11:33:23 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (06/20/2015 11:32:10 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (06/20/2015 11:31:08 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.

Error: (06/20/2015 11:31:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (06/20/2015 11:30:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde mit folgendem Fehler beendet: 
%%5

Error: (06/20/2015 10:35:42 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.

Error: (06/20/2015 10:35:40 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (06/20/2015 10:33:54 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (06/20/2015 10:22:42 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.


Microsoft Office:
=========================
Error: (06/20/2015 03:44:50 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog

Error: (01/27/2015 11:13:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (01/27/2015 11:13:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021

Error: (01/27/2015 11:13:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2015 11:13:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2465

Error: (01/27/2015 11:13:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2465

Error: (01/27/2015 11:13:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2015 11:13:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43208003

Error: (01/27/2015 11:13:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43208003

Error: (01/27/2015 11:13:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
Percentage of memory in use: 62%
Total physical RAM: 3958.71 MB
Available physical RAM: 1468.63 MB
Total Pagefile: 7915.57 MB
Available Pagefile: 5045.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:283.99 GB) (Free:94.12 GB) NTFS
Drive d: (NFSCARBON) (CDROM) (Total:3.95 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: E7280A90)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---
__________________

Alt 21.06.2015, 08:23   #4
schrauber
/// the machine
/// TB-Ausbilder
 

PC total langsam - Standard

PC total langsam



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Delta Chrome Toolbar

    Delta toolbar

    Incredibar Toolbar on IE

    Installer

    Mobogenie

    Snap.Do

    Snap.Do Engine

    WPM18.8.0.304

    Zipper


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu PC total langsam
langsam, laptop, plötzlich, total



Ähnliche Themen: PC total langsam


  1. Laptop total langsam
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (11)
  2. Windows 7 total langsam
    Plagegeister aller Art und deren Bekämpfung - 20.11.2013 (1)
  3. Internet total langsam
    Plagegeister aller Art und deren Bekämpfung - 11.07.2013 (69)
  4. [doppelt] Sound Total Verzerrt, MBAM 25 Funde, Pc total Langsam
    Mülltonne - 02.01.2012 (0)
  5. computer total langsam
    Log-Analyse und Auswertung - 04.02.2011 (8)
  6. Computer Total Langsam
    Plagegeister aller Art und deren Bekämpfung - 20.12.2010 (3)
  7. HiJackThis Log, PC total langsam
    Log-Analyse und Auswertung - 28.07.2010 (5)
  8. PC total langsam, CPU ausgelastet! Was tun?
    Log-Analyse und Auswertung - 18.06.2010 (35)
  9. PC reagiert total langsam
    Plagegeister aller Art und deren Bekämpfung - 07.04.2010 (7)
  10. Firefox is total langsam
    Log-Analyse und Auswertung - 23.02.2009 (4)
  11. Rechner total langsam
    Mülltonne - 23.06.2008 (0)
  12. Laptop total langsam
    Log-Analyse und Auswertung - 28.01.2008 (1)
  13. PC ist total langsam
    Plagegeister aller Art und deren Bekämpfung - 24.07.2007 (2)
  14. dsl total langsam
    Log-Analyse und Auswertung - 05.04.2007 (3)
  15. Browser total langsam
    Log-Analyse und Auswertung - 15.05.2006 (21)
  16. PC startet total langsam....
    Alles rund um Windows - 12.04.2006 (3)
  17. Mein Pc spinnt total und mein Internet ist total langsam,bitte um hilfe!
    Log-Analyse und Auswertung - 23.01.2005 (2)

Zum Thema PC total langsam - Hey mein laptop ist plötzlich total langsam.... - PC total langsam...
Archiv
Du betrachtest: PC total langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.