Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Sicherheitswarnung zu meinem Internetzugang durch die Telekom (https://www.trojaner-board.de/162833-sicherheitswarnung-meinem-internetzugang-telekom.html)

schrauber 20.01.2015 12:02
können wir hier machen. Poste einfach FRST Logs von dem Rechner :)

Sumsum 20.01.2015 12:55
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Nick at 2015-01-19 21:48:56
Running from C:\Users\Nick\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3009 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
AVG 2015 (Version: 15.0.4253 - AVG Technologies) Hidden
Bad Piggies (HKLM-x32\...\{32941438-AD79-4EF4-B7E4-86039E41B4D3}) (Version: 1.0.0 - Rovio)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.19.331.104.16 - Infernum Productions AG)
BrowseStudio (HKLM\...\BrowseStudio) (Version: 2014.11.27.132145 - BrowseStudio) <==== ATTENTION!
CinPlus-1.0cV15.12 (HKLM-x32\...\CinPlus-1.0cV15.12) (Version: 1.35.11.26 - Cinema Plus1.0V15.12) <==== ATTENTION
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DeallsFiNdeRRPro (HKLM-x32\...\{779D1843-0043-65D2-D781-8614F17B6222}) (Version:  - DealsFinderPro) <==== ATTENTION
DissccountLocator (HKLM-x32\...\{194FED75-9C74-BDB7-53F8-8CFFEF1AFEC9}) (Version:  - DiscountLocator) <==== ATTENTION
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
FineDealSSoft (HKLM-x32\...\{0D566ABB-889B-AF39-7B6A-23D4C5D54542}) (Version:  - finedeal) <==== ATTENTION
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Pokki) (Version: 0.269.5.367 - Pokki)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 7.48.4.1 - Iminent) <==== ATTENTION
IminentToolbar (HKLM-x32\...\IminentToolbar) (Version: 7.48.4.1 - Iminent) <==== ATTENTION
InetStat (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\InetStat) (Version: 0.5b - InetStat) <==== ATTENTION!
Infigo (HKLM-x32\...\Infigo) (Version: 1.26.0.4 - MAVIN LOG, S.L.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version:  - BullPoint) <==== ATTENTION
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LEGO® Harry Potter™: Die Jahre 5-7 (HKLM-x32\...\{5C5A944F-096E-4ADD-B8E8-887F18BA6228}) (Version: 1.0.0.0 - WB Games)
leisss2pay (HKLM-x32\...\{82B558C7-2A69-D3D5-B65A-DCAB3B65AD02}) (Version:  - "") <==== ATTENTION
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
MyBestOffersToday 014.2 (HKLM-x32\...\rec_de_2_is1) (Version:  - MYBESTOFFERSTODAY) <==== ATTENTION
MyBestOffersToday 014.349 (HKLM-x32\...\mbot_de_349_is1) (Version:  - MYBESTOFFERSTODAY) <==== ATTENTION
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ATTENTION
NVIDIA Grafiktreiber 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OnlineLowDeals (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - OnlineLowDeals) <==== ATTENTION
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Pokki) (Version: 0.269.2.471 - Pokki)
Pokki Start Menu (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
RocketTab (HKLM-x32\...\RocketTab) (Version:  - RocketTab) <==== ATTENTION!
shopndorop (HKLM-x32\...\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}) (Version:  - "") <==== ATTENTION
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
speed browser (HKLM-x32\...\speed browser) (Version: 38.0.2125.19 - Smart Applications)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
StormWatch (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\StormWatch) (Version: 1.0.1.36 - StormWatch) <==== ATTENTION!
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
TheBestDeals (HKLM-x32\...\CAA771ED-22B1-BE22-7F3A-E8C5B78FCE10) (Version:  - TheBestDeals-software) <==== ATTENTION
topdeall (HKLM-x32\...\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}) (Version:  - "")
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wajam (HKLM-x32\...\WaInterEnhance) (Version: 2.21.2.31 (i2.6) - WaInterEnhance) <==== ATTENTION
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
Word Proser 1.10.0.1 (HKLM-x32\...\WordProser_1.10.0.1) (Version: 1.10.0.1 - Word Proser) <==== ATTENTION
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
WowCoupon (HKLM-x32\...\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}) (Version:  - WowCoupon) <==== ATTENTION
WSE_Vosteran (HKLM-x32\...\WSE_Vosteran) (Version:  - WSE_Vosteran) <==== ATTENTION!
Yahoo! Search (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Yahoo! Search) (Version:  - Pay-By-Ads) <==== ATTENTION
Zombie News (HKLM-x32\...\ZombieNews) (Version: 2.7.50 - Time Lapse Solutions)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4218249386-1005423115-940720447-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

17-01-2015 19:13:19 Wiederherstellungsvorgang

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {157DFB64-8E92-4028-89EE-1B2BD7BEA267} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-1 => C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-codedownloader.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {1ABC0DA7-CAE0-43AD-A1C3-DFD454A399FA} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5_user => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-5.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {2923779E-6EEB-48BE-A74D-8C074541E151} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {2AB72FC6-011F-42C0-A9AA-49D9CC180908} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-15] (globalUpdate) <==== ATTENTION
Task: {2DD51A4D-E0E3-4018-B0EB-D0EC10FA45C5} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe [2014-12-18] () <==== ATTENTION
Task: {33FE2C70-9111-4C75-AD5E-85C335A22F27} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-11 => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-11.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {4621F24C-2B09-4415-A9B5-59E80B23B1ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {48EB1898-CD3C-4E66-AB1A-2BDED249C2C3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-18] (Microsoft Corporation)
Task: {4E62FED3-787C-439E-97F6-62F4081149E0} - System32\Tasks\WSE_Vosteran => C:\Users\Nick\AppData\Roaming\WSE_Vosteran\UpdateProc\UpdateTask.exe [2014-11-27] () <==== ATTENTION
Task: {58DEB88F-EDE2-44EE-9F2E-C39A8FF5D367} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-4 => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-4.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {70DDE1F3-D130-4C28-93D8-5AE03649804B} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {73146D59-A805-49D5-8D19-E39497F43CC0} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {75537BF8-1C84-42D4-8E4B-B42466D102C3} - System32\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86 => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-15] (globalUpdate) <==== ATTENTION
Task: {7CC3A020-2B4B-420B-B12D-B45BF4A1101B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {7DDC3099-4D1D-43D2-AFC5-62D187E0BD30} - System32\Tasks\Yahoo! Search => C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe [2015-01-06] (Pay By Ads LTD) <==== ATTENTION
Task: {82180846-12C2-474D-8344-723CF1AB0588} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5 => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-5.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {964E3B65-B672-49A7-A6DC-1E565D500E2C} - System32\Tasks\ce3a5f13-686d-4a84-840f-755623fb3ddf => C:\Program Files (x86)\CinPlus-1.0cV15.12\ce3a5f13-686d-4a84-840f-755623fb3ddf.exe [2014-12-15] () <==== ATTENTION
Task: {97C397C4-4FAB-415D-813B-156FD3D89917} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {9C69700E-454C-44E9-AE1B-979A7E271C40} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
Task: {9FD03297-E1DE-495D-B47A-3BBC246BD50D} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AA9F1F0F-147D-4013-A93A-B1C5D81C0680} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {AF019B57-B9E2-4E99-B27E-A079836AF1C4} - System32\Tasks\2e8e0f02-dc74-4bb7-b50c-28e47040ba84 => C:\Program Files (x86)\CinPlus-1.0cV15.12\2e8e0f02-dc74-4bb7-b50c-28e47040ba84.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {B20E57C0-ED64-4033-A210-D66379C258C5} - System32\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-3 => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-3.exe [2014-12-15] (Cinema Plus1.0V15.12) <==== ATTENTION
Task: {B23F98AB-2E1D-410C-A96B-85B50D3F719F} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {CDEBDD6D-546D-4B01-A3C7-EB89455009E9} - System32\Tasks\RunTool => C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea\sysad.exe [2015-01-19] ()
Task: {DEBC6FDE-AAF4-4F6C-841E-77E82C66F076} - System32\Tasks\Yahoo! Search Updater => C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrsetup.exe [2015-01-06] (Pay By Ads LTD) <==== ATTENTION
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: C:\Windows\Tasks\2e8e0f02-dc74-4bb7-b50c-28e47040ba84.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\2e8e0f02-dc74-4bb7-b50c-28e47040ba84.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-1.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-11.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-3.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-4.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5_user.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\a900dd15-be07-4174-b34f-2b240631b71b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ce3a5f13-686d-4a84-840f-755623fb3ddf.job => C:\Program Files (x86)\CinPlus-1.0cV15.12\ce3a5f13-686d-4a84-840f-755623fb3ddf.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\TheBestDeals Update.job => C:\Program Files (x86)\ver9TheBestDeals\i3TheBestDealsm51.exe
Task: C:\Windows\Tasks\WSE_Vosteran.job => C:\Users\Nick\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-08-31 19:24 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-13 16:23 - 2014-11-13 16:23 - 00019720 _____ () C:\Program Files (x86)\Infigo\InfigoOperator.exe
2014-07-25 22:23 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-11-27 14:21 - 2015-01-12 18:39 - 00529648 _____ () C:\Program Files (x86)\BrowseStudio\updateBrowseStudio.exe
2014-12-17 18:54 - 2015-01-17 20:02 - 00529648 _____ () C:\Program Files (x86)\BrowseStudio\bin\utilBrowseStudio.exe
2014-08-21 12:33 - 2014-12-17 10:28 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-12-18 11:28 - 2014-12-18 11:28 - 01437696 _____ () C:\Program Files (x86)\Search Extensions\Client.exe
2014-08-21 12:32 - 2014-12-17 10:28 - 00733576 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2014-12-15 14:04 - 2014-12-13 16:19 - 03307176 _____ () C:\Users\Nick\AppData\Local\mbot_de_349\upmbot_de_349.exe
2014-02-25 21:14 - 2014-02-25 21:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 21:11 - 2014-02-25 21:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 21:17 - 2014-02-25 21:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-12-15 14:02 - 2014-12-15 14:10 - 00705038 _____ () C:\Users\Nick\AppData\Roaming\InetStat\inetstat.exe
2014-03-19 02:35 - 2014-03-07 17:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-12-15 14:04 - 2014-12-13 16:18 - 03977896 _____ () C:\Program Files (x86)\mbot_de_349\mbot_de_349.exe
2014-12-25 19:29 - 2014-12-24 12:29 - 03978408 _____ () C:\Program Files (x86)\rec_de_2\rec_de_2.exe
2014-11-25 20:47 - 2014-11-25 20:47 - 01465880 _____ () C:\Program Files (x86)\StormWatch\StormWatchApp.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-01-01 12:15 - 2015-01-01 12:15 - 00706560 _____ () C:\ProgramData\FineDealSSoft\XrFwQRosw6pEa9.x64.dll
2014-12-15 14:11 - 2014-12-15 14:11 - 00228352 _____ () C:\Program Files (x86)\ver9TheBestDeals\184_x64.dll
2014-12-23 20:19 - 2014-12-23 20:19 - 00701440 _____ () C:\ProgramData\DeallsFiNdeRRPro\Ptng2j2cMh1gjy.x64.dll
2015-01-06 11:04 - 2015-01-06 11:04 - 00701952 _____ () C:\ProgramData\leisss2pay\YTim8DmLxpIx6T.x64.dll
2014-12-23 20:19 - 2014-12-23 20:19 - 00701440 _____ () C:\ProgramData\topdeall\wdb8qXI8r4OBZK.x64.dll
2015-01-18 07:04 - 2015-01-18 07:04 - 00701952 _____ () C:\ProgramData\shopndorop\xp0gvHpGDNcMKP.x64.dll
2015-01-06 11:03 - 2015-01-06 11:03 - 00701952 _____ () C:\ProgramData\DissccountLocator\CyLh9NUE0jPOMh.x64.dll
2014-08-31 19:34 - 2013-10-01 10:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-08-29 19:00 - 2014-08-29 19:00 - 00100608 _____ () C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
2014-12-18 10:01 - 2014-12-18 10:01 - 00186192 _____ () c:\ProgramData\Interenet Optimizer\InterenetOptimizerSvc.dll
2014-12-18 10:01 - 2014-12-18 10:01 - 04125696 _____ () c:\ProgramData\Interenet Optimizer\InterenetOptimizer.dll
2014-11-13 16:22 - 2014-11-13 16:22 - 00047616 _____ () C:\Program Files (x86)\Infigo\EventsProvider.dll
2014-08-21 12:33 - 2014-12-17 10:28 - 00023944 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-11-13 16:20 - 2014-11-13 16:20 - 00098304 _____ () C:\Program Files (x86)\Infigo\InfigoSkin.dll
2015-01-19 09:15 - 2015-01-19 09:15 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-12-19 21:16 - 2014-12-19 21:16 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-12-29 13:25 - 2014-12-29 13:25 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2014-12-19 21:10 - 2014-12-19 21:10 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-08-31 19:21 - 2013-12-10 00:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-12-19 22:00 - 2014-12-19 22:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2015-01-06 14:55 - 2015-01-06 14:55 - 00306176 _____ () C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\mkgaiebg.dll
2014-07-25 22:27 - 2014-07-01 22:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2014-12-17 15:33 - 2014-12-06 20:57 - 01304064 _____ () C:\Program Files (x86)\speed browser\Application\38.0.2125.19\libglesv2.dll
2014-12-17 15:33 - 2014-12-06 20:57 - 00212992 _____ () C:\Program Files (x86)\speed browser\Application\38.0.2125.19\libegl.dll
2014-12-17 15:33 - 2014-12-06 20:57 - 09207808 _____ () C:\Program Files (x86)\speed browser\Application\38.0.2125.19\pdf.dll
2014-12-17 15:33 - 2014-12-06 20:57 - 00985600 _____ () C:\Program Files (x86)\speed browser\Application\38.0.2125.19\ffmpegsumo.dll
2014-11-27 19:28 - 2014-12-12 17:42 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-06 14:55 - 2015-01-06 14:55 - 00292864 _____ () C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\bebVFXgn.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Nick\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4218249386-1005423115-940720447-500 - Administrator - Disabled)
Gast (S-1-5-21-4218249386-1005423115-940720447-501 - Limited - Disabled)
Nick (S-1-5-21-4218249386-1005423115-940720447-1002 - Administrator - Enabled) => C:\Users\Nick
UpdatusUser (S-1-5-21-4218249386-1005423115-940720447-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2015 09:34:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (01/19/2015 09:33:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (01/19/2015 11:24:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452fe91
Name des fehlerhaften Moduls: CinPlus-1.0cV15.12-bho64.dll, Version: 1.0.0.1, Zeitstempel: 0x548e181a
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0000000000068bc7
ID des fehlerhaften Prozesses: 0x2004
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (01/19/2015 09:12:07 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/18/2015 09:04:29 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/18/2015 08:23:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.6, Zeitstempel: 0x546963f7
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0x1bc4
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5

Error: (01/18/2015 06:48:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Battle.net.exe, Version 1.2.4.5383 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1614

Startzeit: 01d032e21d8c4e68

Endzeit: 24

Anwendungspfad: C:\Program Files (x86)\Battle.net\Battle.net.5383\Battle.net.exe

Berichts-ID: aa5627de-9ed5-11e4-8264-f8a963e5e11f

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/18/2015 06:47:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.3.2000, Zeitstempel: 0x546c82a9
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0x9c
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (01/17/2015 08:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1604) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU00214.log.

Error: (01/17/2015 07:55:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.


System errors:
=============
Error: (01/19/2015 09:49:31 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (01/19/2015 09:49:11 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (01/19/2015 09:48:51 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (01/19/2015 09:48:31 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (01/19/2015 09:48:10 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (01/19/2015 09:47:51 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (01/19/2015 09:47:30 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (01/19/2015 09:47:10 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (01/19/2015 09:46:52 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.

Error: (01/19/2015 09:46:34 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 48.


Microsoft Office Sessions:
=========================
Error: (01/19/2015 09:34:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/19/2015 09:33:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Nick\AppData\Local\Temp\octE4C5.tmp.exe

Error: (01/19/2015 11:24:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452fe91CinPlus-1.0cV15.12-bho64.dll1.0.0.1548e181ac00000fd0000000000068bc7200401d033bdbaaffef9C:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll5921e805-9fc5-11e4-8264-f8a963e5e11f

Error: (01/19/2015 09:12:07 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/18/2015 09:04:29 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/18/2015 08:23:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.6546963f7MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d1bc401d032e1fee77c3eC:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dllf071784b-9ee2-11e4-8264-f8a963e5e11f

Error: (01/18/2015 06:48:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Battle.net.exe1.2.4.5383161401d032e21d8c4e6824C:\Program Files (x86)\Battle.net\Battle.net.5383\Battle.net.exeaa5627de-9ed5-11e4-8264-f8a963e5e11f

Error: (01/18/2015 06:47:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcerPortal.exe3.0.3.2000546c82a9MSVCR90.dll9.0.30729.838751ea24a5c000000500056b1d9c01d032e23a359cadC:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll86f83346-9ed5-11e4-8264-f8a963e5e11f

Error: (01/17/2015 08:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1604SRUJet: C:\Windows\system32\SRU\SRU00214.log-1811 (0xfffff8ed)

Error: (01/17/2015 07:55:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 50%
Total physical RAM: 8115.27 MB
Available physical RAM: 4049.61 MB
Total Pagefile: 9395.27 MB
Available Pagefile: 5031.44 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:914.95 GB) (Free:838.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E4D040D7)

Partition: GPT Partition Type.

==================== End Of Log ============================
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:45 on 19/01/2015 (Nick)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Nick (administrator) on NICK on 19-01-2015 21:47:39
Running from C:\Users\Nick\Downloads
Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SIEN S.A.) C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe
() C:\Program Files (x86)\Infigo\InfigoOperator.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella242.exe
(Weather Protector LLC) C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe
() C:\Program Files (x86)\BrowseStudio\updateBrowseStudio.exe
() C:\Program Files (x86)\BrowseStudio\bin\utilBrowseStudio.exe
(Word Proser) C:\Program Files (x86)\WordProser_1.10.0.1\Service\wpsvc.exe
(Time Lapse Solutions) C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Cinema Plus1.0V15.12) C:\Program Files (x86)\CinPlus-1.0cV15.12\2e8e0f02-dc74-4bb7-b50c-28e47040ba84.exe
() C:\Program Files (x86)\Search Extensions\Client.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella242.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Users\Nick\AppData\Local\mbot_de_349\upmbot_de_349.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(MAVIN LOG, S.L.) C:\Program Files (x86)\Infigo\Infigo.exe
() C:\Users\Nick\AppData\Roaming\InetStat\inetstat.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Pay By Ads LTD) C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
() C:\Program Files (x86)\mbot_de_349\mbot_de_349.exe
() C:\Program Files (x86)\rec_de_2\rec_de_2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Weather Protector LLC) C:\Program Files (x86)\StormWatch\StormWatch.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\StormWatch\StormWatchApp.exe
(Pokki) C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Cinema Plus1.0V15.12) C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bg.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
() C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [mbot_de_349] => C:\Program Files (x86)\mbot_de_349\mbot_de_349.exe [3977896 2014-12-13] ()
HKLM-x32\...\Run: [rec_de_2] => C:\Program Files (x86)\rec_de_2\rec_de_2.exe [3978408 2014-12-24] ()
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\RunOnce: [upmbot_de_349.exe] => C:\Users\Nick\AppData\Local\mbot_de_349\upmbot_de_349.exe [3307176 2014-12-13] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [RegDXVA1] => C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\abPhoto\SwitchUserVideoKey.reg"
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [SetAsDefault] => C:\Program Files (x86)\Acer\Acer Video Player\SwitchUserVideoKey.bat
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Infigo] => C:\Program Files (x86)\Infigo\Infigo.exe [621320 2014-11-13] (MAVIN LOG, S.L.)
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [InetStat] => C:\Users\Nick\AppData\Roaming\InetStat\inetstat.exe [705038 2014-12-15] ()
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Yahoo! Search] => C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe [634576 2015-01-06] (Pay By Ads LTD)
AppInit_DLLs: C:\PROGRA~3\INTERE~1\INTERE~2.DLL => C:\ProgramData\Interenet Optimizer\InterenetOptimizer_x64.dll [4302848 2014-12-18] ()
AppInit_DLLs-x32: c:\progra~3\intere~1\intere~1.dll => c:\ProgramData\Interenet Optimizer\InterenetOptimizer.dll [4125696 2014-12-18] ()
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
ShortcutTarget: StormWatch.lnk -> C:\Program Files (x86)\StormWatch\StormWatch.exe (Weather Protector LLC)
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
ShortcutTarget: StormWatchApp.lnk -> C:\Program Files (x86)\StormWatch\StormWatchApp.exe ()
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52754;https=127.0.0.1:52754
ProxyEnable: [S-1-5-21-4218249386-1005423115-940720447-1002] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:49665;https=127.0.0.1:49665
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gboxapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gboxapp.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=about%3Ablank&OSP=
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.iminent.com/?appId=44B60659-273B-47CE-98DC-BDD1B2A39958
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314
URLSearchHook: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
SearchScopes: HKLM -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggbc_14_48_ie&cd=2XzuyEtN2Y1L1Qzu0Fzz0AzyyCtA0EyD0EtCtC0Fzy0DtB0CtN0D0Tzu0StCtDyCtCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzy0F0Azz0EyEyBtGtB0BtDtAtG0C0CtA0EtGzztDtB0CtGtBzzzzyCtD0AtCyD0DtCtDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0CtD0BtD0A0A0AtGyE0DyEzytGyE0EyBtCtGzy0FtDtBtGtAzyzyyCtCtBtA0F0AtAtDyE2Q&cr=1929472343&ir=
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314&q={searchTerms}
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=44B60659-273B-47CE-98DC-BDD1B2A39958&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> DefaultScope {0ACE29CB-FD90-4D29-B601-A754BCF7A3CE} URL = hxxp://start.iminent.com/?appId=44B60659-273B-47CE-98DC-BDD1B2A39958&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {0ACE29CB-FD90-4D29-B601-A754BCF7A3CE} URL = hxxp://start.iminent.com/?appId=44B60659-273B-47CE-98DC-BDD1B2A39958&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggbc_14_48_ie&cd=2XzuyEtN2Y1L1Qzu0Fzz0AzyyCtA0EyD0EtCtC0Fzy0DtB0CtN0D0Tzu0StCtDyCtCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDzy0F0Azz0EyEyBtGtB0BtDtAtG0C0CtA0EtGzztDtB0CtGtBzzzzyCtD0AtCyD0DtCtDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0CtD0BtD0A0A0AtGyE0DyEzytGyE0EyBtCtGzy0FtDtBtGtAzyzyyCtCtBtA0F0AtAtDyE2Q&cr=1929472343&ir=
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {5E7C58D5-E133-4A15-BA68-F2DD836147E2} URL = hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}&r=404
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
BHO: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll (Cinema Plus1.0V15.12)
BHO: FineDealSSoft -> {25977745-2d59-40af-b79b-2f6d19a7dcb0} -> C:\ProgramData\FineDealSSoft\XrFwQRosw6pEa9.x64.dll ()
BHO: TheBestDeals -> {4E4BD58E-9579-033B-30F7-59321AAE7A70} -> C:\Program Files (x86)\ver9TheBestDeals\184_x64.dll ()
BHO: DeallsFiNdeRRPro -> {6c05dd31-32ab-4e29-bb43-1346426334ce} -> C:\ProgramData\DeallsFiNdeRRPro\Ptng2j2cMh1gjy.x64.dll ()
BHO: leisss2pay -> {88eb4233-fc7c-433b-abbe-d554c87e5da8} -> C:\ProgramData\leisss2pay\YTim8DmLxpIx6T.x64.dll ()
BHO: topdeall -> {931fc224-b313-4450-a9ca-11810ce09a5f} -> C:\ProgramData\topdeall\wdb8qXI8r4OBZK.x64.dll ()
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: shopndorop -> {abc1eaf7-9b81-4b91-9fc0-0612010bed49} -> C:\ProgramData\shopndorop\xp0gvHpGDNcMKP.x64.dll ()
BHO: DissccountLocator -> {f6be017f-2579-4fe9-83c6-b011a1179f83} -> C:\ProgramData\DissccountLocator\CyLh9NUE0jPOMh.x64.dll ()
BHO: WordProser -> {F6F484C9-29B9-43EC-A924-DCBAAA86B31D} -> C:\Program Files\WordProser_1.10.0.1\IE\WordProserClientIE.dll (Word Proser)
BHO-x32: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho.dll (Cinema Plus1.0V15.12)
BHO-x32: BrowseStudio 1.0.0.6 -> {1e9e0e98-4ab7-40b0-a0ce-69105c1b7c92} -> C:\Program Files (x86)\BrowseStudio\BrowseStudioBHO.dll (BrowseStudio)
BHO-x32: FineDealSSoft -> {25977745-2d59-40af-b79b-2f6d19a7dcb0} -> C:\ProgramData\FineDealSSoft\XrFwQRosw6pEa9.dll ()
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: TheBestDeals -> {4E4BD58E-9579-033B-30F7-59321AAE7A70} -> C:\Program Files (x86)\ver9TheBestDeals\184.dll ()
BHO-x32: DeallsFiNdeRRPro -> {6c05dd31-32ab-4e29-bb43-1346426334ce} -> C:\ProgramData\DeallsFiNdeRRPro\Ptng2j2cMh1gjy.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: leisss2pay -> {88eb4233-fc7c-433b-abbe-d554c87e5da8} -> C:\ProgramData\leisss2pay\YTim8DmLxpIx6T.dll ()
BHO-x32: topdeall -> {931fc224-b313-4450-a9ca-11810ce09a5f} -> C:\ProgramData\topdeall\wdb8qXI8r4OBZK.dll ()
BHO-x32: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: shopndorop -> {abc1eaf7-9b81-4b91-9fc0-0612010bed49} -> C:\ProgramData\shopndorop\xp0gvHpGDNcMKP.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DissccountLocator -> {f6be017f-2579-4fe9-83c6-b011a1179f83} -> C:\ProgramData\DissccountLocator\CyLh9NUE0jPOMh.dll ()
BHO-x32: WordProser -> {F6F484C9-29B9-43EC-A924-DCBAAA86B31D} -> C:\Program Files (x86)\WordProser_1.10.0.1\IE\WordProserClientIE.dll (Word Proser)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default
FF NewTab: hxxp://start.iminent.com/?ref=NewTab&appId=44B60659-273B-47CE-98DC-BDD1B2A39958
FF DefaultSearchEngine: StartWeb
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: hxxp://start.iminent.com/?appId=44B60659-273B-47CE-98DC-BDD1B2A39958
FF Keyword.URL: hxxp://rts.dsrlte.com?affID=pr_0955590a-be5a-4784-94b1-abd466ba4a9b&q=
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF SearchPlugin: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\searchplugins\dsrlte.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF Extension: Cinema-Plus-1.8c - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2015-01-07]
FF Extension: deALpEAk - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\CAZNd@v.org [2015-01-18]
FF Extension: CoupScanner - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\F@oxzo.net [2014-12-19]
FF Extension: toppdeal - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\g@9.co.uk [2015-01-02]
FF Extension: eassytosshoP - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\i@Mri86VdY.edu [2015-01-07]
FF Extension: 9b9d2aaaae264447a7a1633a32b19ddd - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd} [2014-12-22]
FF Extension: Iminent - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\firefoxmini@go.im.xpi [2015-01-07]
FF Extension: Locale Switcher - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2014-11-27]
FF Extension: BrowseStudio 1.0.1 - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}.xpi [2014-11-27]
FF Extension: Word Proser - C:\Program Files (x86)\Mozilla Firefox\extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6} [2014-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}] - C:\Program Files (x86)\Mozilla Firefox\extensions\{6e7f6f9f-8ce6-4611-add2-05f0f7049ee6}
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\extensions\faststartff@gmail.com
FF HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Firefox\Extensions: [{62428898-9012-A545-C4F2-2462E54752A3}] - C:\Program Files (x86)\ver9TheBestDeals\184.xpi
FF Extension: TheBestDeals - C:\Program Files (x86)\ver9TheBestDeals\184.xpi [2014-12-15]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1418808486&from=tt4u&uid=WDCXWD10JPVX-22JC3T0_WD-WX11E44Y0314Y0314

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [ehhlaekjfiiojlddgndcnefflngfmhen] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nbljechdpodpbchbmjcoamidppmpnmlc] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 0c632643; c:\ProgramData\Interenet Optimizer\InterenetOptimizerSvc.dll [186192 2014-12-18] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 FCUUjqwoLq; C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe [2726256 2014-12-16] (Time Lapse Solutions)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-15] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-12-15] (globalUpdate) [File not signed]
R2 GlobalUpdater; C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [378152 2014-12-30] (SIEN S.A.)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-12-17] (Cherished Technololgy LIMITED)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [19720 2014-11-13] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 Internet Enhancer Service; C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe [312320 2015-01-05] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella242.exe [5382304 2014-12-30] (Iminent)
R2 SWUpdater; C:\Program Files (x86)\StormWatch\SWUpdaterSvc.exe [17584 2014-11-22] (Weather Protector LLC)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
R2 Update BrowseStudio; C:\Program Files (x86)\BrowseStudio\updateBrowseStudio.exe [529648 2015-01-12] ()
R2 Util BrowseStudio; C:\Program Files (x86)\BrowseStudio\bin\utilBrowseStudio.exe [529648 2015-01-17] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-17] (Fuyu LIMITED) [File not signed]
R2 wpsvc_1.10.0.1; C:\Program Files (x86)\WordProser_1.10.0.1\Service\wpsvc.exe [277584 2014-10-14] (Word Proser)
S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X]
S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 webinstrNewH; C:\Windows\system32\Drivers\webinstrNewH.sys [106456 2014-12-15] (Corsica)
R1 wpnfd_1_10_0_1; C:\Windows\System32\drivers\wpnfd_1_10_0_1.sys [58240 2014-10-14] (Word Proser)
R1 {b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}Gw64; C:\Windows\System32\drivers\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}Gw64.sys [48784 2014-11-27] (StdLib)
R1 {da0b130f-7ef7-4a5c-97ff-4239bbc3502d}Gw64; C:\Windows\System32\drivers\{da0b130f-7ef7-4a5c-97ff-4239bbc3502d}Gw64.sys [48784 2014-12-04] (StdLib)
R1 {da0b130f-7ef7-4a5c-97ff-4239bbc3502d}w64; C:\Windows\System32\drivers\{da0b130f-7ef7-4a5c-97ff-4239bbc3502d}w64.sys [48784 2015-01-09] (StdLib)
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 21:48 - 2015-01-19 21:48 - 00096394 _____ () C:\Users\Nick\Downloads\Gmer-19357.exe.crdownload
2015-01-19 21:47 - 2015-01-19 21:47 - 00031858 _____ () C:\Users\Nick\Downloads\FRST.txt
2015-01-19 21:46 - 2015-01-19 21:47 - 02126848 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe
2015-01-19 21:44 - 2015-01-19 21:45 - 00000470 _____ () C:\Users\Nick\Downloads\defogger_disable.log
2015-01-19 21:44 - 2015-01-19 21:44 - 00050477 _____ () C:\Users\Nick\Downloads\Defogger.exe
2015-01-19 21:35 - 2015-01-19 21:35 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-01-19 09:25 - 2015-01-19 09:25 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-01-19 09:25 - 2015-01-19 09:25 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-01-19 09:17 - 2015-01-19 09:17 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-01-18 07:04 - 2015-01-18 07:05 - 00000000 ____D () C:\ProgramData\shopndorop
2015-01-18 06:54 - 2014-12-31 12:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-18 06:49 - 2015-01-18 06:49 - 00003754 _____ () C:\Windows\System32\Tasks\RunTool
2015-01-18 06:49 - 2015-01-18 06:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea
2015-01-18 06:48 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-18 06:48 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-18 06:48 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-18 06:45 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-18 06:45 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-18 06:45 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-18 06:45 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-18 06:44 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-18 06:44 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-18 06:44 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-18 06:44 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 21:01 - 2015-01-19 21:47 - 00000000 ____D () C:\FRST
2015-01-16 21:00 - 2015-01-16 21:00 - 00000000 _____ () C:\Users\Nick\defogger_reenable
2015-01-16 14:36 - 2015-01-16 14:36 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 22:24 - 2015-01-15 22:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG
2015-01-15 22:23 - 2015-01-15 22:23 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg
2015-01-15 22:22 - 2015-01-15 22:24 - 00000000 ____D () C:\ProgramData\AVG
2015-01-15 15:03 - 2015-01-15 15:03 - 00000000 _____ () C:\autoexec.bat
2015-01-15 15:00 - 2015-01-15 15:01 - 00000000 ____D () C:\sh4ldr
2015-01-15 14:39 - 2015-01-15 14:39 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-15 14:06 - 2015-01-15 14:06 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG2015
2015-01-15 14:05 - 2015-01-15 14:05 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\TuneUp Software
2015-01-15 14:04 - 2015-01-17 15:22 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-15 14:04 - 2015-01-15 14:04 - 00000000 ___HD () C:\$AVG
2015-01-15 14:03 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-15 14:02 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-15 14:02 - 2015-01-15 14:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg2015
2015-01-15 14:02 - 2015-01-15 14:02 - 00000000 ____D () C:\Users\Nick\AppData\Local\MFAData
2015-01-09 16:37 - 2015-01-09 03:24 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{da0b130f-7ef7-4a5c-97ff-4239bbc3502d}w64.sys
2015-01-07 13:02 - 2015-01-17 19:43 - 00000000 ____D () C:\Program Files (x86)\Iminent
2015-01-06 17:06 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance
2015-01-06 17:06 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WaInterEnhance
2015-01-06 11:04 - 2015-01-17 19:44 - 00000000 ____D () C:\ProgramData\leisss2pay
2015-01-06 11:03 - 2015-01-17 19:44 - 00000000 ____D () C:\ProgramData\DissccountLocator
2015-01-03 17:58 - 2015-01-03 17:58 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WB Games
2015-01-03 17:38 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WB Games
2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Rovio
2015-01-03 17:10 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
2015-01-03 17:10 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\Rovio
2015-01-03 17:10 - 2015-01-03 17:10 - 00001094 _____ () C:\Users\Public\Desktop\Bad Piggies.lnk
2015-01-01 12:15 - 2015-01-17 19:44 - 00000000 ____D () C:\ProgramData\FineDealSSoft
2015-01-01 12:02 - 2015-01-17 19:20 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pay-By-Ads
2015-01-01 12:02 - 2015-01-06 14:55 - 00003482 _____ () C:\Windows\System32\Tasks\Yahoo! Search Updater
2015-01-01 12:02 - 2015-01-06 14:55 - 00003478 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-12-25 19:29 - 2015-01-17 19:43 - 00000000 ____D () C:\Program Files (x86)\rec_de_2
2014-12-25 19:29 - 2014-12-26 13:27 - 00000000 ____D () C:\Program Files (x86)\MyBestOffersToday
2014-12-25 19:29 - 2014-12-25 19:29 - 00000000 ____D () C:\Users\Nick\AppData\Local\rec_de_2
2014-12-25 00:25 - 2014-12-25 00:25 - 00000000 ____D () C:\ZombieNews
2014-12-24 20:24 - 2014-12-24 20:24 - 00001270 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-12-24 20:24 - 2014-12-24 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-12-24 19:42 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-12-24 18:25 - 2014-12-24 18:25 - 00000000 ____D () C:\Users\Nick\AppData\Local\Blizzard Entertainment
2014-12-24 18:24 - 2015-01-19 20:13 - 00000000 ____D () C:\Users\Nick\AppData\Local\Battle.net
2014-12-24 18:24 - 2015-01-17 19:44 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Battle.net
2014-12-24 18:24 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-12-23 20:19 - 2015-01-17 19:44 - 00000000 ____D () C:\ProgramData\topdeall
2014-12-23 20:19 - 2015-01-17 19:44 - 00000000 ____D () C:\ProgramData\DeallsFiNdeRRPro
2014-12-23 11:59 - 2014-12-23 11:59 - 00000000 ____D () C:\ProgramData\OnlineLowDeals

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 21:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-19 21:39 - 2014-11-27 18:57 - 00000000 ___RD () C:\Users\Nick\OneDrive
2015-01-19 21:38 - 2014-11-27 18:59 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{21898380-5491-4791-BB9B-793C6C26EEF0}
2015-01-19 21:37 - 2014-11-27 18:55 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4218249386-1005423115-940720447-1002
2015-01-19 21:36 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Skype
2015-01-19 21:36 - 2014-08-31 20:16 - 01538564 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 21:36 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-19 21:35 - 2014-12-15 14:04 - 00000000 ____D () C:\Users\Nick\AppData\Local\mbot_de_349
2015-01-19 21:35 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-19 21:34 - 2014-11-27 18:52 - 00002293 _____ () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-01-19 21:34 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pokki
2015-01-19 21:33 - 2014-11-27 18:50 - 00000000 ____D () C:\Users\Nick\AppData\Local\clear.fi
2015-01-19 21:32 - 2014-12-15 14:08 - 00004496 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-4.job
2015-01-19 21:32 - 2014-12-15 14:08 - 00003126 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-1.job
2015-01-19 21:32 - 2014-12-15 14:08 - 00002448 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5_user.job
2015-01-19 21:32 - 2014-12-15 14:08 - 00002448 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-5.job
2015-01-19 21:32 - 2014-12-15 14:08 - 00001430 _____ () C:\Windows\Tasks\2e8e0f02-dc74-4bb7-b50c-28e47040ba84.job
2015-01-19 21:32 - 2014-12-15 14:07 - 00005186 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-11.job
2015-01-19 21:32 - 2014-12-15 14:07 - 00004160 _____ () C:\Windows\Tasks\a900dd15-be07-4174-b34f-2b240631b71b-3.job
2015-01-19 21:32 - 2014-12-15 14:07 - 00000996 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-19 21:32 - 2014-12-15 14:07 - 00000632 _____ () C:\Windows\Tasks\ce3a5f13-686d-4a84-840f-755623fb3ddf.job
2015-01-19 21:30 - 2013-08-22 15:46 - 00022695 _____ () C:\Windows\setupact.log
2015-01-19 21:30 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-19 21:29 - 2014-12-18 18:23 - 00000000 ____D () C:\ProgramData\WowCoupon
2015-01-19 21:29 - 2014-03-18 10:54 - 00029258 _____ () C:\Windows\PFRO.log
2015-01-19 21:29 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-19 20:08 - 2014-11-27 19:08 - 00000298 _____ () C:\Windows\Tasks\WSE_Vosteran.job
2015-01-19 14:18 - 2014-12-15 14:13 - 00001000 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job
2015-01-19 13:59 - 2014-11-27 19:09 - 00000000 ____D () C:\Users\Nick\AppData\Local\CrashDumps
2015-01-19 12:46 - 2014-11-27 19:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-19 10:21 - 2014-12-16 10:44 - 00000000 ____D () C:\Users\Nick\AppData\Local\ZombieNews
2015-01-19 09:08 - 2014-11-27 20:08 - 00000198 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2015-01-19 08:55 - 2014-11-30 15:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-18 16:13 - 2014-11-30 15:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-18 10:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-18 08:47 - 2014-12-15 14:07 - 00000000 ____D () C:\Program Files (x86)\CinPlus-1.0cV15.12
2015-01-18 08:24 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-18 07:05 - 2014-12-18 18:23 - 00000000 ____D () C:\ProgramData\39eba0e3893754d0
2015-01-17 20:02 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini
2015-01-17 20:00 - 2014-11-27 19:07 - 00000000 ____D () C:\Program Files (x86)\BrowseStudio
2015-01-17 19:54 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick
2015-01-17 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-01-17 19:47 - 2014-08-31 19:30 - 00000000 ____D () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701}
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-01-17 19:44 - 2014-12-18 10:01 - 00000000 ____D () C:\ProgramData\Interenet Optimizer
2015-01-17 19:44 - 2014-12-17 14:07 - 00000000 ____D () C:\ProgramData\Browser
2015-01-17 19:44 - 2014-12-17 10:29 - 00000000 ____D () C:\Users\Nick\AppData\Local\Weather_Protector_LLC
2015-01-17 19:44 - 2014-12-17 10:28 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-01-17 19:44 - 2014-12-16 10:40 - 00000000 ____D () C:\ProgramData\OqQeGinkA
2015-01-17 19:44 - 2014-12-05 08:24 - 00000000 ___RD () C:\Windows\BrowserChoice
2015-01-17 19:44 - 2014-08-31 19:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Temp
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\install_clap
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-17 19:44 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-01-17 19:43 - 2014-12-17 10:29 - 00000000 ____D () C:\Program Files (x86)\Wajam
2015-01-17 19:43 - 2014-12-17 10:29 - 00000000 ____D () C:\Program Files (x86)\StormWatch
2015-01-17 19:43 - 2014-12-17 10:28 - 00000000 ____D () C:\Program Files (x86)\SupTab
2015-01-17 19:43 - 2014-12-15 14:12 - 00000000 ____D () C:\Program Files (x86)\ver9TheBestDeals
2015-01-17 19:43 - 2014-12-15 14:05 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2015-01-17 19:43 - 2014-12-15 14:04 - 00000000 ____D () C:\Program Files (x86)\mbot_de_349
2015-01-17 19:43 - 2014-12-06 09:34 - 00000000 ____D () C:\Program Files (x86)\Infigo
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee.com
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-17 19:43 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-17 19:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration
2015-01-17 19:24 - 2014-09-01 04:36 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\winrm
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Vss
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\vpnplugins
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-RS
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\spp
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\networklist
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MsDtc
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Licenses
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SystemResources
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\slmgr
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Media.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spp
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spool
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Speech
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\networklist
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MsDtc
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Licenses
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\SMI
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-17 19:22 - 2014-12-05 08:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-17 19:22 - 2014-11-27 18:50 - 00000000 ____D () C:\Windows\oem
2015-01-17 19:22 - 2014-09-01 04:29 - 00000000 ____D () C:\Windows\NAPP_Dism_Log
2015-01-17 19:22 - 2014-03-18 10:45 - 00000000 ____D () C:\Windows\SKB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\Configuration
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\InputMethod
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\IME
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Speech
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Resources
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PLA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Performance
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\InputMethod
2015-01-17 19:22 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing
2015-01-17 19:21 - 2014-12-17 10:29 - 00000000 ____D () C:\Users\Nick\AppData\Local\StormWatch
2015-01-17 19:21 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla
2015-01-17 19:21 - 2014-11-27 19:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WSE_Vosteran
2015-01-17 19:21 - 2014-08-31 19:50 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-17 19:21 - 2014-07-25 22:28 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Globalization
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Branding
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ADFS
2015-01-17 19:20 - 2014-12-17 15:33 - 00000000 ____D () C:\Users\Nick\AppData\Local\speed browser
2015-01-17 19:20 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Local\Skype
2015-01-17 19:20 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla
2015-01-17 19:20 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages
2015-01-17 19:19 - 2014-12-16 10:39 - 00000000 ____D () C:\Program Files\WordProser_1.10.0.1
2015-01-17 19:19 - 2014-12-14 11:12 - 00000000 ____D () C:\ProgramData\Battle.net
2015-01-17 19:19 - 2014-11-30 18:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\CyberLink
2015-01-17 19:19 - 2014-11-29 15:04 - 00000000 ____D () C:\ProgramData\Skype
2015-01-17 19:19 - 2014-11-27 19:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-17 19:19 - 2014-08-31 19:50 - 00000000 ____D () C:\ProgramData\CLSK
2015-01-17 19:19 - 2014-08-31 19:34 - 00000000 ____D () C:\Program Files\Realtek
2015-01-17 19:19 - 2014-08-31 19:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-17 19:19 - 2014-08-31 19:21 - 00000000 ____D () C:\ProgramData\Intel
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:23 - 00000000 ____D () C:\ProgramData\WildTangent
2015-01-17 19:19 - 2014-07-25 22:22 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\OEM
2015-01-17 19:19 - 2014-07-25 22:20 - 00000000 ____D () C:\ProgramData\acer
2015-01-17 19:19 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-17 19:19 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-17 19:19 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-01-17 19:18 - 2014-12-17 15:33 - 00000000 ____D () C:\Program Files (x86)\speed browser
2015-01-17 19:18 - 2014-12-16 10:39 - 00000000 ____D () C:\Program Files (x86)\WordProser_1.10.0.1
2015-01-17 19:18 - 2014-12-15 14:07 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-17 19:18 - 2014-11-29 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-17 19:18 - 2014-11-27 19:36 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-17 19:18 - 2014-11-27 18:50 - 00000000 ____D () C:\Program Files (x86)\OEM
2015-01-17 19:18 - 2014-08-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-17 19:18 - 2014-08-31 19:46 - 00000000 ____D () C:\Program Files (x86)\Spotify
2015-01-17 19:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-01-17 19:18 - 2014-08-31 19:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-17 19:18 - 2014-08-31 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files\Intel
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-17 19:18 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\Foxit PhantomPDF
2015-01-17 19:18 - 2014-07-25 22:26 - 00000000 ____D () C:\Program Files\Acer
2015-01-17 19:18 - 2014-07-25 22:24 - 00000000 ____D () C:\Program Files (x86)\WildGames
2015-01-17 19:18 - 2014-07-25 22:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-17 19:18 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-17 19:17 - 2014-11-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Brick-Force
2015-01-17 19:17 - 2014-07-25 22:57 - 00000000 ___HD () C:\OEM
2015-01-16 05:19 - 2014-07-25 22:58 - 00000000 ____D () C:\Windows\Panther
2015-01-15 17:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-15 14:13 - 2014-11-27 19:10 - 00000000 ____D () C:\Users\Public\OEM
2015-01-15 13:59 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator
2015-01-13 16:42 - 2014-11-28 17:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\.minecraft
2015-01-06 01:08 - 2014-12-05 08:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-12-05 08:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-03 17:10 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\VirtualStore

==================== Files in the root of some directories =======
2014-12-15 14:08 - 2014-12-15 14:08 - 1545696 _____ (Cinema Plus1.0V15.12) C:\Users\Nick\AppData\Roaming\EJSP.exe
2014-12-15 14:07 - 2014-12-15 14:07 - 2031584 _____ (Cinema Plus1.0V15.12) C:\Users\Nick\AppData\Roaming\FYIKETTA.exe
2014-11-27 20:08 - 2015-01-19 09:08 - 0000198 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2014-11-29 10:08 - 2014-12-17 10:08 - 0000001 _____ () C:\Users\Nick\AppData\Local\DSI.DAT
2014-11-29 10:08 - 2014-11-29 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup1444812342.exe
2014-12-02 14:08 - 2014-12-02 14:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4180595462.exe
2014-12-17 10:08 - 2014-12-17 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4535986252.exe
2014-08-31 19:34 - 2014-08-31 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-06 09:34 - 2014-12-06 09:34 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.dll
C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.exe
C:\Users\Nick\AppData\Local\Temp\58A0271C-DAA9-E0B9-2984-AC25A29A9884.exe
C:\Users\Nick\AppData\Local\Temp\ICReinstall_adobe_flash_setup.exe
C:\Users\Nick\AppData\Local\Temp\ICReinstall_FirefoxSetup.exe
C:\Users\Nick\AppData\Local\Temp\oct8D03.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octE0DF.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octE4C5.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octF576.tmp.exe
C:\Users\Nick\AppData\Local\Temp\optprosetup.exe
C:\Users\Nick\AppData\Local\Temp\rt-update.exe
C:\Users\Nick\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nick\AppData\Local\Temp\sysad.exe
C:\Users\Nick\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Nick\AppData\Local\Temp\System.Data.SQLite3c77ea22-6f8d-4996-b236-dc6fe42eecea.dll
C:\Users\Nick\AppData\Local\Temp\updatecertmanager.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-03 20:14

==================== End Of Log ============================
--- --- ---


Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-19 22:17:12
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002f WDC_WD10JPVX-22JC3T0 rev.01.01A01 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Nick\AppData\Local\Temp\ugldqpoc.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\system32\nvvsvc.exe[1016] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                00007fffa0e6169a 4 bytes [E6, A0, FF, 7F]
.text    C:\Windows\system32\nvvsvc.exe[1016] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                00007fffa0e616a2 4 bytes [E6, A0, FF, 7F]
.text    C:\Windows\system32\nvvsvc.exe[1016] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                    00007fffa0e6181a 4 bytes [E6, A0, FF, 7F]
.text    C:\Windows\system32\nvvsvc.exe[1016] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                    00007fffa0e61832 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Windows Defender\MsMpEng.exe[2176] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                                  00007fffa0e6169a 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Windows Defender\MsMpEng.exe[2176] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                                  00007fffa0e616a2 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Windows Defender\MsMpEng.exe[2176] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118                                                                                                                    00007fffa0e6181a 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Windows Defender\MsMpEng.exe[2176] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142                                                                                                                    00007fffa0e61832 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[4432] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194                                                                                                00007fff84e81f6a 4 bytes [E8, 84, FF, 7F]
.text    C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[4432] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218                                                                                                00007fff84e81f82 4 bytes [E8, 84, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4552] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                      00007fffa0e6169a 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4552] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                      00007fffa0e616a2 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4552] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                        00007fffa0e6181a 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4552] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                        00007fffa0e61832 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Internet Explorer\IEXPLORE.EXE[4336] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                                00007fffa0e6169a 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Internet Explorer\IEXPLORE.EXE[4336] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                                00007fffa0e616a2 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Internet Explorer\IEXPLORE.EXE[4336] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118                                                                                                                  00007fffa0e6181a 4 bytes [E6, A0, FF, 7F]
.text    C:\Program Files\Internet Explorer\IEXPLORE.EXE[4336] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142                                                                                                                  00007fffa0e61832 4 bytes [E6, A0, FF, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [632:648]                                                                                                                                                                                    fffff960008f9b90
Thread  C:\Windows\System32\SettingSyncHost.exe [1308:5632]                                                                                                                                                                        00007fff8c1d6da0
---- Processes - GMER 2.1 ----

Process  C:\ProgramData\IePluginServices\PluginService.exe (*** suspicious ***) @ C:\ProgramData\IePluginServices\PluginService.exe [1452] (IePlugin Service/Cherished Technololgy LIMITED)(2014-12-17 09:28:53)                    0000000000270000
Process  C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (*** suspicious ***) @ C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [1496] (WindowsProtectManger Service/Fuyu LIMITED)(2014-12-17 09:28:45)  0000000001190000
Library  c:\progra~3\intere~1\InterenetOptimizerSvc.dll (*** suspicious ***) @ C:\Windows\SysWOW64\rundll32.exe [1724] (FILE NOT FOUND)                                                                                              0000000074bf0000
Library  c:\progra~3\intere~1\intere~1.dll (*** suspicious ***) @ C:\Windows\SysWOW64\rundll32.exe [1724](2014-12-18 09:01:47)                                                                                                      000000006eec0000
Process  C:\Users\Nick\AppData\Roaming\InetStat\inetstat.exe (*** suspicious ***) @ C:\Users\Nick\AppData\Roaming\InetStat\inetstat.exe [4720](2014-12-15 13:02:54)                                                                  0000000000400000
Process  C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe (*** suspicious ***) @ C:\Users\Nick\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.6\dsrlte.exe [4952] (FILE NOT FOUND)                            0000000001120000
Library  C:\Users\Nick\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe [5928] (Chromium/The Chromium Authors)(2014-12-31 22:57:14)                        0000000060900000
Library  C:\Users\Nick\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe [5928] (ICU Data DLL/The ICU Project)(2014-12-31 22:52:38)                            000000005cbd0000
Library  C:\ProgramData\FineDealSSoft\XrFwQRosw6pEa9.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2                                                                                        00007fff8c5d0000
Library  C:\ProgramData\DeallsFiNdeRRPro\Ptng2j2cMh1gjy.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2014-12-23 19:19:27)                                                                  00007fff8c4d0000
Library  C:\ProgramData\leisss2pay\YTim8DmLxpIx6T.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2015-01                                                                                      00007fff8ae00000
Library  C:\ProgramData\topdeall\wdb8qXI8r4OBZK.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2014-12-23                                                                                    00007fff85cf0000
Library  C:\ProgramData\shopndorop\xp0gvHpGDNcMKP.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2015-01                                                                                      00007fff81c00000
Library  C:\ProgramData\DissccountLocator\CyLh9NUE0jPOMh.x64.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4336](2015-01-06 10:03:51)                                                                  00007fff81b40000

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                                                                                                      unknown MBR code

---- EOF - GMER 2.1 ----


bitteschön
Gruß
Anja

schrauber 20.01.2015 18:01
Holy Crap :D

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:



    BrowseStudio

    CinPlus-1.0cV15.12

    DeallsFiNdeRRPro

    DissccountLocator

    FineDealSSoft

    Iminent

    IminentToolbar

    InetStat

    Interenet Optimizer

    leisss2pay

    MyBestOffersToday 014.2

    MyBestOffersToday 014.349

    mystartsearch uninstall

    OnlineLowDeals

    RocketTab

    shopndorop

    StormWatch

    TheBestDeals

    Wajam

    Word Proser 1.10.0.1

    WowCoupon

    WSE_Vosteran

    Yahoo! Search


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Sumsum 20.01.2015 21:01
So schlimm


BrowseStudio konnte ich nicht finden

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malware Protection, Starting,
Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malware Protection, Started,
Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malicious Website Protection, Starting,
Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malicious Website Protection, Started,
Update, 20.01.2015 19:57:25, SYSTEM, NICK, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 20.01.2015 19:57:26, SYSTEM, NICK, Manual, Rootkit Database, 2014.11.18.1, 2015.1.14.1,
Update, 20.01.2015 19:58:10, SYSTEM, NICK, Manual, Malware Database, 2014.11.20.6, 2015.1.20.8,
Protection, 20.01.2015 19:58:10, SYSTEM, NICK, Protection, Refresh, Starting,
Protection, 20.01.2015 19:58:10, SYSTEM, NICK, Protection, Malicious Website Protection, Stopping,
Protection, 20.01.2015 19:58:10, SYSTEM, NICK, Protection, Malicious Website Protection, Stopped,
Protection, 20.01.2015 19:58:14, SYSTEM, NICK, Protection, Refresh, Success,
Protection, 20.01.2015 19:58:14, SYSTEM, NICK, Protection, Malicious Website Protection, Starting,
Protection, 20.01.2015 19:58:15, SYSTEM, NICK, Protection, Malicious Website Protection, Started,
Detection, 20.01.2015 20:15:46, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.BrowseStudio.A, C:\Program Files (x86)\BrowseStudio\BrowseStudioUn.exe, Quarantine, [3b6d8f6ac3c6330388a788648b7639c7]
Detection, 20.01.2015 20:15:50, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:16:11, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:16:14, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:16:18, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:16:32, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:16:36, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:18:00, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantine, [792ff9005f2aad89077b0c497a89df21]
Detection, 20.01.2015 20:20:34, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SpeedBrowser.A, C:\Program Files (x86)\speed browser\Application\browser.exe, Quarantine Failed, 5, Zugriff verweigert  , [2088c534e2a746f0a43c6403c14228d8]
Detection, 20.01.2015 20:23:01, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:23:31, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, Quarantine, [7d2b9f5a7e0be4523b81e3766e957789]
Protection, 20.01.2015 20:25:07, SYSTEM, NICK, Protection, Malware Protection, Starting,
Protection, 20.01.2015 20:25:07, SYSTEM, NICK, Protection, Malware Protection, Started,
Protection, 20.01.2015 20:25:07, SYSTEM, NICK, Protection, Malicious Website Protection, Starting,
Protection, 20.01.2015 20:25:08, SYSTEM, NICK, Protection, Malicious Website Protection, Started,
Detection, 20.01.2015 20:26:18, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine, [8d1ba059f198fc3aedcf5009ac57cb35]
Detection, 20.01.2015 20:26:42, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Quarantine, [6f39faffcebb48ee922a481140c33dc3]
Detection, 20.01.2015 20:26:42, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Quarantine, [fdab6e8ba2e71a1cd2ea3a1f669d42be]
Detection, 20.01.2015 20:26:42, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Quarantine, [7d2b33c60c7df83edce078e1a261df21]
Detection, 20.01.2015 20:28:19, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\msvcp110.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [6f39faffcebb48ee922a481140c33dc3]
Detection, 20.01.2015 20:28:19, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\msvcr110.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [fdab6e8ba2e71a1cd2ea3a1f669d42be]
Detection, 20.01.2015 20:28:20, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\windowssupportdll64.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [8d1ba059f198fc3aedcf5009ac57cb35]
Detection, 20.01.2015 20:28:20, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\windowssupportdll32.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [7d2b33c60c7df83edce078e1a261df21]

(end)
Code:
# AdwCleaner v4.108 - Bericht erstellt am 20/01/2015 um 20:42:06
# Aktualisiert 17/01/2015 von Xplode
# Database : 2015-01-18.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Nick - NICK
# Gestartet von : C:\Users\Nick\Downloads\AdwCleaner_4.108.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

[!] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Infigo

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\MyBestOffersToday
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\RocketTabInstalled
Schlüssel Gelöscht : HKCU\Software\Search Extensions
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\StormWatchApp
Schlüssel Gelöscht : HKCU\Software\BrowseStudio
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\MyBestOffersToday
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\supWPM
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBrowser
Schlüssel Gelöscht : HKLM\SOFTWARE\mystartsearchSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\BrowseStudio
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZombieNews
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speed browser
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v34.0.5 (x86 de)

[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.1betXNgUu0ry1KV3.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazo[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22DE%22%3A%7B%22ALL%22%3A%5B%22anastasiadate.com%22%2C%22option[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.crossrider.bic", "14a4e125e47398c82eba5714449bbc3c");
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.BirthDate", "1420632139");
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.adapters", "{\"de.iminent.com\":{\"CountryCode\":\"IT\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"14206321657618[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"urlhxxps\[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");

*************************

AdwCleaner[R0].txt - [22738 octets] - [20/01/2015 20:34:38]
AdwCleaner[R1].txt - [7243 octets] - [20/01/2015 20:39:36]
AdwCleaner[S0].txt - [14499 octets] - [20/01/2015 20:38:31]
AdwCleaner[S1].txt - [5817 octets] - [20/01/2015 20:42:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5877 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Nick on 20.01.2015 at 20:46:43,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4218249386-1005423115-940720447-1002\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Nick\AppData\Roaming\mozilla\firefox\profiles\1fes414j.default\prefs.js

user_pref("extensions.0NG6EAy41KJKq8PO.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnale
user_pref("extensions.ZGyzPlc8FlL8RbbK.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnale
user_pref("extensions.cNJOTCNSXDHbnXh9.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnale



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.01.2015 at 20:49:33,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Nick (administrator) on NICK on 20-01-2015 20:58:22
Running from C:\Users\Nick\Downloads
Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Pokki) C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [mbot_de_349] => [X]
HKLM-x32\...\Run: [rec_de_2] => [X]
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [RegDXVA1] => C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\abPhoto\SwitchUserVideoKey.reg"
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [SetAsDefault] => C:\Program Files (x86)\Acer\Acer Video Player\SwitchUserVideoKey.bat
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Infigo] => C:\Program Files (x86)\Infigo\Infigo.exe onrun
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:58526;https=127.0.0.1:58526
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=about%3Ablank&OSP=
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default
FF NewTab:
FF SelectedSearchEngine:
FF Keyword.URL:
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Extension: Cinema-Plus-1.8c - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2015-01-07]
FF Extension: 9b9d2aaaae264447a7a1633a32b19ddd - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd} [2014-12-22]
FF Extension: Locale Switcher - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2014-11-27]
FF Extension: BrowseStudio 1.0.1 - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}.xpi [2014-11-27]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
S2 FCUUjqwoLq; C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe [2726256 2014-12-16] () [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X]
S2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-20 20:49 - 2015-01-20 20:49 - 00002016 _____ () C:\Users\Nick\Desktop\JRT.txt
2015-01-20 20:46 - 2015-01-20 20:46 - 00000000 ____D () C:\Windows\ERUNT
2015-01-20 20:45 - 2015-01-20 20:45 - 00005981 _____ () C:\Users\Nick\Desktop\AdwCleaner[S1].txt
2015-01-20 20:34 - 2015-01-20 20:42 - 00000000 ____D () C:\AdwCleaner
2015-01-20 20:30 - 2015-01-20 20:30 - 00006148 _____ () C:\Users\Nick\Desktop\mbam.txt
2015-01-20 20:16 - 2015-01-20 20:16 - 00003112 _____ () C:\Windows\System32\Tasks\{5EE2478D-F235-4D61-88B7-D5096E360D17}
2015-01-20 19:57 - 2015-01-20 20:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-20 19:57 - 2015-01-20 19:57 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-20 19:57 - 2015-01-20 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-20 19:56 - 2015-01-20 19:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-20 19:56 - 2015-01-20 19:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-20 19:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-20 19:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-20 19:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-20 19:54 - 2015-01-20 19:55 - 01707939 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe
2015-01-20 19:53 - 2015-01-20 19:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-20 19:53 - 2015-01-20 19:54 - 02186752 _____ () C:\Users\Nick\Downloads\AdwCleaner_4.108.exe
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\shopndorop
2015-01-20 19:09 - 2015-01-20 19:09 - 00000000 ____D () C:\Program Files (x86)\leisss2pay
2015-01-20 19:05 - 2015-01-20 19:05 - 00000000 ____D () C:\Program Files (x86)\FineDealSSoft
2015-01-20 19:04 - 2015-01-20 19:04 - 00000000 ____D () C:\Program Files (x86)\DissccountLocator
2015-01-20 19:02 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files (x86)\DeallsFiNdeRRPro
2015-01-20 18:56 - 2015-01-20 18:56 - 00001284 _____ () C:\Users\Nick\Desktop\Revo Uninstaller.lnk
2015-01-20 18:56 - 2015-01-20 18:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-20 18:55 - 2015-01-20 18:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nick\Downloads\revosetup95.exe
2015-01-19 22:20 - 2015-01-19 22:20 - 00000865 _____ () C:\Users\Nick\Desktop\Downloads - Verknüpfung.lnk
2015-01-19 22:17 - 2015-01-19 22:17 - 00009537 _____ () C:\Users\Nick\Downloads\Gmer.txt
2015-01-19 21:51 - 2015-01-19 21:51 - 00066046 _____ () C:\Users\Nick\Downloads\FRST.txt 1.txt
2015-01-19 21:51 - 2015-01-19 21:51 - 00040394 _____ () C:\Users\Nick\Downloads\Addition.txt 1.txt
2015-01-19 21:48 - 2015-01-19 21:49 - 00040394 _____ () C:\Users\Nick\Downloads\Addition.txt
2015-01-19 21:48 - 2015-01-19 21:48 - 00380416 _____ () C:\Users\Nick\Downloads\Gmer-19357.exe
2015-01-19 21:47 - 2015-01-20 20:58 - 00016855 _____ () C:\Users\Nick\Downloads\FRST.txt
2015-01-19 21:47 - 2015-01-19 21:52 - 00862496 _____ (CoinisRevShare) C:\Users\Nick\Downloads\adobe_flash_setup.exe
2015-01-19 21:46 - 2015-01-19 21:47 - 02126848 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe
2015-01-19 21:44 - 2015-01-19 21:45 - 00000470 _____ () C:\Users\Nick\Downloads\defogger_disable.log
2015-01-19 21:44 - 2015-01-19 21:44 - 00050477 _____ () C:\Users\Nick\Downloads\Defogger.exe
2015-01-19 21:35 - 2015-01-19 21:35 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-01-19 09:25 - 2015-01-19 09:25 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-01-19 09:25 - 2015-01-19 09:25 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-01-19 09:17 - 2015-01-19 09:17 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-01-18 06:54 - 2014-12-31 12:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-18 06:49 - 2015-01-18 06:49 - 00003754 _____ () C:\Windows\System32\Tasks\RunTool
2015-01-18 06:49 - 2015-01-18 06:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea
2015-01-18 06:48 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-18 06:48 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-18 06:48 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-18 06:45 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-18 06:45 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-18 06:45 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-18 06:45 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-18 06:44 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-18 06:44 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-18 06:44 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-18 06:44 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 21:01 - 2015-01-20 20:58 - 00000000 ____D () C:\FRST
2015-01-16 21:00 - 2015-01-16 21:00 - 00000000 _____ () C:\Users\Nick\defogger_reenable
2015-01-16 14:36 - 2015-01-16 14:36 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 22:24 - 2015-01-15 22:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG
2015-01-15 22:23 - 2015-01-15 22:23 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg
2015-01-15 22:22 - 2015-01-15 22:24 - 00000000 ____D () C:\ProgramData\AVG
2015-01-15 15:03 - 2015-01-15 15:03 - 00000000 _____ () C:\autoexec.bat
2015-01-15 15:00 - 2015-01-15 15:01 - 00000000 ____D () C:\sh4ldr
2015-01-15 14:39 - 2015-01-15 14:39 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-15 14:06 - 2015-01-15 14:06 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG2015
2015-01-15 14:05 - 2015-01-15 14:05 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\TuneUp Software
2015-01-15 14:04 - 2015-01-17 15:22 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-15 14:04 - 2015-01-15 14:04 - 00000000 ___HD () C:\$AVG
2015-01-15 14:03 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-15 14:02 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-15 14:02 - 2015-01-15 14:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg2015
2015-01-15 14:02 - 2015-01-15 14:02 - 00000000 ____D () C:\Users\Nick\AppData\Local\MFAData
2015-01-03 17:58 - 2015-01-03 17:58 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WB Games
2015-01-03 17:38 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WB Games
2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Rovio
2015-01-03 17:10 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
2015-01-03 17:10 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\Rovio
2015-01-03 17:10 - 2015-01-03 17:10 - 00001094 _____ () C:\Users\Public\Desktop\Bad Piggies.lnk
2014-12-24 20:24 - 2014-12-24 20:24 - 00001270 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-12-24 20:24 - 2014-12-24 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-12-24 19:42 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-12-24 18:25 - 2014-12-24 18:25 - 00000000 ____D () C:\Users\Nick\AppData\Local\Blizzard Entertainment
2014-12-24 18:24 - 2015-01-20 19:24 - 00000000 ____D () C:\Users\Nick\AppData\Local\Battle.net
2014-12-24 18:24 - 2015-01-17 19:44 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Battle.net
2014-12-24 18:24 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-20 20:56 - 2014-08-31 20:16 - 01793945 _____ () C:\Windows\WindowsUpdate.log
2015-01-20 20:53 - 2014-11-27 19:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-20 20:53 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-20 20:52 - 2014-11-27 18:55 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4218249386-1005423115-940720447-1002
2015-01-20 20:44 - 2014-11-27 18:57 - 00000000 ____D () C:\Users\Nick\OneDrive
2015-01-20 20:43 - 2013-08-22 15:46 - 00023043 _____ () C:\Windows\setupact.log
2015-01-20 20:43 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-20 20:42 - 2014-03-18 10:54 - 00041090 _____ () C:\Windows\PFRO.log
2015-01-20 20:39 - 2014-11-27 19:09 - 00000000 ____D () C:\Users\Nick\AppData\Local\CrashDumps
2015-01-20 20:18 - 2014-12-15 14:13 - 00001000 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job
2015-01-20 19:52 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pokki
2015-01-20 19:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-20 19:28 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-20 19:01 - 2014-11-27 18:59 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{21898380-5491-4791-BB9B-793C6C26EEF0}
2015-01-20 15:08 - 2014-11-27 20:08 - 00000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2015-01-20 14:53 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Skype
2015-01-19 21:36 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-19 21:35 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-19 21:34 - 2014-11-27 18:52 - 00002293 _____ () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-01-19 21:33 - 2014-11-27 18:50 - 00000000 ____D () C:\Users\Nick\AppData\Local\clear.fi
2015-01-19 08:55 - 2014-11-30 15:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-18 16:13 - 2014-11-30 15:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-18 10:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-18 08:24 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-17 20:02 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini
2015-01-17 19:54 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick
2015-01-17 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-01-17 19:47 - 2014-08-31 19:30 - 00000000 ____D () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701}
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-01-17 19:44 - 2014-12-16 10:40 - 00000000 ____D () C:\ProgramData\OqQeGinkA
2015-01-17 19:44 - 2014-12-05 08:24 - 00000000 ___RD () C:\Windows\BrowserChoice
2015-01-17 19:44 - 2014-08-31 19:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Temp
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\install_clap
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-17 19:44 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee.com
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-17 19:43 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-17 19:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration
2015-01-17 19:24 - 2014-09-01 04:36 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\winrm
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Vss
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\vpnplugins
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-RS
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\spp
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\networklist
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MsDtc
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Licenses
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SystemResources
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\slmgr
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Media.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spp
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spool
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Speech
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\networklist
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MsDtc
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Licenses
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\SMI
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-17 19:22 - 2014-12-05 08:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-17 19:22 - 2014-11-27 18:50 - 00000000 ____D () C:\Windows\oem
2015-01-17 19:22 - 2014-09-01 04:29 - 00000000 ____D () C:\Windows\NAPP_Dism_Log
2015-01-17 19:22 - 2014-03-18 10:45 - 00000000 ____D () C:\Windows\SKB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\Configuration
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\InputMethod
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\IME
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Speech
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Resources
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PLA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Performance
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\InputMethod
2015-01-17 19:22 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing
2015-01-17 19:21 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla
2015-01-17 19:21 - 2014-08-31 19:50 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-17 19:21 - 2014-07-25 22:28 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Globalization
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Branding
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ADFS
2015-01-17 19:20 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Local\Skype
2015-01-17 19:20 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla
2015-01-17 19:20 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages
2015-01-17 19:19 - 2014-12-14 11:12 - 00000000 ____D () C:\ProgramData\Battle.net
2015-01-17 19:19 - 2014-11-30 18:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\CyberLink
2015-01-17 19:19 - 2014-11-29 15:04 - 00000000 ____D () C:\ProgramData\Skype
2015-01-17 19:19 - 2014-11-27 19:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-17 19:19 - 2014-08-31 19:50 - 00000000 ____D () C:\ProgramData\CLSK
2015-01-17 19:19 - 2014-08-31 19:34 - 00000000 ____D () C:\Program Files\Realtek
2015-01-17 19:19 - 2014-08-31 19:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-17 19:19 - 2014-08-31 19:21 - 00000000 ____D () C:\ProgramData\Intel
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:23 - 00000000 ____D () C:\ProgramData\WildTangent
2015-01-17 19:19 - 2014-07-25 22:22 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\OEM
2015-01-17 19:19 - 2014-07-25 22:20 - 00000000 ____D () C:\ProgramData\acer
2015-01-17 19:19 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-17 19:19 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-17 19:19 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-01-17 19:18 - 2014-11-29 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-17 19:18 - 2014-11-27 19:36 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-17 19:18 - 2014-11-27 18:50 - 00000000 ____D () C:\Program Files (x86)\OEM
2015-01-17 19:18 - 2014-08-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-17 19:18 - 2014-08-31 19:46 - 00000000 ____D () C:\Program Files (x86)\Spotify
2015-01-17 19:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-01-17 19:18 - 2014-08-31 19:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-17 19:18 - 2014-08-31 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files\Intel
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-17 19:18 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\Foxit PhantomPDF
2015-01-17 19:18 - 2014-07-25 22:26 - 00000000 ____D () C:\Program Files\Acer
2015-01-17 19:18 - 2014-07-25 22:24 - 00000000 ____D () C:\Program Files (x86)\WildGames
2015-01-17 19:18 - 2014-07-25 22:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-17 19:18 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-17 19:17 - 2014-11-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Brick-Force
2015-01-17 19:17 - 2014-07-25 22:57 - 00000000 ___HD () C:\OEM
2015-01-16 05:19 - 2014-07-25 22:58 - 00000000 ____D () C:\Windows\Panther
2015-01-15 17:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-15 14:13 - 2014-11-27 19:10 - 00000000 ____D () C:\Users\Public\OEM
2015-01-15 13:59 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator
2015-01-13 16:42 - 2014-11-28 17:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\.minecraft
2015-01-06 01:08 - 2014-12-05 08:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-12-05 08:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-03 17:10 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\VirtualStore

==================== Files in the root of some directories =======
2014-12-15 14:08 - 2014-12-15 14:08 - 1545696 _____ () C:\Users\Nick\AppData\Roaming\EJSP.exe
2014-12-15 14:07 - 2014-12-15 14:07 - 2031584 _____ () C:\Users\Nick\AppData\Roaming\FYIKETTA.exe
2014-11-27 20:08 - 2015-01-20 15:08 - 0000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2014-11-29 10:08 - 2014-12-17 10:08 - 0000001 _____ () C:\Users\Nick\AppData\Local\DSI.DAT
2014-11-29 10:08 - 2014-11-29 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup1444812342.exe
2014-12-02 14:08 - 2014-12-02 14:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4180595462.exe
2014-12-17 10:08 - 2014-12-17 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4535986252.exe
2014-08-31 19:34 - 2014-08-31 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-06 09:34 - 2014-12-06 09:34 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.dll
C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.exe
C:\Users\Nick\AppData\Local\Temp\58A0271C-DAA9-E0B9-2984-AC25A29A9884.exe
C:\Users\Nick\AppData\Local\Temp\ICReinstall_adobe_flash_setup.exe
C:\Users\Nick\AppData\Local\Temp\ICReinstall_FirefoxSetup.exe
C:\Users\Nick\AppData\Local\Temp\oct8D03.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octE0DF.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octE4C5.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octF576.tmp.exe
C:\Users\Nick\AppData\Local\Temp\optprosetup.exe
C:\Users\Nick\AppData\Local\Temp\Quarantine.exe
C:\Users\Nick\AppData\Local\Temp\res.dll
C:\Users\Nick\AppData\Local\Temp\rt-update.exe
C:\Users\Nick\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nick\AppData\Local\Temp\sqlite3.dll
C:\Users\Nick\AppData\Local\Temp\sysad.exe
C:\Users\Nick\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Nick\AppData\Local\Temp\System.Data.SQLite3c77ea22-6f8d-4996-b236-dc6fe42eecea.dll
C:\Users\Nick\AppData\Local\Temp\updatecertmanager.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-03 20:14

==================== End Of Log ============================
--- --- ---




Gruß,
Anja

schrauber 21.01.2015 11:20

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Sumsum 21.01.2015 15:49
Code:
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c6ba19ccf5d7194a8a64219db5b37533
# engine=22073
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-21 01:55:12
# local_time=2015-01-21 02:55:12 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 15700 12152831 0 0
# scanned=223211
# found=539
# cleaned=0
# scan_time=5241
sh=EDB6E1477166B32FE95301005E15A4EEB8BCF137 ft=1 fh=d29cf5027c7fc6c4 vn="Variante von MSIL/Adware.PullUpdate.H Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Browser\prompt.exe.vir"
sh=C0291FA8B4BF212D40322E152989120E5B309AD0 ft=1 fh=c71c001117fadf1b vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\topdeall\wdb8qXI8r4OBZK.dll.vir"
sh=9FF3042B3BC1AC3256934DE5CE162BFC3B591C06 ft=1 fh=7f32323435353b0c vn="Variante von Win64/Adware.MultiPlug.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\topdeall\wdb8qXI8r4OBZK.x64.dll.vir"
sh=F9F67A6E75A5053CB5FB436BBF762AC1ADDCEA51 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\CAZNd@v.org\content\bg.js.vir"
sh=382B389FE9DE0F54F1C3330FD1311B296E1FDA75 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\F@oxzo.net\content\bg.js.vir"
sh=EBE76420394A7545D6D0A97E126F946E2F8990F0 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\g@9.co.uk\content\bg.js.vir"
sh=60B6CBD0C737FBC376708AB7361CD23471E6BC3D ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\i@Mri86VdY.edu\content\bg.js.vir"
sh=BFA7F8511FF3D51E0606BC065F0C09902BB6E6FF ft=1 fh=c5b494ba53b97366 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung" ac=I fn="C:\ProgramData\OqQeGinkA\dat\FTDKEgsb.dll"
sh=F3477DD97CF2D7579053B5DF73C184CBD99AC414 ft=1 fh=6ea5772ba487bdc4 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung" ac=I fn="C:\ProgramData\OqQeGinkA\dat\hTXFJlWZJbc.dll"
sh=BFA7F8511FF3D51E0606BC065F0C09902BB6E6FF ft=1 fh=c5b494ba53b97366 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung" ac=I fn="C:\Users\All Users\OqQeGinkA\dat\FTDKEgsb.dll"
sh=F3477DD97CF2D7579053B5DF73C184CBD99AC414 ft=1 fh=6ea5772ba487bdc4 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung" ac=I fn="C:\Users\All Users\OqQeGinkA\dat\hTXFJlWZJbc.dll"
sh=FDEC456186BB1B53CA715B0F45E56FD63E6EE18A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\007D60E9B48C26C7D91D0EDD09F9A493946615B5"
sh=98A4F1E41F2C433237B2B7A6A0469B75E283FCCF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0085085170513A939809A3D15C5A3DC1427BE5A0"
sh=B0E2EE664E4FAD7F30DDCB311B135692BC2D7982 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\00B4E21F8C86763BC1673709DFC75E9B3D70BFA2"
sh=F7347652C7B4F362F1424FD949E4D7ABA7D9E87B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\00C7EF19D9285CC4E500EB53EC7F4952E565B43C"
sh=8A774182B7011E730973EF8B3185C12BB99DE203 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\017B2F0A39638D191A0D477C1A743AF692C7D9BF"
sh=15454288325C40F98F56E89B601C45E7C9775D8B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\01CD67F5DC2D0D70E03FD878EDCE20A51DEA8D57"
sh=B904B6FFE3EB8E111C1EFFBAEEF3CDDEB057526C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\029E128C491BA7001A6EC1677BFAED838B93A43E"
sh=E81FBC66871AE3685DB0A35F9EEC2351C1CE6D91 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\033E65593C9DF6D61453CFA2B01E2C6A7AFD5F04"
sh=18B72B4EB9C1774875F9F15D8C8CA19DD3A630BB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\039DB49338FFFACC1EE87FA2D2FA74C2B8F899D7"
sh=7E5B23021FD98736B8574DC667A36683CC3B54A0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0515699FA709A0297EDF2BA68CABE2530C926146"
sh=732AC9C73ABBD079104C5274F215535EB0BCD0CE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0543114483624B182A5100C11E366848E3FD4B19"
sh=3E2307C1602C36DC098BBC34217AE12893266B4C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0557C9369D8268C6CD7406D02DB66D45D0D21F04"
sh=7EFECB1500ED6E220B14269ED9FED37A163D7854 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\068F8A0A098E02975CB452A2ED6C8CF6430C84EA"
sh=2C9B6E7D37C320780A5AB3B8D26096130F1E0A17 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\06BEE3A76DC4C60BF9147F8F0360EDEDE5486F9C"
sh=903F220174F45D0D62B4FB87CC22CAECDFCDC19B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\06D7F075623A4EF96DAD62FB89A72D2F3CCE0B51"
sh=8E297A0A85D4B282169972A3A28BD5A17F9BA7FA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\06E2811A415DA2418D2132D8DB931176977FE5CC"
sh=71BF1FA296982F1733CEF789955F173AD2E6D1D1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0718201824309E616EBCB3FA6EE66B78A2D2B933"
sh=A0BFB52CD2A3D9266CD11E780C190BD3A1EDE66C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\07AF1403C4C78742C6BE08309B214B6B1A8D8AC3"
sh=EF49E5B2DFCCB6A52E0B2F2BD559D4BDEC21DC60 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\088C0B54DE5E3FAA68072FE2DBF4623C9135F094"
sh=90BB31695B1B1287AA199AE38945444BAC46DC0F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\089DD1D801E118C3E34E824F14EC50618258358E"
sh=AEF55B297D6F2E321AA4094FB2B04389C5C302D1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\09885047F658A478670D82441A0D426F7DEFAF1B"
sh=A13646DE857DFFFCE20AE930A09FFF40D5EF46AE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\09F2471886641AFF09FD0A62015DDB5E202833AA"
sh=A24500BB498AABB2BEEE8B6FC0C70D9E5FA15FDC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0A4AA7602CF3F3E8BA21CDE6B74860E69F4F17C3"
sh=EEE891C3BCB0DD11AD5BFEE0AE9CE4FDE5046E1E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0AAE8A582AB5A99E7D67C87C5FA491410CD41A77"
sh=932C23156B7BFAF6D95A64C847829A7D3566AA23 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0ACD4D559C2509DA92E3FB6F4DE5C5C4792030E4"
sh=24376607FCDB9548D82177C706AB4F38DAF256A3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0AD64587B8BDD7D01E884990B642E324B0A6176B"
sh=F39B441795EF6AD4E119584D8CA23540704976B3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0B19E9E6AD98F9DB70018D5F0554E6726FDC52E6"
sh=B2F1E1AE449B1BD5F93FA50EC3FC456F736CF126 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0D433B7D31C8778725F07F1CA10F71B6BC6EC014"
sh=017AD1FBA71D63738EB33D5373D792DA96640350 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0E1DCBA8491F3ED42D9D128CCD793050DA90B378"
sh=58B66FB56559CAF7E8D63B7CFD8F066B02C53CBD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0E2ECF756D33D41D2B1F04D8E2B05CD0DEA98462"
sh=A537E5E7D98F2651E192611ABDF0668CA56DB692 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\0FA8F505545DAB373C7C2380973884EF9E8CFCDD"
sh=7897396F9AA07DC752E39647E076E38497A3FC46 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1059BBD9FE84E2DD91FDA2131FE63B4A7D40973E"
sh=FAD2D51C4DB6C459305A6257CEA1707C0FFDACA6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\114B3DF2975055374A8DBBE29C46BEE834C8BAC0"
sh=6D2269841AC822BA0821D7070347F119613C405B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1198B828F9CF6CCDF925C42882ED59261267D656"
sh=289F0E8483A7558AD4F87573B0FE18BE5935E784 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\11A78ADF5D0F2D9ADA0A74C37F5D6279494F2357"
sh=25F5E7BB4ED0C2AA7202A397B88B39080626A14E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\11FA233D34069BDC8F281EC9BE63FD7AAF302D6F"
sh=6C875FCCA8AF81893E9AC9A19EE84FFAAE7BB903 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\12CBCF01D228372B2D3E4CA6F1B0108DA8B99C46"
sh=415BF199638E798038DEE7471E0C5E02830BA149 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\12EFFD6E04F8E776B9EE17F7CAB3440AB12A3B8F"
sh=42EE91C5370FEE66314404C0DD6E1261BCBD0C55 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1372D4AFA9F3911B788560B37A3B9EFD323DC471"
sh=377368CA6FE503EA96F76597041A3EE3619E88C6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1458F7268A2464893CB7E3C62DBCB236676652D4"
sh=3CD9A6C7F7F82694DBFCBA0537B6B6E6159FB37A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\14BA69CB99820A6C73522D584E713EEFECA38BD6"
sh=D5600F2EFADBAD4AA09D4F745040716A02DEAF85 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\14EED579A61A82194A5DC1B6D684EBAF7CC01B1E"
sh=4C56AA1E737DEA62F8B5924C06A9AA0777937285 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\15B26218B316804C8F942389E662D8946C5F8186"
sh=3EB39FAC598A8EFC6514DC4256B9E4837F14C1E6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\15E2F7922D9E5B27F0A1D5CF7ED2CD1385346EA5"
sh=D903D7D5C0CB90D30642AAD41622887818D65D4D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1611DA395455BA75E7D690AB2D613D099E6CE41C"
sh=E668EC9A89B105A211361992869B1EAB80B6E667 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1631B4E8EC37BA88BA88DE96EABF3CD031A20424"
sh=C28ED3C476684AE1ED2FD9C52B7881B55FA47BF8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\163466BC91C5D0BC01507E7CDE963A2E357008DA"
sh=B775700F9BB16198B4A304D88D1287C0A4E06834 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\164AAF1A99C501A00F3453695008321FC041F0EC"
sh=E3835D468DB3A6BB6C54D91AA2767A9DEF527894 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\16835B1454C59356A732A229E59C009943FDF1F3"
sh=44DF2DE905F87EB8AF8C1F260ED2BDE5AF19B085 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\16AA0515DE50661963708F53618033498D218103"
sh=B2ECA129B47AB6BE926727D66646786E0B7BF0C5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\16B9DB5998CE1B983F2816F71C9E1A768B570453"
Code:
sh=7E42EB512F78FEFE695BDA9178778324FC08760D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\177D8EBFE7DE817AC0D53D64E4E8E2F1F591D732"
sh=AE47D03E4616FF32B65D1C146B2C9CDF8F36478B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\17FDEDD43CD366F0C973E46C473996A6C719BA16"
sh=7F3104AFD9A171880E640129068979029B5213AA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1800E5B6B4630AAD2CB92354B63435DEBA8D949E"
sh=3E46EA68B12B04583E31B9A63A8D980B56CFE265 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\18125276954D2AEC4346C5D8A60305D9CF4020CD"
sh=5F35F4679EAC72018DE2B7E18FAC36969784D15B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\183093EC8962F9AA055266680526D39AC13270B9"
sh=7E87083F7CE417C20E35F1C7B4D83DA900F0B119 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\19FFB305462E597736674B30CF89F59E7415DA83"
sh=8D5871EF8E32DC92B455B084319315776C547E3D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1A3E21AFCDC416F10F9A9BC13FE43EB62F08F7E4"
sh=243B9566D8C1FA0D84F1F3947B709E743CA41A45 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1A91631559C7EBF7B4A1261E30A9A17CCE0D4F74"
sh=E5642D4F2238CF4D837DAE0C6906709BBE323D33 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1B475B255401316522F19A3FFC360D598EFEC40B"
sh=1660F8525908C2942EF0EF8F59EB10649CC19A51 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1B88B261FB8E7828422C0E2B6F2FDBD949DE7C3F"
sh=9AEF572D2D69149679CA89FC6133ED9B1DFC34EF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1CC65D77559F791000048886392BC519E85B68AC"
sh=DC740617B99919594E62C27F13C2791326A6240F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1D0A4A446A6F83BEA4F137D01C69E2584B1C2967"
sh=CE9AEE635E4EEFF096831AE159B89C99A6057F30 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1DDB3E9EAF83CBF59A929A675CC34805D237DFED"
sh=C68F40FA38C1B5A84C76BB142599A00C03BF6F56 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1E5B1D6DFF22104C03BA01E7C176604235F4D7E3"
sh=13DFDAC6CF85A0ED124B583DBD00B85A5B90F4BA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1EB62DBF5BB3A19D8CF21EF602E7BFFB672F4B76"
sh=25061F89FC3AD2D3E6B6277CD9EEEC5759C8306A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\1F356595D24D5B9C7D37B305285320B8F18F3B39"
sh=F37E90469901466732132052390574C4CC014A6B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\212778B161E14DB5CE6DFDA4CF7549F942584C0F"
sh=2ED2D8248A29F1F2A6BA0D9A6AF445DDE5EA8F88 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2171B1EBAD13FE4E414E3DA7DA1611295EABA4A7"
sh=2ECA4C795EE9A9135DD209663D0E56974C988195 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\21FF4FAD5162A1E6B9F8FD8B817A48D2D0C301CD"
sh=1311DFB529C44044C0B08AE5E9EC7B7CBE565DD5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2252EAF3D2533760D6DCA5ABE2E4C57037CFA0D9"
sh=F3CB33FA193DB39CDDD41A890373F4E114068F0B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2268BAA5A24CA21C1DB05C6543676D27673DABB5"
sh=33D7BB371B4FEE8899F0CCB0FC9EAA6C30386C66 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\234855CB41D7ACA4F993F577A7431D93EA80FEF2"
sh=EE7B4E8638F7231799D2BBB5785EB0AED2C8C00D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\23A1ADF0A1C31072F384048AAEAE8B9719F0604A"
sh=3EA3695513051C839A6D56ABAFE843C1F8D65D48 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\23CA7DEE2147102782466345682469E5280678AE"
sh=30B93917EE513A512B8F385FEFC9BA21E8B5EEC8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2433A44A7E5FFFE446FB4E1EA0C0542938F63F07"
sh=B721E83F317965CBD7E2AFBAE45BA3FAEF738146 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\246635FDCADC4AB47DE0C09D3744C221C449CB6D"
sh=27E5FA35EECB3AF59DFE867494C3F1AA59606B98 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\24CDD1C49BA8368395223669044FD2FBB33ACCB5"
sh=75FAC7375BE2B9852253A7ACC7C40A8F5A07A149 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\24DD106177566DE2CD967E965AF6D799F2A5204A"
sh=532AD51B4D25DD9CF48F47076B7F9882D59B6EE8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\25E20DA040A1200DB4F7F1126C2E0C94C4BE7E4C"
sh=8E9BC9275710E53E2BB75A0C0B54C9D8ACBF2369 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\26E9837EFF80B958E0E604C7D9242A2E535CAA92"
sh=D5713081B68C8F88CDF8F272E5A92A38CC94016C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2757565D002031D58D3F846CD72D3ED070499C2B"
sh=9C47BC457163209E49F50E4C44DE04B073C356A9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2772057B937B8E233B2B322D4BAAF9A758D53B32"
sh=8A7E028DD1700B1E4F0D2C9AC1F7D0EB37CE10D2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\277273E799B030CBD48C5473C80D7F4D7FEB8E51"
sh=8C4AC9C1CF32B06310FC4BECE09993351015B756 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2798BC1E89720C2E22557BDB898ED45B4E563606"
sh=FABE282AC538BF18E42C6B0AC399CE4F39BCDCF2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\280B5A5C5948A08CD59A84939B9FFAFFC174B86B"
sh=991A0FE1C9DA8361A28219757A6EB3467A281B87 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\283555C6731878B25C12A26A31A0AD9CC375938A"
sh=31238BDDD32E159E7BE4B6438F6438ACC03B6A93 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\286E248C07447012F1509C04FC17E165AB1D3971"
sh=3F654458F030934301E8F54BB24B981F8ABF9E3F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\28916F1E357EA229C87058EEADAF32935F299D9C"
sh=45F874B3B1BFEEE9E4AFEF62752E8D3FB0008D78 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\292C4CCEE1AFFC6C32E04AE6FCA871F2E1256AE5"
sh=24F11262057E77FAEAFD6F6D84CC832865740F2E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\297FC29F31B1457BD20A6F36A58C384C7C801602"
sh=0E956A98F7899FF638A517EFE0D222C4B7229540 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\29A30A0AA88C7DCC3D92CDE51E97FB6049F5E1A2"
sh=2CA9AC15D98F0B5CAC8FA8A2B6184B75EB448FAE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\29F3DC9D328C1C4FC89B7476F4A9036EFDD14798"
sh=F862E6D3ABA8D23BA074951700DEE980B786CCF1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2A7EC9506517C59961F0AF5E5487CF14A7B35721"
sh=0AA579B30470BF5660CD073718D2A3FA137A63C8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2ABAD093E31F64E1FC3EF2B2BED5CC40BD001B0F"
sh=5DA90CAED7DF8AFB4FEFE67DA8620F7861A20D84 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2AD770EC2277F058B4A9D5B960CFD6532795938E"
sh=63D571E87C9BD43A4E333633A589A25E744AA136 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2BAD84A1E31E77744475E4BA4C646D12316EE00D"
sh=44DE51139C8984FFD2BB4B292BE1B252FDE36B7D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2BDF0406B29FC6FC20400ED30B3151C18BC98649"
sh=55DE27BF328904066D25B779BE0B08445B233FB0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2CA2D9436D084C7EB48A0CF09505AC1CD708F5B2"
sh=123A523D939297F387CE257543FA57185E6DCD5A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2CCDA214546F6441ED3EE082D3BAF08B1E131AD6"
sh=78D131FE5153A2C2CA3214119DDB2C8854441BCA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2D6BD9E817ADEC1C2718E3CE2E1950DFF3C0CF80"
sh=17ACFBD90BE054DDAB29E122255A0A8AE06EA9ED ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2D8B4B6F0F19D96459BCFC31391A858526E37610"
sh=B581C243227932C9602EF49A38683066341F33BE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2D960AB963EC3634866A1627E6411F4A45A85BBB"
sh=0632DE93006DE6BFF2286745B8A6869222A79BAD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2DEEA83C1D22B2FE9D089C12E52BD4DBFD7AB78E"
sh=958CF55EC36DD03C61E77C26C023285933384D04 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2E456B6092024CAD83FF1490B6B28A8D6083D2AF"
sh=AAAF37605AED5A9582694C3891659EF82850495F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2EB1DB62858E8944341ECE6B87F760C49B55500B"
sh=5CAEBF05C839D1055A0D03D8DB5789CBB3A601C2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\2FEBBAFA2D60024768EEC8F1833EC5360A722D4D"
sh=A9306C31018C7C1D64D6C9AEF28C6561914AFDEC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\313D0F957A9D511427ED06538232E6834AA64D2C"
sh=F80DDD605D882EE5AEED593CBFFFF9580F9FE272 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3167B295CE6572D6F798EFBACB6D66E64716B292"
sh=BB0D73DCE8D07FF6F96F87F299C3CF35899C63ED ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\33DBA4A8BE1423DAE6B5F659E2C7AF110AAFE297"
sh=F51C549A0DD353379762E48B9F4F33525EA885DC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\349691DC3E0A9758AC5821D9DF92E849E40B56B3"
sh=1B8A17C739E0FFD625020D67181BCE2F1D4D2176 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\34CF8CA844BBBB8ABDD4DD16F93865235FBEC447"
sh=2AC336B8A052E85EF2C9ED9A19C461E2961AFD1D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\35018E0C29C7A76D77A771B1EA77C7EEFC8C495D"
sh=4081B7BA217F445EA1A661F8A9C95E70C4556959 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\357FC1FB72BC5F7BB7623BA761A1947E17EF8CAB"
sh=2385A26F82BB55A25D2774FC6C4906FAE1B72670 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\36583CAEBC9345EDA6CC07BDD7B309B41BEBB838"
sh=7C0B5003164E19FB255AAA27842AD69FF7FEDAAB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3735C20CF4FE71D3E0F3AACC05280D136F4666DB"
sh=64D97BF278574B8DD0BBF969CC0E1771E55546AB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\375C1049475B3C44EFD1B427FDEE9BF92DE4C9FE"
sh=0F50314675C7466240052916224A53500EB73A3A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\389270ABE4DF866E69A9DD5102DD274F71268EF2"
sh=E3E55B8ADCB3B84900488B9ACF5964E50B50BBAB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\39134B593DD6F8FDFD34A0D2544F494B0F8B3D3A"
sh=2E20CD526A94F0FCC2E923E60A5E42DD5BDFDC73 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\393D84E62EECA3265F7A5957C1CC559A75999E39"
sh=306FA48FD27D120013F315B80E6ECAC2F222E1E6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3975BCFCF5E2DC8A4ABBAF15A9E2B416725773A0"
sh=640106D76DFFE961F8BCB9CCB77B82052D848A17 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\397A795D2C962587FB418A69ECA21B62B4D477EE"
sh=CDEC201639BE2BA644AD62F3B96226AC80A936FF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3A1BC7719D596BF13F6870EB371AC56A56FFFE5E"
sh=E13776A803AF81F9466595A97C1AEDB7EAF307E6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3A88770CA137D9A40E0F34497A2AD5351D4C1B4E"
sh=E3C019B4174572179F949C96571B8FBAAE942BBF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3AE0B18CE9FB18B4BEC91840A0466D63B882C2EF"
sh=A5920D7EAB1BFA164C519E934B6AD92E421CE349 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3AEEA26B79CF092AF3D38C214647EA007F736132"
sh=003E00A3F5C47DC3C3A13955CEB79CFAF1CDB1AF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3B846155C756098D0F267002A546957DCFBD0988"
sh=9579CCAA69DE2E3FBC29E3A9FF936229DBBDC14B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3BA547B0D2F9B9F8C38EC9573531E856A97ED25E"
sh=9A94B69B4D2E2AEA10FBAFBD0AE6AC08AAD5CB74 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3BC70605261A2BF29C447C5D036A14D4F2FCA2E1"
sh=2BD8B4DC88D12483B9C56C5993E1B4391A917C5E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3CC06073C5016D0AE4E1E5477C03B7D3E21E93F8"
sh=E49C1C36B9432743DF90B6A053F57652CA690FB5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3CC09B87F52C2D046400C610B97EA92896BA858D"
sh=8E73C3CF9CF7600021EDB9889199CE0C014A01C0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3D7D2BF1F0D78789B3E3AAF4CF0025766CF61656"
sh=5C95EA342BB9BE0C17383C9EB69EA6A5DAEF1EC3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3DF810AD61EB6529C08EDF2E5FEDD48C0453313D"
sh=72A8E0A5AA9F795D4A0DA11D8DAA3E8C2D251E1B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\3F06EFA0F75B3FE76DE02EA23A36DF6804BAB10E"
sh=CADCFED7A7E1CBEFF67B3C5F88BABD7F80369BFE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\41A65DE6852BC46A5711DAB1C0A42EE812754521"
sh=35CE0112CD9D6AA64BDF154BE066ADA3913B695B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\41DD7E9161699E7935AFDB800714DC0E51E77DBA"
sh=483024F73AB6CE0881AB1783D545867A35F79510 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\421800C366C3DF89AFD9866044B0F31570D96574"
sh=99525592670B03E44BC52704863399A01C4BD1EB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\427BCD54F15768282C36D7EBBA7BBB11B7493DA4"
sh=B43A316B67A3E4EAFAE0E035ED34DDC7B2E1BEA8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\42C9EF4F3FEC65461D5C538AAEEFD6FD1A2BDE37"
sh=EC0A644E7F0C12AFD82F4E91D3C34472D695516B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\43800A70CB97360969294EE7E283866E7EF0F910"
sh=1E558EA59A02AA4C8242812BC4B636CAF6E05BEB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4463F650A0CCA370753318F31E74FB77A82F8CA8"
sh=149A8A0E1FC6944BAA630996AB4D02DBC8FFE737 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\447FFF68764C86B14877F9C0C3C79516D6D482D2"
sh=5AA686371115A0532E79931A31E7AC51587AD796 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\457C568A8F730A0C1802A26CC564D315FD87F6EC"
sh=E396F31FCE2E8380DC99AF6564B067A8F187E361 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\45C35B4611B43F10DCC8A9A5F37655EA11B4561A"
sh=CDD27A5562015D22F8EB5EC9BA0D6E7E57BBAA74 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\45D78202B2FCD70BD7D39442AA15CC01859E7FC3"
sh=2CA5758A0D97EB962160FA4DA0D4063369FEF060 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\461944333D90432B7C5065DA191146F2ACDCD8CC"
sh=16F9514E53C6BA6321A6540D4B4BA7CD4D9FB62E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\463D8F2F464FDBA6F84D3103335C74AB5EA8F344"
sh=269CAAAFB6D877E7498C45F0E3FD5332321CF78E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\472A5F5242F9377120A2D96990E56C99F421C129"
sh=D29774E03F9D8BD098F19190AA661A395D5F443D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\47FB6004E5A2D35BB4E80C384B93744FAC7E6915"
sh=7F3625E7BBBBA77BCCE919E8002A8F3B26BE1AC3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4A1659F2A5C0478DBA39166112B8DC7C03724B1C"
sh=1E225D706EB83EF25F822668D05C164E4EC2602F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4BB842D4B36056FEFAE1E7A0F62AC18C2A9A22CC"
sh=438CC55747370BBC7D67022837603B6892395F54 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4BCA982F9D278F3E6A68AD16A319A386F4BEC9CE"
sh=E88CE4E7E387B1AB879331BA76A2597705B94F72 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4BD5DE24072EC982E90757C3B70DD6C3306B2731"
sh=0D93DC60AE3F3F8C1C93A0FA8ED94CFED4D1BFC7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4CD1708658AD2E478BAE80996E47F2B712050EE6"
sh=53B720538C0AD4B9FC8C4403CD8A0734ED8794FF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4CEDE5BD84C5A3CE5D015F42FFFE283B94A80B8D"
sh=A4BC93CA8BFC1EB9E496D76E9675D927A08B75B5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4D60620EF7111ED1F73355EF8A967931EFF64595"
sh=ED361305A112BBB3805A73E5319EFC9197E89BC0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4E28938708801758522D2C2676B0E3D99D9A73FA"
sh=357F6217C657126BB0C38B501BBBCAACABE0634E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4E6CFB3F400EDE824552529F9656ABE8AE8E3293"
sh=5C18A53D0FB9105CEFFBD6108714DD0FAFE43C35 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4EA24238863C58A4C912CA985ED0506106C9FCE0"
sh=CE1B3A1BB47C0D8A9E8D1298AE2C136E4C3E8E72 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4ED17B5336C488B6CEC54414304887250919BF53"
sh=98102F4944C4E2F4B1DE33493B70E7AEF55CF08F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4EE04272FF07B8370035CA639D7C636E74005324"
sh=5B4411AC13A34E8D932BBD3302A9DF660B6E30E7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4FA6F6ABDD909F7E2068F5E6E4AB9887FC15E124"
sh=91EC861EBEB146E2B01345320B1A7C4266139935 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\4FF2C806AD0F6652CEDCBA29651E7A81F3E35F47"
sh=51BA357DB75770B2EE602A4B6016650C05B70EAA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\50B93E9983577F268864CAE839837551CA6446BD"
sh=2082254CE29ECEEC623D3C2A0EDE73D7B5580F24 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\50C799347F1015DAE961ADEE0231EA898E5676D2"
sh=F6D79D02AC069772481115DDE8ABED90D347138E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\527DB0BCCD97C366187855DBB6A92F3E84884C99"
sh=8B50DC65D9447AD9542644412156B35523F92611 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\52E1E6D6A1D1C777F720FC43167FC5636A17EE12"
sh=C67950B95246EACEF9A9358E0C0CDAB355491744 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\530BF413AB9B4D3E563494176BEC09137387FBD6"
sh=5ED0A961DF5EDBEFC2143131232F582B16A19ADC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\55BC9CA52C39515B7C46349CA0B7CEF61D48B98F"
sh=127C588FD8F268B3FF92F83296DB519F67E9E149 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\562882AC2646640C04065E59E821C813E0E57EF0"
sh=081EA52C8FFB14C0EB385AFE0F2283A857183253 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5644FC42DFFE15DA8844719271683410A6585492"
sh=D5C8923AE72CFD69CAD41F0667EB616E83FA3276 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\567261101B2C6F4922F86F96179B04BB5E6DF41B"
sh=008B59AF4C0F1D94BFCC3B4971DE704664F187FF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5687421A78D2F1560DFC8A0FEC1812B65375A9BD"
sh=DD282F4DF37629450766DDD8FC05B46AB9D7AD10 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\57487B6FC77AF3918F346052F39D0856E3352D6B"
sh=151C4E322D8AB9854DA45DFF005B613EC9D62241 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\58407B9359310A806522C56FD07143835C99B555"
sh=9A81C31F5FE702EE7A4796FC8AC253769E6FBF23 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\59D457912B45466DDCAB8217431E5454EB9D5284"
sh=B3429BC284D6D699723E5E9B376540CD2A4D85C0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5A1C95AEB2797EFEAD8D545474A45D5A395F9A6B"
sh=9C0FE0B3C5EB6FDFBAEC0267B581687F8A2B4127 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5A9A0F013E4C573945BD865273EEE5ACE3A2756B"
sh=AA6C94A5352E4F539605E8C39F3491DFDF4602F8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5A9F315FBE50D3F9EAF54535750023694416C55F"
sh=6CC44C7ADBB9551D10848AF4F54C5DCD6062AD4E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5AD901C8BBD1322C479E21AB711989838E4AB6AB"
sh=79085A989B19DC9206CF45B59F9F45F69F20300E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5B3C8C9325E1D242C17792D52A3365EC43336521"
sh=836C2E609EA9B0F2E45D268BB144C9C57960787A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5C13C632985935AFDFD480DF60C10FEECB3B08E4"
sh=08A48EEC75E61C3E1214A96964D3C8C6D774AEC2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5C32E7D59AD4E570E3C7BD6A3162A0DB9CD67C73"
sh=D2D3E7032B345D9D2024F63589A895C812FE3E10 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5C8F17D604B19824007C1FE3AFD947BE27FF49B3"
sh=EB0C0A10C866A61BA3C7AF70C3E694E7B6D86014 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5D1B9B8AD7C9E1818F3FC39E996CE396A6E8F55F"
sh=11CFFABD4D930F478216B7DE7CE7F3B4E7B135DB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5D521E87A47F64A78703E149670D398DDCBB951F"
sh=66BE44B5482C43F4660037FC095E38AE9FF83DBA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5D52FAED9DB01AB1E6D5AFAEF79DD4ADD5E461E0"
sh=55D7AEDDDF9F0A2116AECA797B4E9055DE89E500 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5DA2D3E2E8A893C33C7981753B0CF6173CD30C0D"
sh=4AF70D5903C1C892000CB2FFFFC16F93FD3FCB7A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5DB3653A3C9BCC133F39786CF79DE68AA90F3129"
sh=9A0277A5AF939611E6536E8AC00DF118D7F04869 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5DDD2C8E60D23234314EE8BC6A7C323AD149F720"
sh=22C5800BC12C1C5410C700E6841F7E837C45358C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5E1DA627EB2DAAC16EF36F6938A36A7559DE226A"
sh=782764BE26D1AD964F3C5671AFFD6858BDB0766A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5E28D5DC732762B269A3A668908C45C010E31973"
sh=B7B9C038A5CD6517672F0EA89361FA8B97920385 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\5ECE2AE0E012957AC943ED1CB845CEF500FB2078"

Sumsum 21.01.2015 15:52
Code:
fes414j.default\cache2\entries\5ECF9368A9A82A03832B1FC6F33EB1A114B160B3"
sh=27C897E10FB3B3D52DADD7EF8E6B7C89B0918549 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\60273EF5F3754FFEB0CB2E4F36135695812BB949"
sh=996EBBCC32F02C29B9C886FAFC5C52474FF1970F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\607BF6CADA38849CC0707741308659BD97E467A0"
sh=AEE5E9BC62F5A80CB31F28B2D6831E392182D81D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\60BE0CDB89FDFB62915D3C4C8F157ABB5B5432EA"
sh=A6C0444937B56318C52B2A9FF27D3BA2A924D0AE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\60CDDC1B958F22D4C5FF785D5B9A4C2F0C40E00E"
sh=E6361AAE52B6E4FD02AF27A39F61B21D8BA54AC5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\614790F0D202F706514222570F0859F62B190BE0"
sh=1C640B1589F701698EFDD82FFA88D941A78273FE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6148DA7553A6C12D94CBA36109F6A4C9D8DECFDC"
sh=AFBE8D4ABABB0F15098ECC5EC7CEC322F2A377F6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\617F4B4FC85211C1373C5A86DF64870ABF5002E2"
sh=EDE90C823AF6F4D54E511C621850D17916463BF3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6287D9B9DE7E756161135475AAD10E9043E79799"
sh=8759E2A814025DBC3F91094BE8510990EAC547B2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\63003C765A55C454CE99BC020C7BF85D987F3B27"
sh=2F526BBB6D00DB03DECE4FA0F5DECF169D7E18C6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6369B1A107FDDD7282F11FB98922D40F317FE188"
sh=E5175226768B98641A4B2BAEC44C27E9B299E741 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\64878877630D1388CBB5C7EFD145614EF3B99AE4"
sh=6EDD9800A01ABB4FE2BE15AE328D57DB9AEF2B76 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\648AAE6B25D011C1F06E3866210A81122F5D6895"
sh=0E294BC58B8D576BB73F8E9AE44731F8D1852B30 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\65018C36C1F4E0B60A2C4EFB5DE23F011C3C8364"
sh=FAA09CFC6E51C7DEFB0CD3A53571529C0A9CEFDE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\66044255C14701C66479F44F84E98965D00DA204"
sh=E49E569FD11E4115A9C6F4971950E66BA513EB74 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\66C42420B4FD7043E9D7F8C22436809FF578279F"
sh=F173757F21C5994ACF8B9E13FF0A9864B294E234 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\680760F23A8793434F2643D4B5C62B5055A2CDB8"
sh=79B1D4DC7C123B7B1AFFDA8C66543F7B12A14D84 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\68FA153CC314A91392FD7A61990EF71444C3B22E"
sh=F3830801CDC90BF0E9253498B86F12E035A668ED ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6AC56F45022B109B9D1A9A10A5D68B67DB3002D6"
sh=120D03E3D69073BCACE31148DCD6D2EA8397548B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6B99A40DBCED402A599A738962ED59711DCC23F2"
sh=78EE5D0BDBCD65B8AB19192D6237910000CD7829 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6C815CD144BE840A0B373EF16F89F8E38C0E7CA9"
sh=45658457AABBEFCB7EA271C53605D2CBB09417A3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6C8C478C69C62C2E1C877499AE4AD82C468D1775"
sh=EE0700481BE331A19361AF07414F3F50F98039A2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6CC2116A42AAD88479FE79E09B7EBFE22C8D564A"
sh=20C6584BA6C5007F312896C22DB3D51D9BDB618D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6CD8238C48C20FEAAD78E27F50536BD412287868"
sh=6D5C7D601B90889FACFFCCAE974DD6244E70224A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6DA9AC4D3F0CA7B744D7008399BAA8F4919EE8F4"
sh=589F7E0B654C97710E7DAD3949E5D6417DF63DB4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6EA0F6C115ADC02920123F0EDCAA628615D155C3"
sh=D699387FE5EC71EC994AE10F3C0E05A0EF573F19 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6F7468E2943254A60E7B8144D757097EA7770BC0"
sh=1F3120D23817FF37BEC619A407F2AC414FC2946B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6FD87BFEB12A149933DC7B0DB9CC688DDE3B31BE"
sh=12FE66BAD724D4224F197E537EB8208A45F525DF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\6FFACEFDBEA4044C62A34659E4D0888F87CC46DF"
sh=B1CEB71A8DBE3C60CB9BA786E80F6FD28FA30CAE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\70103C006F7F53FBCA52F73CC24285A41FAA8354"
sh=894BB15C524EEA0BD4A5ABEACB2F30EDF30BF622 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7012EDF026B8220831FED7B5ABAC6C07510E2E7C"
sh=CDA2930D8F4661B3E67EC2006BAB6E9B66F4439D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\705CB1F22C052FBF5F99AB2F219567D961268C8D"
sh=A61301F0726B588A826C9418447B061B3C6F2727 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\707A8F21ABCB8971003C4D0C1B3E1BEF620B7BA2"
sh=2EC0A43AD56885300A487020146E52F0176943A1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\70900A60A8BF6F0305F3DA703E6A5E085E699BBD"
sh=D9E2210914C878FCFD93E2571B9128E3D5D0190A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\709DFC9AAF63537392DAF7EF91B48EB26D458A80"
sh=DB4B0CA2D2F6984AE55CEA852490E192F788F589 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\70D20C85234FA1F9909FBAB8468792A4DA4BBCC5"
sh=7AA7DC754459E4ED6BF983A95DB130EB0D72EA6C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\70E2849A97E71865EE8071B64736C442478213EC"
sh=8B7E1CF8CE1B2063A70E81DE33AF32F366148C5F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7189196B798F47A22224A9185764BE740F17945E"
sh=79213CCC57BF4E88ABBCFD8141D2BDF4ABE8A144 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\71C02E5542D0ED2CB6F722CD8F711B7782E15A32"
sh=DD0700B5A5E378D2AEAE9A0E4E4A8A7A647FD5BC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\71DD04030DA814AC8F724463D455032BAD10D564"
sh=8080610865A6C969A8649034F5C45770C7FF01A2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\72737E52C8B554B3111DF963CD777E396BA0ADC4"
sh=9621DF6C04708D95C9B71EF1E61FA69E3FF5F9FC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\72A74597B3507D4B5E6F4E3B9B80122EA31766F0"
sh=7740C4DB2119553ABB3D16324C2FFE0A62E6F2AC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\72F19C5ADC201FE656831094A8DC51E39ED6A936"
sh=02D3730EFC95E4E74703FB329A6BBFA4B62C64F9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7367E293D9ECE4B0F9112F667C8021C9F1E81005"
sh=1D1E7537E0531043387F842FE89215B9E6E22F1F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\73A194F8DB5F2331684EB60E38CF5195A378FDDE"
sh=0F4C9C9DAAFBB88CEFD2DC8F3D2BF6B982F8C297 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\73EE51D55ED3F562A691D144582F8EBDA751EECD"
sh=FB3E2BB53288397012BDEB969F5F414746AF27B8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\75257CD7AB3B5281A8477A407E9C105756B9B40C"
sh=E9CFED695C42B5B534C9145EDAF62C58DF660B95 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7563BB7C2336DCAA369954EC7C9FAA07035DCA5D"
sh=6B00CC2343A6E79F93A9C17C1BE2F57CCC121935 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\75C2B89E220409A533D867FB3F9730700FB488CF"
sh=5BEFB2040DC1CD4EB2588930DAB2A9E77114B605 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\760147A28CCE4530119BC186A240E620C372FE63"
sh=CDC7C4431692CF5A9EE2711E6B820EB6D0F82D80 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7624992AFB6A1E6B8E141FAAF28961B34006AFA4"
sh=317BB6AE104BE6307619A9870016F5481DE5E837 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\76FEAE8C81BFCCBC587C2B886AE49F9B5FC01FFB"
sh=53DA680CD922AF0B74E2AEB863D7BA2D97A23E9A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\772247A1E2D49E1169709ACB7A319BE2784EEBCD"
sh=95EC4C0FFE75346AA2657741D62229A7221C8BA9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\776BC86F93C6D7D425BBBCFAE3B1655F6E3C4108"
sh=7B80056F089681D1D0D5223D8CCF5D4862B3305E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\77B96B8E375324D2A2776B539AC5BC0AA0EE20C2"
sh=397F86BF7D2EF28A075D3F57B4383FC29AB35A13 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\77FAA2CC932C584AF56642E141AED1570DA631D0"
sh=D1FB23F16B1CA75D8B867683A82ED4772B139191 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\788F6D805CB483CD41D9A3B34C3A2B1160D586E3"
sh=87B08E2B794F60E44EBAEB29D8451F32D8A1F6C5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\797EA20BF1ACF8DA52263B42EB4595D170618759"
sh=5725ED67FC748835B84E117C16C94C354C420B5E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\79FB808BED22FD36728BBA296BA1792D375567E4"
sh=FED08AA9B0F9D78F0AD9653B68EB0025C1E412CD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7A868B2DBB640182858943D45C16D3F53FC402F4"
sh=B52FEF5F4994A0C2F58613E6099FECEA1D970ADF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7B80540914DFBA6E49E4B801E65F1C007BE30206"
sh=3EE43A6B9BE7E7DBCEBFEF2BD62A02CC7BE15F96 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7B83F7F972AEBD28B5924DED55ECAFA8B97A4BD7"
sh=3F250982013AD14FD0A3D63C0291A92F2C860C74 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7BCDD075129A0AB8491A15E1D7CA7D7D11F75DAB"
sh=E737906294584E5F3AFC2E11D552A90978AE001B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7C142610A0288C1C0EA601CB46BABF3E27E29CF3"
sh=791B95F4ACDC77AE49C3644B4ACC0B5F57E1C98B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7CF116AE6CB83665743B3684004A5632917572AE"
sh=225D9181904FA22C707A6C05E3009205B32FCEC4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7E0AE82BB4061AAFC2861832D66B1C3637476BB0"
sh=8C66137FF3A2E55C795AEA27B54275033D8E2F13 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7E3D9D02EE95C724BBC72BF0191E361F846E4436"
sh=E8B03CBB5A10B4BD24F794F307C0A8D4B7C7A58D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7E992A5AE53A3991D1CE3642E7ACF21051469298"
sh=50A9E6A9921471D132D20A99CE5011867F4ACAD6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7EBC099B599D6629FB0F99BAE583755A202D73C4"
sh=511750E2D00D69DF2FFF1CE13078665AFFB00D1C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7F3F1AA55A4683F69E07500447A330905C7999F1"
sh=33F2E624FC8E84E80CACC14471A99B1BEFBE7113 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7FDB1D84F0730E4AD2ADD25FD4FADE4E8035C304"
sh=6E8CF766745098E6949FC86D905D63BEE27CDA5F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7FE1C76DCBB4F7AE61926FC3058248805891713D"
sh=1301A6C00592366C1F8823A7945C6A62A6D8996E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\7FE77A5AB6012A6C9EF938AA6A0DBF3E9AA9EC3C"
sh=B5BFDBB94E60EAD89F067394A1AE294EF09FF93F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\80FEE608DCFAFDA91967ED75A8848EC93393E1BC"
sh=257E17255DE184EC7E87C0DE3AFF5E70BEE5FCAD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\810D64CB5FBEFD8D419D18F56BA9F78D89D50722"
sh=37A029D54FABD29A0E11571C6B2C16E690FF9BEF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\814DCF1A11BAC41D0024ADAE012C1C2B090AB574"
sh=904095369E8CE5FA5A0B16E75A8A776E2912BCEC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\821415902E9DCF6AF1C99D03E648178E1FD6E72A"
sh=E19540C0736C472615D07E05905BBD828B13CE3A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\83196C54F519D28334B5F512FE1A02A0C9E7CE8F"
sh=6A2017F498E6F6D37433F601101F07AC89020398 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\834CD8D6A69F128E9E99ED3E0E50DE1BC61E403A"
sh=4E50245622277512C2968C00E03C6D4753216DCD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\853F242359AEF8E74C55DA6B369711B46C8C3B1B"
sh=21693490BDD0AB8F4A765982695430C1855D6557 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\85641138EB62B45375F8E8D7F6ACE2392C5C6E64"
sh=B1B4FFDA977A7F3B6B60A690C564604D2ED02693 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\858BACBA7F0D1932E84736A9D32C077B4DD96FFF"
sh=F6A47B63DBAF3B88B08ECCBE57D21F4784D686B1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8632032D5127D6815B7570065273E5864F80F650"
sh=730AC25D056D7FF7C4138F368BC5201B861C9F2D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\86346F9D55C0D3F04F58E9B46379EA59C7B073D6"
sh=82287BF63E6C235B0442ADA2D1B52630AAE9D06B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\86AD6A25AA4DF05091BB3D64449F3439ACC9FC77"
sh=55937E6D7680BB766B7058E9A0F3BF64FEB9960C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8757A46566C9635B0CF101DB695DA90152C44568"
sh=4148BFE9997DABAE993293FDC6C2F4E485B8B016 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8778999362FABF1B6AAD0284214FD7ED8574462D"
sh=51E79C69F8F2F8052D3B00AA4FBDF193A773CB4D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\880728BE4B94AD59C6BEC70FFC3BF9FA762CA0C4"
sh=EB030450ABCD2C45AB7E17906D6BE8582BDF2DD6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8852E062EB1B496E5E7295B47FCDAB5F2111EB19"
sh=F74FA868955829FC198CD5E22359C5200810597F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\88D0C30D47691312815D40D64D2D1FDDFCCE5AC2"
sh=EFBFA27C8FF313D112AE0A3D198D26F7D11711B5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\897216F7E4111B06828C9414F1659B9545B3522C"
sh=89D2D415F68D00C587202430205D041FFA50D3A4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\89E009D78A90879C43C590A9FDB44EA78F7024AF"
sh=2387A5FB3B77CDCD7298026FA2E4E7D098B16CBD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8A88546EB79D89CE912AE32DC84310CB0F9EAA63"
sh=4889C24C922ABA1902492D3183E558ACD3B5D5C2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8ADE109406F5B65D3589D477CD899EA1800CD344"
sh=0E5AD43AED50CA29224034CA33A48B79920225A6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8B640C60C666BF21FA41CEDB6C65088552E8279A"
sh=31D685F1F795BE79B36C8C1591B6896B1B0C9748 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8B7AB19321732A3C066A743780606CE1BADD5BF2"
sh=A459781C58F501C712664929AD7EBEDA94290E77 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8B9BD1EA28956A6C0633E0375909B77048276CB1"
sh=C048969FA58B2C8225904ECC6143EC8CBA285901 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8BE51C210D12D678915B03685A604C0BF977709D"
sh=E97B1687FB3F938C1CA3D5FBCC732F5A3AA46A2A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8BEE176BB5724A2477E3A64230E9A6D81D952567"
sh=46BA88E5414F15EABD6409BD916A9D0F2ECD6497 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8C24DF1795CAE1721D6A6DE84FDF862498F48E7D"
sh=0AA33D872C39B530F60741453EEDA7234B8145B9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8CB000341FBECCF66B0C218A331CB45251976BFC"
sh=17D461338D25B933D3A6E1FAF2D4CD573E7E5CA7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8D0A639B9BF18F4D7886DC8002A3C8C7B50C3D33"
sh=07C56596C2AE277331A767D7E3A5D3F897FFE13E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8D3212D626C7362A517070D81BE76E7B9E1974E9"
sh=0040B5105542BA7EF9E9FC5DBC5B6C1F4D0D1575 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8DAAC0E0A4D51EE7E8792557D0819E6D2BFBD78F"
sh=49E1857B6697100E3C152C02A6B4EFE8A9DA21AA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8E80850F312F93A4FAF98273CFCB7DEEB6782E87"
sh=4D97F722DD421116CB56AFCB2189C41923632D1B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8EA531775D02274BC47245E8B3118C7763DD7231"
sh=9E486F45DDBFA50AED40FC8A5BC4E91B62B095B4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8EA62A5AFB6B85128E27849474F5D451F8F22A23"
sh=AF3EADD8D4CD9F3E5E9575FD70B97574CF259E59 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\8FB3438945D21A03835628F6EE602EFEB7A81291"
sh=F4C497A6D3916CFB293B80298D00489680FD2B18 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\903376718A7360FFF6C1D4AC4029AED908B484AA"
sh=4BB3E86D5AB531F3269D4743CD8BAD4B02CC96DB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9085587F6E577B81D566DE3547BAD0FB211BCE9E"
sh=7C0172AB20B97C4FCE919B11C5E2B274EC4E94A0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\93D3B07EC8B1F16F2E7850E2538B264A289D07CA"
sh=B16148BA26B676B8765244DA3AF81209F338885E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9442F89CA93F6B2396A764AAC4EA7988FDA681F7"
sh=C507FF2C1E308F2CDC788FA3AFDAFAC22A6C6C78 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9466846131D8173A164DFFFF1F4EB52F74CAFB2F"
sh=7CC6D70E279F057C0F712B5D956F3ECDD2829D6D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\94AD3B48176F6D2A362E6A4120EEDB489E1C5401"
sh=A5B122B0A1D1B3137B6432962C4413E044D441A2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\94D99EF949C678DF91AE883BD7377812B1602421"
sh=3ADAF6841D82993C167D942D25E2B2EEACD16A7F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\95620BB352FA844D4F44277D2FE7E09036AE1CBC"
sh=BFC21C68B59C50BEA043221F4C73283814D4B496 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\95EF512213BEF9C8390204CEBF92CB11CAE88279"
sh=5C8A56DCB6E3D6DA90D8630783394DB3708B42E2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9605C6722D4011E7036562D1098F88FC1C7A790F"
sh=EB10743CD225BD93DF7F178409BB22D98EEA815F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\960EDBDFCE3DFC94E8B0CB79922E2E6AD320A2F6"
sh=85D51348F26459E473AA1F41B9D37AAC4509D41E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\961E1128B277ADE66F560054B870B0BCF371114C"
sh=C7B2D7B8F7C958FFE888239F6E7B2BAEA9F8D93F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9674218D56909D01FC1BEEEA4DD3914AA7EFC544"
sh=DC88CE6150FF6038735BE1BF1F7F626370405C2B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\96AE0D963A73E1EF138718A9851848FE01DABA59"
sh=4B5CD204AE3E3E486AC771785A09C64EA852F57D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\97091C6D02296ED8FFEFFB2524C2E663F3E186F7"
sh=277A6DDD4401453B45A519B31E17B9DFEEBBA89D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\977F3219A16A1E4D750088B555A02450AB04D116"
sh=B6E5329A7957C1BB4D4AB74BACBDFC21879AC2D7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9780215673AE45B855002F51F940D9BAE4E9763B"
sh=D2CE9013B3138CE066511D34E154F1E2D87E63D1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\97DBA2CB2679F4A5AB8EB37CECCD5D8ACE51BB06"
sh=D996089D60E810F4E22C612D864FA7708B87B275 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9835F2D9D13049F37D2A72A81BAF20534CEED81C"
sh=0E9AE74DE69254BDFDF97B9EAF14AE1695B657AD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\98E64B11BFC146FA0680D6629620E0B59A2F740C"
sh=B7640C5B6B51167CE6B177FEEF883E771E13F440 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\99D79CD3F9FDE3D4D94902483A541483F599A6B5"
sh=8F4EDF6F8AEC867AF241D61C4994CA24A5B1899F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9B3B9150630035A66D8AB8AEE22E6DB4AF5B3A5E"
sh=19C79C5C4C1290782033F0C41FF36FD30A707993 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9B64A0AD81C6DC2818E09FA17F5C6232E88CF183"
sh=057F4637CCFBFC08F866B5BF43227E4D79F06289 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9B7FF429BB2EF2B1DE3C3DC5BA68D7BA373F27C7"
sh=97F89187561A00B327C27ADDE1FDF4BCE93D9921 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9C3DFDD938801CB5195613E486B01184C4C9953D"
sh=30C8A0856D6D18F0091BAF55F36A9B2A575A0233 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9E42784AC3FFB887860D11D845410E96EA1E93E8"
sh=D57B315861B7225FB0339C7DAB7A74D75A1DB990 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9EC9D9822523F53779B16EFBCEA25FA0D7C4042C"
sh=4675A330B7A7C286AB6298C3B0D0884AE5E27F4B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\9FA6A59E369618E6CA903B45DE8AEFE0011B7581"
sh=8E518A2DB0287638BF649FFB2C668DA3A65E1BD9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A052B414148608BA6205ACF0A037E7D46107220C"
sh=00435088CE544F31F9B0375D1163EAADCF4D7811 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A0C217DCFC61C505BFCF7B4552EE8FCC11A22926"
sh=45FEEC5CEE20BA4AFB4486EA855C23D146BED3A9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A0DC358F41EE07D32B2ECDFEAD8A3C293620E7BE"
sh=4CD930E69CF4898275ABDBCB124762137FA8C4D6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A0E005612A893D8785DAB73A2FAC4F5B30ED94B7"
sh=77B9A12202D6538157E4BABD3B3E83F01A4B5A98 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A0F91A62F087FB3370FEA11BC4827B17A575AF04"
sh=FA3755C0DCB59F3A85F7385CE17C96065E888259 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A1D21114B78BB1C16A179AA5F60161F6178A05B3"
sh=C9ED80FE935D33D870EABD4EFAB9FD935AE90F1A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A1D92C1AC677068EEB0B6B678ADEA9BCED89D387"
sh=8FDEA7668A690C6FB770241E0305426D1F0CE7B2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A208D4E128ACB44A118BBE297D946740BD1B069B"
sh=28A53DA776C52BFD0B10DEDC42C4EA2362669C99 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A2FB5DD8894B8045580F10A8340AFB7574AF5536"
sh=B84BEBC3085C5117C878B06F4905084F20100DEC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A3CF64CDDB907BE41F2C5140B73CD063AF2AE422"
sh=E7BBFAB05621F46542DFBC2529974A16B01E49A6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A4638CB7579587EE1F4361D10AC689403F898692"
sh=03F91EC9C2F3D0821C8FA0D78563C38428B50995 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A4739B0E062C9C26241FBCB847FD8E60B743AB07"
sh=4F81C731FC62994D09115A0D7F72D169563A801F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A4AA64B36736B567944542A4329E2F418156B3E7"
sh=51EFBDB5514619115C7C43871C1816D58E2EAA0C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A52AA3D52890565CDFC1374F2F2EA3D53D59330E"
sh=3ABCE3FE29877BA366614BF25269F969C39D6E57 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A6426BDDC43C4ACDD4DBB4EF3B5273D13C4ED8B6"
sh=6D9E31DFEF6012107897A8074967659E889597FB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A70F1CB4138902B504899BC727C564858DB73FCF"
sh=E3773436F332F25B9E14DC15C77103D07C6161E9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A7131200079CF25997C4648BA930C81EBDF0D779"
sh=54B475DD1C1CD2912C47AA65D5F1BEA782B89A7F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A7E555F8FE625E74501412A8C43A5FF1920729BC"
sh=620D610D11FF79D92D6B9D7E88AF21880BF6150C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A89392029D5A0900B9B0976B315CA4D4B774DCE3"
sh=5FB03A8CEB49597BAE27AB20A781A97E1EC8685F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A8D5E86A2414C642DB1C7450E1AC1CEF46C9DC4C"
sh=119CFE070F733256F4048B52946411A2BC20A024 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A8DF579D7A3E2D13F096C5B8703F2BA688B3E2DF"
sh=4EAEEBD6000A3053E074D2FAE8F6FCDBB3862678 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\A975A4347A79C45A5E2BE9439A0C1BB2C868F0AB"
sh=36F2F1F6A38F7681B324EA24A0E82AD619969570 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AA8CA97B914E16D3CABC9536C6DB367F109151B2"
sh=111FEA0D52AD8509750D29635374E27D1901DEA9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AB114F7A334D23F3401BDCBD26CB2AC9E09D5812"
sh=5C3EDD3676D4452D2525D816BACD4DC9AAD52A8F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AB61CAA354919EC457734F363C64FD5088708658"
sh=AB76348908EFF3239EE60BD74E6E20A1E9F9279F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AC2E1498CFA423661A43D6ADF9E5392C6FC4A90E"
sh=C66B4DFE2EBD3072B626F8922AB2C6F803112169 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AC5753CB8668DDD9543C28967FA0609ABC7856CD"
sh=B8CC6D24ED8F385AAF32BC56991E66855D778EC2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\ACE44A664793D3C472C00CE3DDFF3743E57F0E72"
sh=8513B3BFFD558BF23081D2DE002D6F64A0D32B6B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AD379CC90DF352CC3C2B9FA902012C0744282682"
sh=D51704038E9A6BD11BCAE5DBB3F4950A56253543 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AD7A989CCF673B83F1C6964846C35572DC9162AA"
sh=D2689ED49B4EB1FC9A8E0C761C58B742FB4FDC6C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AD8A8AB50BF4610A4C1E112F44EF13B5A30984D7"
sh=F5A053F3A45D1935D017D29A37F5D9BBBE2B6470 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AE232353E04AD4879C36DDD7A9C68118024609B7"
sh=16DD1E5ADC955D3C2655C24EB75BD5ECCF569736 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AE2B5709A8E837A1A6F27F94F406A68F699CBF0C"
sh=D6374105216A93C918F878D073BAB5F7C8CB76F6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AE6859D49FC5DCA533FDA9EEE59CBFD8267462F7"
sh=0E0D9FDCDC9FDF209B590A3347DCD8C10CF0CCD0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AE7AE1F8FCEB85FC78CFA715EED091FDC74A7728"
sh=35ED17CAFCD3D7EDB6032FE79FAE34CA39503340 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AE7DB82BFEEABB4FCF39DDAC761270B4B6E64AFF"
sh=302DAFA2CB4169D8CF0EB6876AC790C55395D288 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AF1F84D6E84F34CE6A36B765A6390A3009651230"
sh=350335DA7B947F4D0B2A80FB09C9592DA8B2C4FC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\AF40E06CA855DEC43015BBD3154C258409C734DA"
sh=55E783F481A860DFC0A5FD792A86A065A955E1A0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B0078B1E1CF08EE12BA39B4135974F3BDAE6DCD3"
sh=FD47CC02CAF6A78593E285EBEB73207332E190BC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B01D242A2517CF842E1954C5D97E7EA4F5621687"
sh=238E7FC39BF26CF88A3313131C516659FC68E121 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B067CA37AAEB202D210A331BEF386B6DF2E24EB4"
sh=A1D5A9B466E35C0092EE77C9366096EB497052A2 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B0C46045105B6409A1EEC0AFA33BD8DE4F0D8EDB"
sh=45740161BD3EFECA1C7EFA841A00B248DC870237 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B0EF4DB9DC2E1AE86710973B8CB17711DE36EEE5"
sh=C4EC33929397F5D513129E47122B5DD7C595F5BF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B46FCE45C5FC413BE53F63D5737E88C06A301431"
sh=40B2BA4026BF629C6FFBD64F50C53EE7A455C11D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B498B516751D7F30FA77DAC6E887EA3613823F8E"
sh=152845CA3E229A68AAEFCCE293B3F6841ADAF7D0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B5415A58AC634ED6D9B69D23FA4C992CE0DA62CB"
sh=F10CE0167891053338303BE20F002C412DF6ADD4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B60831EFF1194A745FDAA3B7F4A13C0040D772F8"
sh=6A075C319157FD288F25ACAFD3570B1F0C1079C8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B647894E1919BDF6151C5D05E377764A9F7D8DF8"
sh=B672BBCDE1679A1F65E76B7C25F4009B9017ECE8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B653158EBD44ECA4C75361DCC2B9073EBAF0CE65"
sh=673FC9BBBCD328A8A003890314AEB2D66DEE6D37 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B7716B86A906C1DCF992D45750FD2511DE374967"
sh=E2E5F174CC4307DA865A0E3B8FB40C149482134A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B7D1AC0D064E0ED4C06D11C3DEF65B4813EB6872"
sh=7E4D972986164D8892A177BCF0ECA38B115E2319 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B7D53A3E676A4BC3E8CED873CD16ADC7B1071C34"
sh=4BEB399E5A98167F7CC506C5E7CC21433AC69320 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B904EBA7E464DB6E4E3942434D92BB355DC0489E"
sh=CCD040490B9A7C5F30C1FDEE54333E5C8E4A945F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\B9C22164A682FE97074FFEB9BE65DB69164242B3"
sh=1E87FF8CADC595C23144121ED8F795B2FC6F4D1C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BC3E8FEEE738BE72BA716BF4C7298F2F147164B1"
sh=E7FAE689038144440A884795C1DB239ED4F62BA3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BC61869B59DA0AA1FF12D1DE7EE1357EA0ADF584"
sh=8B7BCD3E05BEBF5B4849B211BBA4C68B4142F104 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BC75A54892E5058F0F0FD845498C06F8D5BD9AA5"
sh=DB72B0DBB0C7ED15D0E8AB082825AD8B48A01E1B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BCAC4AE10F5274E9237D5C939179C97E9B53A57D"
sh=4A908CCC877ABC7E0E36FE70C9CD5E2A12C0EBF6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BD62E096497CCF44F74632CB1E6509FD68A56609"
sh=1A952390A030F19574D13F12D5BD02DDB3244E60 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BE24F98DF8E62A92D4164506BFE9CB527BD772E0"
sh=8AE61EBBFA52A286FEBC3B3F40F7EF43641D7B0D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BE5E0AFF3D47E24E2539001169C8C824F58290B5"
sh=DD7E7233F2673DEF0722654246C4FA1856A04D7B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BEA3E3C581AF5D404F064BDA91341FD64701A501"
sh=BCD47F53E59897EEFB7AFE0511283583582B88F5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BEF798E312411546A8CB202B38AD62DB46CE4048"
sh=A27DE8007436F0A43A972F2172DBF44133856D6B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\BF6242F41898002E2F2A902A43758DE0A069CADE"
sh=10395A6A42C824FBB7C64735179A27D8F98B6093 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C02BED78FD8B11701700161518D4DD6941218445"
sh=9817E877158B6158C039A2537AB0B8028A2820A6 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C02C04498279AE0E42996C8D210552E460211A25"
sh=892F331DD8C0B77DC825D066EC5FA2813E993864 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C08CE7D041731C1D77D5F2CD2BB038512BB377FC"
sh=93C8D18E90984E02D66E05CBF35E9F6BA95A4D69 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C2F37FAE502C88B601137ED534ADE836C21AC668"
sh=1FE1D1954CB2C0784762DE05D5161E7978D06B04 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C36891903015CC6F2DE1ABBC51A5B3328EB2BC08"
sh=401A85ED767B3409FE88E0737D64A908DFC7DFD0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C3D13794B1DB2D2920F02072DB45B232E626F954"
sh=02A4D1E86F4434E5B35B00C1CB19A97254DF32A8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C3DB00F68BFE6C83D7C0314732886C65F23A6DD7"
sh=1C6D9D37DA3688F28258C6A326108E7AC3AD30A1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C52AD17D3F32CCD212F6CD0876FC42384AB4D7B4"
sh=B0528EFA4626D79D2B5D79BAE026E4B650FBA74B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C663379E6A2AB451634B613CBCE1A84380C59EAE"
sh=F385144A3585895A1EEA01CB75F90BD88F43DF7C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C67597E2593C06DFB0F5B96653549B0459B04E59"
sh=CC04E704F2D41A5FCBA57FFA75C3C76B1B8BE6B0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C806492022423BE9038B2D968A1908AE29C2C695"
sh=51C21D19777E34E76131A6295748C0DB3135CE70 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C824DCD0DEB209D8864CCEE8E421FFA29872D007"
sh=7781438C1FF94F33293D1B56B1607A0234195C78 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C9689C68DE690CB542FBECAEB9D54F8DAB79D864"
sh=72408728271B6742BD26119B4AA97B5F23C78B63 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\C9B0F7A635D3FF70CB764D7210793C71325AB7B4"
sh=F78369B4F34147960D3A74783F6922F9F897862C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CA0B2E16B4428A0AAAF42DAF9A0B0B1D03056F2A"
sh=C25B68AC9C688673F26D1414F1FDE1890D165569 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CA9D9A2DD0C3A2BD366F00C6516BA8BD066FA7C0"
sh=79C80AB22ED9A213B5D35C1C4ABFD5E9FC54D356 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CAF3F1650FB41C75EB003CE6669F0540C4DF4824"
sh=6044F0541DCCB594B6FAA9D35915E3E382F4F212 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CB88E3152A8F2E2998D80BD42874177DFC463AAC"
sh=492B134BB8CBC11F263435BCDB9BDD62F82906FC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CBD15AC610BFFE5130D5A70534ECF3C15FD5A42D"
sh=79E941A38ED129601DFAE043196CF3E5735F80FD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CBDBD603FFD547DC5EB924723FFB7AC45210D830"
sh=1658921C48815AB39861D548EDE4F9D50CA5B7EC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CBFA6876FC206419128B38BB7842C8D3EB41623C"
sh=B425A17174F0F31DEA808CC0500058437C99ACE1 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CBFFAB26B495787408D0E85213BEDFACF03D6A98"
sh=2F60BE202E38609A801321B228D01CFEEB83B2AA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CD2FE2DCDD1729F575910799739F2143E8A0B565"
sh=EFD57B470E105E081432735F9213E8CD58C6A37B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CD6D82A076C4D357EC5C659B40C2C112D3A0E665"
sh=D7F242FDA2EBC342D6BB702C76BE93B1FB5876A8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CDBD57EC4E8ED6E1FB7D184DECE9FD92F67B1B0F"
sh=2D585B1537EC81BF5BE71AE58A1DB4E399E4F1F4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CE07121D75BFC1A96293D0A3E29626527173244F"
sh=0678D3D77B9D6571D901229257287F7DEAD282A0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CE70A97B6C372E691853BAB1947B5576A66E4A91"
sh=6B7FEE5DBA599DC02A459C3C8C653A2FB2672F39 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CE7B87FCC62B4E8F31102CC8FA3174E48AB1ABD7"
sh=BAC890ABE2EDBEBE95378E55ED0906329954C193 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CEB49E79C3D045B33B28A084D908EF1B0A3FFBE6"
sh=F33D310A7D19099EC045103F94444E66467503D7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CEF61D551FE638890654921971BD9CAD9C48FD5E"
sh=D0153230A83B19B21C4B8C4BE304B912B1FB12F9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\CFD754915D9E57E5C7CE5AD8551EF6EE2FAAC00C"
sh=EDD4BBD913D9B5C46B3AD5521B06046B8E3BDE52 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D063438AC2AB215FCB65840B4F013D55640F0774"
sh=9FC1E8848FF1D7F73A8FE10A19EEDCE52E0210A8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D1085B439AA590F6E5D56FBA35AE0ACFDD72E7EA"
sh=8391484E820775CEC81C0DAB1D4F1EDB60C3A997 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D11369C4A9A8FB8BDFB51B69A4E0581D061E7F44"
sh=60F42588D23E3C50C4E27A8D8596E234612314E3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D1979C513484C138D0C137FD284EAA6FBCDC43A0"
sh=AC71A7A782D9E45AA411C454E5E2BE79615EE298 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D260E35D5D706455256391813D7608FD1D4D6361"
sh=6877E9108A68B25CFDB1B31B376D3B0A167E8E22 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D2D8CBBB20D6985DDDBB6F8BABACF42E31BB389B"
sh=C0CB58276754FE63F2ED9D227E21360DA06AB0D7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D2E8C06C5B10CF6C0211BA4049BBECCE2AFC7F14"
sh=6BE83F9D30B7AF584712E1C60FBEF75729E77A62 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D37AD3A417F04789B69B5186D1F7D359E205ECB8"
sh=FD2FAD777E367AB7F1EB684682BC527B139BA323 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D3F779415FB74D1183337A85830F5F3D41EA2187"
sh=56AD0CFD13D0C90062A410B06EC3D9E2B19A1DEC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D42C952E3D9CC3D2B2BAC7EC6CFCD117BBDFC88A"
sh=8D6807771576A5D1A65CB43F05EE5A65D493F9B8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D491C2C6AA61F2EAB85CBDBC494F71605198E44C"
sh=6BB4BA34E28B114F1B65899A190500844BDC90AB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D5178C6AD4028641371926E55096C68A1E8DEF03"
sh=CF88F769C7E3E891C002D0A54EA611994FC978AB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D5DFC767F2D1E1A11CE1ECC5E1DABF78622EFC90"
sh=82904781A165FEAEDEB264FE00C58AF9E5339DA8 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D75D9202431042EEDA73DFC7C59C4025CF8B38C6"
sh=9A78113924D1498B555E8DD6776200F31CD07F79 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D7A0904900520A125062883184F1AED3EE1C803D"
sh=2C082D629A4DA79A710F2D5F2C02F18BB3863D16 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\D81D3FF2A7B3CA0061AE0257C3D4057FF9877381"
sh=79606C89547CBB2A97CFA1305F553E4E050AC107 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DA6626396C67E3E97104CAD6CEF355B5258C24DF"
sh=3DE1396D14F9D2ECE923CA12291AF1F865E2A1CD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DAE14D2CD9FBE902830994C76EA7C7B19BDBFE29"
sh=A46B48862B6DD13B5659A6CA87E000262042476E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DB14367A22C20B3BDBFF224543BD452672963A76"
sh=F8C91A779D3AB610BD0858E2C216D1AB3A7AA4D9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DBC0B9D9A6FDDEFC61AF653EAB6540B5F85CAB5D"
sh=A5E6D464FF1E4D15206D50FECC40D326488108A3 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DBE1A4750CBBC686CBF1A3C7A484798404ED82BD"
sh=DF28E8F45D5DBCC079B7D08258B66711C9F4DFAC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DCE561FF3DA7A65FD04EEE7F5CF72115A2DD4A9F"
sh=D8B46EFE4F0FFAD02B8141116391CB57E258672A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DD055D5C7CE04821F04A4A3407850626CECBC7CC"
sh=E5560A40499FBCD18A1C038CA4F769257DF8EEBA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DD158C82F4426864C2640D777713AFE624A8E5ED"
sh=FD4BAC1EFDE2E965E4A4CE34879E5F4B0D9C5956 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DE6B20110F437F1A92AA6F1697C9A76650B3F4C5"
sh=674E4DD9CA5C5DC6D9FEB85C83C3BEF853F9B502 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DF24B13F56B1EA29F88164DB07927F373825BBF2"
sh=78A5B24E5826481F27F6105EF10B4ADDA43DA642 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\DFC5A3244ABA46F6B7C56C6ACA0BC4D9BA4FFF37"
sh=A99BF8EED82EA6972EA6707381EFCBD69FEBB7AB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E09442348FBD6312CB4D965565BB02144FF05B3B"
sh=D588B198E21A61A38A89F47C7E7DA993BEECF356 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E0C443B5A3188B0AD9D62D3110D3573BD36ADC35"
sh=CD410BC45E7CDBD89F1B4CDCB38375769B2C23E0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E0C6C0F2694DC321A18B7525CF5907866D85D8EC"
sh=14131C245D32C670D876AD2F0D656BE8E39E273A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E1B61B670A1132D9F95784ECDDD774020DC756C0"
sh=475EC5667C5EF5AA50F740ADC3E9CBBBDDC72C39 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E1FE1D55B5FD7660D38494B6A1ECE92230498EE3"
sh=E3FB25F54A951C539749DF073FAA472EA1144F83 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E31B665EC69C2FBC287776215C39BDF7FBD73296"
sh=5BC9CC74AC0097B762A5677C532760B85B48C5FD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E5707FF97CAA538F3F480931C0F1B6F9C19B8AC4"
sh=5BB021C9C4D031E0226C422210F75062C583A21C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E58AFEC0036E7D7C13BBFF03F49C7C0B36559C80"
sh=819EAEF1DDA45755EDFA80918CFFA512EC050EDD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E594B37C7180BFBA8BE486A1E5A1752703D6DDF2"
sh=38EFC9E89DFDEF07FE22E42D73ADBA72B51B3714 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E59A2FDF36438D6D6AD27484101B1E2DA5D92AB3"
sh=9675F0353189576AE83E2CC0795AC56354597A45 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E63BE7DDBF3043763D44ADED83C9BB64386265D4"
sh=51E90DC283D5C52E7783126D544BE1B9AFC845B9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E6642010514B6B5FE93F225179BAF5D428248D49"
sh=50E6EC08B0D515B352F18A1FA6E695A0DCBEED9B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E6E4688799F7977FA06E905E0CEE4F06457ADB5F"
sh=B56E5EA6E29C04934EBF9062636F23BD577D6E72 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E73F9D1823096268C4BEDF85B33E98A7F6F0BA0B"
sh=97F71E7A8030FDA3815E87EE925B8FF563082386 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E74D9BFF45FE956164791142D01543B42A7B1C8E"
sh=4BFC6A07D1C4FF130E018995886345F010C7C2FF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E75E0882DBD2500CB23481186519EAB61CE36789"
sh=0571B4982C788AF6C86307E58412A0213B326A1F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E78CEE488837BD364CD8EE76B6848AF52DC92CA8"
sh=83EC0DFAE9E5DA2F817E4295937C12770BB9E150 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E80BA584C196A156F2AAE26DDA22991F31FFEED4"
sh=CA914937C454AAEB756F47ACFF1B01B5A7CC2E75 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E8B4BB94D943EC0E7DA62588E369863F6047756D"
sh=2CB563489C9C13A79EAB8E5F02358E886242015B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E8F114105E7DE8DDA975EBA3AA96F0650FCFE329"
sh=8B3DA6A0717FDD9AB80B0661A481DE650D461BD0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\E9DFE6ED68987A97719DAD602B2878579B055A3C"
sh=6B015BDB8DDE52BE363ECE5D621C9996C3A876C9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EA27D56AB7364792FC6723F35A3F06C1B977A52B"
sh=3F923BC73093D0BD6FEF2577DDE6796364DF5BD9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EADABAF5A63F30EDCF27C3707CD4BA81DCCAF249"
sh=0803A4C464F33C386988D5A648D038B0B60A8D0B ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EB0DB111F54934D3598E33ACB15871EFDCA9D2E0"
sh=303CD4D04B8F0955B21C8772BAF6A4CC76EA8E5C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EBE602EAF58FEF2058334E52E3FA55DD439E3F11"
sh=7CBE4A29597AA782C66F32A76240521A35A14440 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EC6AC54C45653BA9E0B3F15397B42127F3A76612"
sh=4150C763CBAE44D126EA5D17E8271E8232822679 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\ECEE1052C096D4E1D45621B6D065195D06B21C36"
sh=C99CD73C2D0495A097D82E620B9EB715D6F8A25F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\ED630E53DAA6633B64357F07783C7783091974D2"
sh=D04208C3E197D7E09971EE4886A83543E44B7B6A ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\ED638900B00B3D4FA148EB10348520C72030EB96"
sh=DC0EAA5D608ED7AD46F093FA02C2FB69DD7EE7F4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\ED9B0D7611CEAD86518FF98688FAF4F7B83A1CE4"
sh=6AA9349C9AD478BA03EDDD6507A36DDB6F33C481 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EE38B3E469CC0BA2591899E48CF5171E2084AB36"
sh=1D4A993215C2FE9DF95A076901B9A51A08531625 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EF14BAF903D8220813CA4237D32A58D3F36C205C"
sh=591384773386599AF05B62A440C538444BB26172 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EF5C21F54D8A0D45A1A9956CD828F46DF0BF8AF5"
sh=4493D727E0F1130B1D97A3C055497B4D99D66249 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EF7A2E82E8777DF28501CD2E3958238DEE463356"
sh=12E6409F200BDC8B1A14ECBCF6BC7BD98B81EA42 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\EFED024656E93B7E320B8AA6F4BF4F46DBF578E1"
sh=9C81BA7E6C56CCA7C5B521A369D9AAF8B5A51558 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F023CC1C1FD02566FEDC45D719A04BF9583BB02C"
sh=D77C321354CB17B252B3CB04CC3CDD43000A84AE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F107FD0797AD21A14829C520A074E505CCEE42B1"
sh=03E1CB19C39E7EF3EEA79B90677FC40947C0BEEC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F12CA666884E95784D4618E6B79AA0D83CB35A36"
sh=856309EEA2D06E8EE201BDB4B12AFE1819F4EB22 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F19492A1C5A1331821B925F20E52EA766868681E"
sh=49FDBCBE3CC3CF3AF7A7BB7AD0A7072337D4173E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F23DBC08095BEE665117154C844E48069EED2350"
sh=56AF7E0D4495079DA38166C1C98FBC8ED394A8BA ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F2B739D0FBFAB811673DFFEF740DB6C6508423FE"
sh=EADA07C321C73FE96258CF1B5C3B02CC0F3D438E ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F3A85E535A3E5273EB0FB32F1B50010E7BF30340"
sh=8AC189153CEA2C25E5D14A5502F9D39E41CC1AF9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F4A9496FACBEB4171E233A8C8530EECD85432766"
sh=17C0043A8FB92897F83ECB9F8A56F3B720FD4853 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F53CA0500C793485237DDA80C506EB4F0803A5C7"
sh=0218302F165CD87F0347B87B6FF235A45997F1B7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F60DFE9C556340BC3376B62FA9FBD5C676EF2974"
sh=7E09B73F2D67D2817206297167965A706A71478F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F66273AD3AB1B40DF35E32D674AC1260DB48E759"
sh=9620920CAAD70732184F152C8002F07232C6FD14 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F70B6F4421D4A82DD21D3237B6A72805CE8CD16E"
sh=B803646472A2B6902F8AFA03CEC6EB2B1A6CE2C0 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F8117478077C78A2046B76D4FD7E2C9E3C0CFC11"
sh=AEBAEE7DCACA76FC8D665FE8E579875C1314A9CE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F86A892B3CC5AC4E7CBB2BFA75797DFA60B2B2A7"
sh=B7863B6D997728A4644FFD246F0AD46E895ED0ED ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F87402F942B2073538DB6C044D7F149609AC98C1"
sh=8F0EA293725B2375EAAF451F2EB3FD90BEC1AB91 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F8C3D91E9ED91827B75B4DD051AECAEF2AF4A52E"
sh=CE9AB571CA796F887E40689F271769C6A0FAAAEE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F8CDFD215E4BE1B7A08262862D02FCB4CC8FFE54"
sh=00AA6C6EDA4AAC083F1B93F9E4DD36AF991E5C9D ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F9960E970F11007C5906F728AFFFEBE4ACA69F6C"
sh=21F6C83A548133FC9A363BDA1604EFF9B537B237 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F9BA84D822E32CC7E33E12E1CD92C5E2059608FA"
sh=4902FD15123A01388C5F611009972BFF2E8E7ACD ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\F9FE0D7C456B9F41FC9891D729B734F5DA433B84"
sh=7CC6D703F5F02238A02D0857C3F80AEE2A4CD583 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FA798ABE1077227723411A07156AAE86E092B922"
sh=F325C115FF6AB489E4DAE1AE2E5059C82AF30DC4 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FC2896034470B8C504E399DF83D3B08E24CA6AC3"
sh=2E4CD03C5F06D2E05C33191BC23561B25FF4BF0F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FC5A949C891636E6BC9698234C3CE9625D33FCFD"
sh=DD9532CF682F49A9540A513C290EA39AC76008A7 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FC7598CF95F95FE40D9199244B813169F1FE093E"
sh=A537C9BD687DE8CB7384568FF0E36C5BA0EE41BE ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FC92F04FC953CF9199615D5A164C82C2A5230E5B"
sh=25BB502207717F25CDA866EB2BF0925DA43759B5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FD4231CB3407B9F57E7F729D7ED1B7784BFC2BC3"
sh=12A8CAE5797B4217E3BF59C982DE0EB85D3515DF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FDF01AC3A831C698FD8F235F81C0B978B192D88F"
sh=8F5E77C96900A2EEF4B9B2289E0AC2EDE6095BBB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FE42736830CB3EB136C08BC97DD9A13800919BD7"
sh=1FA9E4991983CD603A82C71CB9BDFC8F1FF6033C ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FE6CD2612E89751F9EF556D986FB68CF12FBBAB7"
sh=77CBBE955BC94014E8987CC35A0C7F4596169E57 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FE9E6BA7903C188BEADCF7761746D0E8BB1F4C3A"
sh=D54C070584E28D77B48D60B44FBB57CA6411E693 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FFAA5AAEA7978E3514A38017BFFC3088F5F89B5B"
sh=E8538BFB67DEF1093ACDA7376A5CDA4C797F8DC5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen Virus" ac=I fn="C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\1fes414j.default\cache2\entries\FFC40BDE3C9C03260EC09032AB641025DC90BAFA"
sh=EF8BE769E13FEC1AF13566D9243CE291F1629B02 ft=1 fh=c71c001139d66c4c vn="Variante von Win32/Adware.AddLyrics.DM Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.exe"
sh=82ECE47BD6D99912A9EA4DA49395D3438B6240B8 ft=1 fh=c71c0011c30f928e vn="Variante von Win32/Adware.AddLyrics.DM Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\58A0271C-DAA9-E0B9-2984-AC25A29A9884.exe"
sh=68B53E6C7C6DA98C863C424911BA547B9A3AA088 ft=1 fh=871fbe96a53e35ba vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Nick\AppData\Local\Temp\optprosetup.exe"
sh=3AC609F0348D290AB3B759692CA911085D3F0ED8 ft=1 fh=87f90cf552b989a6 vn="Variante von Win64/Adware.MultiPlug.E Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\tmpC7DF.tmp"
sh=EE1380F943C34F2603B930EA38DA2D09B39DC0E9 ft=1 fh=5c81a560761e8801 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\is-82CL4.tmp\gentlemjmp_ieu.exe"
sh=ACDCAAFF0692644579F107FF46C8113A07187AF6 ft=1 fh=8e981c71d7929e16 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\is-LUJ14.tmp\gentlemjmp_ieu.exe"
sh=397486B997D573746926ECE174BE876CE18BF703 ft=1 fh=37fb9881b5cd0eb0 vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\is-PMDET.tmp\gentlemjmp_ieu.exe"
sh=586FB793296100C4133E6218B1B1E4E6F33A9933 ft=1 fh=f00aaed3a520e181 vn="Variante von Win32/AdWare.SpeedingUpMyPC.N Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\is1488139799\4BA5C890_stp\OptimizerPro.exe"
sh=62115FB02BA5411A8306E3BF85672BD56F504379 ft=1 fh=4c1c25f2b01e5d41 vn="Variante von Win32/Adware.AddLyrics.DM Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\n2151\9020-8000_TheBestDeals.exe"
sh=342C49244A0766A6E5ED7DAD1F23823C41DBA467 ft=1 fh=1811f9329b63c89b vn="Variante von MSIL/Adware.PullUpdate.A Anwendung" ac=I fn="C:\Users\Nick\AppData\Local\Temp\nsf1C4.tmp\Helper.dll"
Code:
Results of screen317's Security Check version 0.99.93 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 25 
 Java version 32-bit out of Date!
 Mozilla Firefox (34.0.5)
````````Process Check: objlist.exe by Laurent```````` 
 Windows Defender MSMpEng.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
Code:
<<Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Nick at 2015-01-21 15:27:58
Running from C:\Users\Nick\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3009 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
AVG 2015 (Version: 15.0.4253 - AVG Technologies) Hidden
Bad Piggies (HKLM-x32\...\{32941438-AD79-4EF4-B7E4-86039E41B4D3}) (Version: 1.0.0 - Rovio)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.19.331.104.16 - Infernum Productions AG)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Infigo (HKLM-x32\...\Infigo) (Version: 1.26.0.4 - MAVIN LOG, S.L.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LEGO® Harry Potter™: Die Jahre 5-7 (HKLM-x32\...\{5C5A944F-096E-4ADD-B8E8-887F18BA6228}) (Version: 1.0.0.0 - WB Games)
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
NVIDIA Grafiktreiber 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Pokki) (Version: 0.269.2.471 - Pokki)
Pokki Start Menu (HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4218249386-1005423115-940720447-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

17-01-2015 19:13:19 Wiederherstellungsvorgang
20-01-2015 18:59:21 Revo Uninstaller's restore point - CinPlus-1.0cV15.12

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2923779E-6EEB-48BE-A74D-8C074541E151} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {35DF10D6-DAF6-4F38-BCD9-4C7CCBE9ED8C} - System32\Tasks\{5EE2478D-F235-4D61-88B7-D5096E360D17} => pcalua.exe -a "C:\Program Files (x86)\BrowseStudio\BrowseStudioUn.exe" -c OFS_
Task: {4621F24C-2B09-4415-A9B5-59E80B23B1ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {5235A662-426F-4225-BFA9-EBB1683B0ED2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-18] (Microsoft Corporation)
Task: {70DDE1F3-D130-4C28-93D8-5AE03649804B} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {73146D59-A805-49D5-8D19-E39497F43CC0} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {75537BF8-1C84-42D4-8E4B-B42466D102C3} - System32\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86 => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {7CC3A020-2B4B-420B-B12D-B45BF4A1101B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {97C397C4-4FAB-415D-813B-156FD3D89917} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {9FD03297-E1DE-495D-B47A-3BBC246BD50D} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AA9F1F0F-147D-4013-A93A-B1C5D81C0680} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {B23F98AB-2E1D-410C-A96B-85B50D3F719F} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {CDEBDD6D-546D-4B01-A3C7-EB89455009E9} - System32\Tasks\RunTool => C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea\sysad.exe [2015-01-20] ()
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-07-25 22:23 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-08-31 19:24 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-25 21:14 - 2014-02-25 21:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 21:11 - 2014-02-25 21:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-12-19 21:59 - 2014-12-19 21:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-02-25 21:17 - 2014-02-25 21:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-03-19 02:35 - 2014-03-07 17:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-08-31 19:21 - 2013-12-10 00:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-19 09:15 - 2015-01-19 09:15 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-12-19 21:16 - 2014-12-19 21:16 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-12-29 13:25 - 2014-12-29 13:25 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2014-12-19 21:10 - 2014-12-19 21:10 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-12-19 22:00 - 2014-12-19 22:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Nick\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\StartupApproved\Run: => "Skype"

========================= Accounts: ==========================

Administrator (S-1-5-21-4218249386-1005423115-940720447-500 - Administrator - Disabled)
Gast (S-1-5-21-4218249386-1005423115-940720447-501 - Limited - Disabled)
Nick (S-1-5-21-4218249386-1005423115-940720447-1002 - Administrator - Enabled) => C:\Users\Nick
UpdatusUser (S-1-5-21-4218249386-1005423115-940720447-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2015 03:23:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/21/2015 03:00:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15b4

Startzeit: 01d03581f58252cd

Endzeit: 4294967295

Anwendungspfad: C:\Windows\syswow64\wwahost.exe

Berichts-ID: e9a3311a-a175-11e4-8269-f8a963e5e11f

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (01/21/2015 02:59:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/21/2015 02:58:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/21/2015 01:32:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/21/2015 01:22:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/21/2015 01:22:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/21/2015 01:22:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/21/2015 01:12:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/21/2015 11:57:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.


System errors:
=============
Error: (01/20/2015 09:07:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FCUUjqwoLq" wurde aufgrund folgenden Fehlers nicht gestartet:
%%216

Error: (01/20/2015 09:07:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Infigo Operator" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (01/20/2015 09:00:40 PM) (Source: DCOM) (EventID: 10010) (User: NICK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/20/2015 09:00:10 PM) (Source: DCOM) (EventID: 10010) (User: NICK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/20/2015 08:59:40 PM) (Source: DCOM) (EventID: 10010) (User: NICK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/20/2015 08:59:10 PM) (Source: DCOM) (EventID: 10010) (User: NICK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/20/2015 08:58:40 PM) (Source: DCOM) (EventID: 10010) (User: NICK)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/20/2015 08:55:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (01/21/2015 03:23:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (01/21/2015 03:00:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703115b401d03581f58252cd4294967295C:\Windows\syswow64\wwahost.exee9a3311a-a175-11e4-8269-f8a963e5e11fMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (01/21/2015 02:59:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (01/21/2015 02:58:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (01/21/2015 01:32:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (01/21/2015 01:22:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nick\Downloads\esetsmartinstaller_deu.exe

Error: (01/21/2015 01:22:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nick\Downloads\esetsmartinstaller_deu.exe

Error: (01/21/2015 01:22:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nick\Downloads\esetsmartinstaller_deu(1).exe

Error: (01/21/2015 01:12:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (01/21/2015 11:57:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nick\Downloads\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2015-01-21 13:10:15.546
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 31%
Total physical RAM: 8115.27 MB
Available physical RAM: 5567.34 MB
Total Pagefile: 9395.27 MB
Available Pagefile: 6853.13 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:914.95 GB) (Free:835.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E4D040D7)

Partition: GPT Partition Type.

==================== End Of Log ============================


hi Schrauber,


glaub hab etwas falsch gemacht oder?

Gruß
Anja

schrauber 21.01.2015 17:47
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\ProgramData\OqQeGinkA
C:\Users\Nick\AppData\Local\Mozilla\Firefox
Task: {75537BF8-1C84-42D4-8E4B-B42466D102C3} - System32\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86 => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION

Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen



Frisches FRST log bitte.

Sumsum 21.01.2015 20:44
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Nick at 2015-01-21 19:31:36 Run:2
Running from C:\Users\Nick\Downloads
Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\OqQeGinkA
C:\Users\Nick\AppData\Local\Mozilla\Firefox
Task: {75537BF8-1C84-42D4-8E4B-B42466D102C3} - System32\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86 => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION

Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Emptytemp:
*****************

"C:\ProgramData\OqQeGinkA" => File/Directory not found.
"C:\Users\Nick\AppData\Local\Mozilla\Firefox" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75537BF8-1C84-42D4-8E4B-B42466D102C3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75537BF8-1C84-42D4-8E4B-B42466D102C3}" => Key deleted successfully.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86" => Key deleted successfully.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job => Moved successfully.
EmptyTemp: => Removed 2 GB temporary data.


The system needed a reboot.

==== End of Fixlog 19:31:42 ====
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Nick (administrator) on NICK on 21-01-2015 20:42:23
Running from C:\Users\Nick\Downloads
Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [mbot_de_349] => [X]
HKLM-x32\...\Run: [rec_de_2] => [X]
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [RegDXVA1] => C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\abPhoto\SwitchUserVideoKey.reg"
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [SetAsDefault] => C:\Program Files (x86)\Acer\Acer Video Player\SwitchUserVideoKey.bat
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Infigo] => C:\Program Files (x86)\Infigo\Infigo.exe onrun
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52754;https=127.0.0.1:52754
ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:58526;https=127.0.0.1:58526
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=about%3Ablank&OSP=
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL =
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
BHO: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default
FF NewTab:
FF SelectedSearchEngine:
FF Keyword.URL:
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Extension: 9b9d2aaaae264447a7a1633a32b19ddd - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd} [2014-12-22]
FF Extension: Locale Switcher - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2014-11-27]
FF Extension: BrowseStudio 1.0.1 - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}.xpi [2014-11-27]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X]
S2 FCUUjqwoLq; "C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe" [X]
S2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-21 20:37 - 2015-01-21 20:37 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-21 20:37 - 2015-01-21 20:37 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-21 20:37 - 2015-01-21 20:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-21 20:37 - 2015-01-21 20:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-21 15:27 - 2015-01-21 20:42 - 00017137 _____ () C:\Users\Nick\Downloads\FRST.txt
2015-01-21 15:27 - 2015-01-21 15:28 - 00033155 _____ () C:\Users\Nick\Downloads\Addition.txt
2015-01-21 15:25 - 2015-01-21 15:25 - 00852504 _____ () C:\Users\Nick\Downloads\SecurityCheck.exe
2015-01-21 13:22 - 2015-01-21 13:22 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_deu(1).exe
2015-01-21 11:57 - 2015-01-21 11:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-21 11:55 - 2015-01-21 11:56 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_deu.exe
2015-01-21 11:42 - 2015-01-21 20:41 - 00000000 ____D () C:\Users\Nick\Desktop\Neuer Ordner
2015-01-20 20:46 - 2015-01-20 20:46 - 00000000 ____D () C:\Windows\ERUNT
2015-01-20 20:34 - 2015-01-20 20:42 - 00000000 ____D () C:\AdwCleaner
2015-01-20 20:16 - 2015-01-20 20:16 - 00003112 _____ () C:\Windows\System32\Tasks\{5EE2478D-F235-4D61-88B7-D5096E360D17}
2015-01-20 19:57 - 2015-01-21 19:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-20 19:57 - 2015-01-20 19:57 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-20 19:57 - 2015-01-20 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-20 19:56 - 2015-01-20 19:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-20 19:56 - 2015-01-20 19:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-20 19:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-20 19:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-20 19:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-20 19:54 - 2015-01-20 19:55 - 01707939 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe
2015-01-20 19:53 - 2015-01-20 19:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-20 19:53 - 2015-01-20 19:54 - 02186752 _____ () C:\Users\Nick\Downloads\AdwCleaner_4.108.exe
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\shopndorop
2015-01-20 19:09 - 2015-01-20 19:09 - 00000000 ____D () C:\Program Files (x86)\leisss2pay
2015-01-20 19:05 - 2015-01-20 19:05 - 00000000 ____D () C:\Program Files (x86)\FineDealSSoft
2015-01-20 19:04 - 2015-01-20 19:04 - 00000000 ____D () C:\Program Files (x86)\DissccountLocator
2015-01-20 19:02 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files (x86)\DeallsFiNdeRRPro
2015-01-20 18:56 - 2015-01-20 18:56 - 00001284 _____ () C:\Users\Nick\Desktop\Revo Uninstaller.lnk
2015-01-20 18:56 - 2015-01-20 18:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-20 18:55 - 2015-01-20 18:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nick\Downloads\revosetup95.exe
2015-01-19 22:20 - 2015-01-19 22:20 - 00000865 _____ () C:\Users\Nick\Desktop\Downloads - Verknüpfung.lnk
2015-01-19 21:47 - 2015-01-19 21:52 - 00862496 _____ (CoinisRevShare) C:\Users\Nick\Downloads\adobe_flash_setup.exe
2015-01-19 21:46 - 2015-01-19 21:47 - 02126848 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe
2015-01-19 21:44 - 2015-01-19 21:44 - 00050477 _____ () C:\Users\Nick\Downloads\Defogger.exe
2015-01-19 21:35 - 2015-01-19 21:35 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-01-19 09:25 - 2015-01-19 09:25 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-01-19 09:25 - 2015-01-19 09:25 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-01-19 09:17 - 2015-01-19 09:17 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-01-18 06:54 - 2014-12-31 12:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-18 06:49 - 2015-01-18 06:49 - 00003754 _____ () C:\Windows\System32\Tasks\RunTool
2015-01-18 06:49 - 2015-01-18 06:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea
2015-01-18 06:48 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-18 06:48 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-18 06:48 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-18 06:45 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-18 06:45 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-18 06:45 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-18 06:45 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-18 06:44 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-18 06:44 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-18 06:44 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-18 06:44 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 21:01 - 2015-01-21 20:42 - 00000000 ____D () C:\FRST
2015-01-16 21:00 - 2015-01-16 21:00 - 00000000 _____ () C:\Users\Nick\defogger_reenable
2015-01-16 14:36 - 2015-01-16 14:36 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 22:24 - 2015-01-15 22:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG
2015-01-15 22:23 - 2015-01-15 22:23 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg
2015-01-15 22:22 - 2015-01-15 22:24 - 00000000 ____D () C:\ProgramData\AVG
2015-01-15 15:03 - 2015-01-15 15:03 - 00000000 _____ () C:\autoexec.bat
2015-01-15 15:00 - 2015-01-15 15:01 - 00000000 ____D () C:\sh4ldr
2015-01-15 14:39 - 2015-01-15 14:39 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-15 14:06 - 2015-01-15 14:06 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG2015
2015-01-15 14:05 - 2015-01-15 14:05 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\TuneUp Software
2015-01-15 14:04 - 2015-01-17 15:22 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-15 14:04 - 2015-01-15 14:04 - 00000000 ___HD () C:\$AVG
2015-01-15 14:03 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-15 14:02 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-15 14:02 - 2015-01-15 14:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg2015
2015-01-15 14:02 - 2015-01-15 14:02 - 00000000 ____D () C:\Users\Nick\AppData\Local\MFAData
2015-01-03 17:58 - 2015-01-03 17:58 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WB Games
2015-01-03 17:38 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WB Games
2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Rovio
2015-01-03 17:10 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
2015-01-03 17:10 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\Rovio
2015-01-03 17:10 - 2015-01-03 17:10 - 00001094 _____ () C:\Users\Public\Desktop\Bad Piggies.lnk
2014-12-24 20:24 - 2014-12-24 20:24 - 00001270 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-12-24 20:24 - 2014-12-24 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-12-24 19:42 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-12-24 18:25 - 2014-12-24 18:25 - 00000000 ____D () C:\Users\Nick\AppData\Local\Blizzard Entertainment
2014-12-24 18:24 - 2015-01-21 19:29 - 00000000 ____D () C:\Users\Nick\AppData\Local\Battle.net
2014-12-24 18:24 - 2015-01-17 19:44 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Battle.net
2014-12-24 18:24 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-21 20:42 - 2014-08-31 20:16 - 01206231 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-21 19:38 - 2014-11-27 18:55 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4218249386-1005423115-940720447-1002
2015-01-21 19:34 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla
2015-01-21 19:33 - 2014-11-27 18:57 - 00000000 ____D () C:\Users\Nick\OneDrive
2015-01-21 19:32 - 2013-08-22 15:46 - 00023275 _____ () C:\Windows\setupact.log
2015-01-21 19:32 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 19:32 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-21 17:44 - 2014-11-27 18:59 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{21898380-5491-4791-BB9B-793C6C26EEF0}
2015-01-21 11:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-20 20:42 - 2014-03-18 10:54 - 00041090 _____ () C:\Windows\PFRO.log
2015-01-20 20:39 - 2014-11-27 19:09 - 00000000 ____D () C:\Users\Nick\AppData\Local\CrashDumps
2015-01-20 19:52 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pokki
2015-01-20 19:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-20 15:08 - 2014-11-27 20:08 - 00000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2015-01-20 14:53 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Skype
2015-01-19 21:36 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-19 21:35 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-19 21:34 - 2014-11-27 18:52 - 00002293 _____ () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-01-19 21:33 - 2014-11-27 18:50 - 00000000 ____D () C:\Users\Nick\AppData\Local\clear.fi
2015-01-19 08:55 - 2014-11-30 15:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-18 16:13 - 2014-11-30 15:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-18 08:24 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-17 20:02 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini
2015-01-17 19:54 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick
2015-01-17 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-01-17 19:47 - 2014-08-31 19:30 - 00000000 ____D () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701}
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-01-17 19:44 - 2014-12-05 08:24 - 00000000 ___RD () C:\Windows\BrowserChoice
2015-01-17 19:44 - 2014-08-31 19:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Temp
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\install_clap
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-17 19:44 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee.com
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-17 19:43 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-17 19:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration
2015-01-17 19:24 - 2014-09-01 04:36 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\winrm
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Vss
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\vpnplugins
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-RS
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\spp
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\networklist
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MsDtc
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Licenses
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SystemResources
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\slmgr
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Media.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spp
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spool
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Speech
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\networklist
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MsDtc
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Licenses
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\SMI
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-17 19:22 - 2014-12-05 08:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-17 19:22 - 2014-11-27 18:50 - 00000000 ____D () C:\Windows\oem
2015-01-17 19:22 - 2014-09-01 04:29 - 00000000 ____D () C:\Windows\NAPP_Dism_Log
2015-01-17 19:22 - 2014-03-18 10:45 - 00000000 ____D () C:\Windows\SKB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\Configuration
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\InputMethod
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\IME
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Speech
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Resources
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PLA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Performance
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\InputMethod
2015-01-17 19:22 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing
2015-01-17 19:21 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla
2015-01-17 19:21 - 2014-08-31 19:50 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-17 19:21 - 2014-07-25 22:28 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Globalization
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Branding
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ADFS
2015-01-17 19:20 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Local\Skype
2015-01-17 19:20 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages
2015-01-17 19:19 - 2014-12-14 11:12 - 00000000 ____D () C:\ProgramData\Battle.net
2015-01-17 19:19 - 2014-11-30 18:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\CyberLink
2015-01-17 19:19 - 2014-11-29 15:04 - 00000000 ____D () C:\ProgramData\Skype
2015-01-17 19:19 - 2014-11-27 19:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-17 19:19 - 2014-08-31 19:50 - 00000000 ____D () C:\ProgramData\CLSK
2015-01-17 19:19 - 2014-08-31 19:34 - 00000000 ____D () C:\Program Files\Realtek
2015-01-17 19:19 - 2014-08-31 19:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-17 19:19 - 2014-08-31 19:21 - 00000000 ____D () C:\ProgramData\Intel
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:23 - 00000000 ____D () C:\ProgramData\WildTangent
2015-01-17 19:19 - 2014-07-25 22:22 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\OEM
2015-01-17 19:19 - 2014-07-25 22:20 - 00000000 ____D () C:\ProgramData\acer
2015-01-17 19:19 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-17 19:19 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-17 19:19 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-01-17 19:18 - 2014-11-29 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-17 19:18 - 2014-11-27 19:36 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-17 19:18 - 2014-11-27 18:50 - 00000000 ____D () C:\Program Files (x86)\OEM
2015-01-17 19:18 - 2014-08-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-17 19:18 - 2014-08-31 19:46 - 00000000 ____D () C:\Program Files (x86)\Spotify
2015-01-17 19:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-01-17 19:18 - 2014-08-31 19:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-17 19:18 - 2014-08-31 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files\Intel
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-17 19:18 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\Foxit PhantomPDF
2015-01-17 19:18 - 2014-07-25 22:26 - 00000000 ____D () C:\Program Files\Acer
2015-01-17 19:18 - 2014-07-25 22:24 - 00000000 ____D () C:\Program Files (x86)\WildGames
2015-01-17 19:18 - 2014-07-25 22:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-17 19:18 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-17 19:17 - 2014-11-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Brick-Force
2015-01-17 19:17 - 2014-07-25 22:57 - 00000000 ___HD () C:\OEM
2015-01-16 05:19 - 2014-07-25 22:58 - 00000000 ____D () C:\Windows\Panther
2015-01-15 17:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-15 14:13 - 2014-11-27 19:10 - 00000000 ____D () C:\Users\Public\OEM
2015-01-15 13:59 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator
2015-01-13 16:42 - 2014-11-28 17:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\.minecraft
2015-01-06 01:08 - 2014-12-05 08:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-12-05 08:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-03 17:10 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\VirtualStore

==================== Files in the root of some directories =======
2014-12-15 14:08 - 2014-12-15 14:08 - 1545696 _____ () C:\Users\Nick\AppData\Roaming\EJSP.exe
2014-12-15 14:07 - 2014-12-15 14:07 - 2031584 _____ () C:\Users\Nick\AppData\Roaming\FYIKETTA.exe
2014-11-27 20:08 - 2015-01-20 15:08 - 0000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2014-11-29 10:08 - 2014-12-17 10:08 - 0000001 _____ () C:\Users\Nick\AppData\Local\DSI.DAT
2014-11-29 10:08 - 2014-11-29 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup1444812342.exe
2014-12-02 14:08 - 2014-12-02 14:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4180595462.exe
2014-12-17 10:08 - 2014-12-17 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4535986252.exe
2014-08-31 19:34 - 2014-08-31 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-06 09:34 - 2014-12-06 09:34 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-21 11:40

==================== End Of Log ============================
--- --- ---



:dankeschoen:

schrauber 22.01.2015 13:07
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKLM-x32\...\Run: [mbot_de_349] => [X]
HKLM-x32\...\Run: [rec_de_2] => [X]
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52754;https=127.0.0.1:52754
ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:58526;https=127.0.0.1:58526
S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X]
S2 FCUUjqwoLq; "C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe" [X]
S2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [X]
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\shopndorop
2015-01-20 19:09 - 2015-01-20 19:09 - 00000000 ____D () C:\Program Files (x86)\leisss2pay
2015-01-20 19:05 - 2015-01-20 19:05 - 00000000 ____D () C:\Program Files (x86)\FineDealSSoft
2015-01-20 19:04 - 2015-01-20 19:04 - 00000000 ____D () C:\Program Files (x86)\DissccountLocator
2015-01-20 19:02 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files (x86)\DeallsFiNdeRRPro
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Nochmal ein frisches FRST log bitte.

Sumsum 23.01.2015 06:03
Moin schrauber,

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015
Ran by Nick at 2015-01-23 05:55:37 Run:3
Running from C:\Users\Nick\Downloads
Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [mbot_de_349] => [X]
HKLM-x32\...\Run: [rec_de_2] => [X]
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52754;https=127.0.0.1:52754
ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:58526;https=127.0.0.1:58526
S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X]
S2 FCUUjqwoLq; "C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe" [X]
S2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [X]
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\shopndorop
2015-01-20 19:09 - 2015-01-20 19:09 - 00000000 ____D () C:\Program Files (x86)\leisss2pay
2015-01-20 19:05 - 2015-01-20 19:05 - 00000000 ____D () C:\Program Files (x86)\FineDealSSoft
2015-01-20 19:04 - 2015-01-20 19:04 - 00000000 ____D () C:\Program Files (x86)\DissccountLocator
2015-01-20 19:02 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files (x86)\DeallsFiNdeRRPro
Emptytemp:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_de_349 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\rec_de_2 => value deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ContentExplorer.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\internetenhancer.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\internetenhancerservice.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wajaminternetenhancer.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WajamInternetEnhancerApp.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WajamInternetEnhancerAppservice.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wajaminternetenhancerservice.exe" => Key deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk => Moved successfully.
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File) not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
0001121418376984mcinstcleanup => Service deleted successfully.
FCUUjqwoLq => Service deleted successfully.
InfigoOperator => Service deleted successfully.
C:\Program Files (x86)\shopndorop => Moved successfully.
C:\Program Files (x86)\leisss2pay => Moved successfully.
C:\Program Files (x86)\FineDealSSoft => Moved successfully.
C:\Program Files (x86)\DissccountLocator => Moved successfully.
C:\Program Files (x86)\DeallsFiNdeRRPro => Moved successfully.
EmptyTemp: => Removed 157.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog 05:55:44 ====

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Nick (administrator) on NICK on 23-01-2015 05:58:04
Running from C:\Users\Nick\Downloads
Loaded Profiles: Nick (Available profiles: UpdatusUser & Nick)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea\sysad.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Infigo] => C:\Program Files (x86)\Infigo\Infigo.exe onrun
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL =
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1002 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
BHO: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default
FF NewTab:
FF SelectedSearchEngine:
FF Keyword.URL:
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Extension: 9b9d2aaaae264447a7a1633a32b19ddd - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd} [2014-12-22]
FF Extension: Locale Switcher - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2014-11-27]
FF Extension: BrowseStudio 1.0.1 - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}.xpi [2014-11-27]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 05:58 - 2015-01-23 05:58 - 00014339 _____ () C:\Users\Nick\Downloads\FRST.txt
2015-01-21 20:37 - 2015-01-21 20:37 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-21 20:37 - 2015-01-21 20:37 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-21 20:37 - 2015-01-21 20:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-21 20:37 - 2015-01-21 20:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-21 15:27 - 2015-01-21 15:28 - 00033155 _____ () C:\Users\Nick\Downloads\Addition.txt
2015-01-21 15:25 - 2015-01-21 15:25 - 00852504 _____ () C:\Users\Nick\Downloads\SecurityCheck.exe
2015-01-21 13:22 - 2015-01-21 13:22 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_deu(1).exe
2015-01-21 11:57 - 2015-01-21 11:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-21 11:55 - 2015-01-21 11:56 - 02347384 _____ (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_deu.exe
2015-01-21 11:42 - 2015-01-21 20:45 - 00000000 ____D () C:\Users\Nick\Desktop\Neuer Ordner
2015-01-20 20:46 - 2015-01-20 20:46 - 00000000 ____D () C:\Windows\ERUNT
2015-01-20 20:34 - 2015-01-20 20:42 - 00000000 ____D () C:\AdwCleaner
2015-01-20 20:16 - 2015-01-20 20:16 - 00003112 _____ () C:\Windows\System32\Tasks\{5EE2478D-F235-4D61-88B7-D5096E360D17}
2015-01-20 19:57 - 2015-01-23 05:57 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-20 19:57 - 2015-01-20 19:57 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-20 19:57 - 2015-01-20 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-20 19:56 - 2015-01-20 19:57 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-20 19:56 - 2015-01-20 19:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-20 19:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-20 19:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-20 19:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-20 19:54 - 2015-01-20 19:55 - 01707939 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe
2015-01-20 19:53 - 2015-01-20 19:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-20 19:53 - 2015-01-20 19:54 - 02186752 _____ () C:\Users\Nick\Downloads\AdwCleaner_4.108.exe
2015-01-20 18:56 - 2015-01-20 18:56 - 00001284 _____ () C:\Users\Nick\Desktop\Revo Uninstaller.lnk
2015-01-20 18:56 - 2015-01-20 18:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-20 18:55 - 2015-01-20 18:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nick\Downloads\revosetup95.exe
2015-01-19 22:20 - 2015-01-19 22:20 - 00000865 _____ () C:\Users\Nick\Desktop\Downloads - Verknüpfung.lnk
2015-01-19 21:47 - 2015-01-19 21:52 - 00862496 _____ (CoinisRevShare) C:\Users\Nick\Downloads\adobe_flash_setup.exe
2015-01-19 21:46 - 2015-01-19 21:47 - 02126848 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe
2015-01-19 21:44 - 2015-01-19 21:44 - 00050477 _____ () C:\Users\Nick\Downloads\Defogger.exe
2015-01-19 21:35 - 2015-01-19 21:35 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-01-19 09:25 - 2015-01-19 09:25 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-01-19 09:25 - 2015-01-19 09:25 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-01-19 09:17 - 2015-01-19 09:17 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-01-18 06:54 - 2014-12-31 12:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-18 06:49 - 2015-01-18 06:49 - 00003754 _____ () C:\Windows\System32\Tasks\RunTool
2015-01-18 06:49 - 2015-01-18 06:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea
2015-01-18 06:48 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-18 06:48 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-18 06:48 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-18 06:45 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-18 06:45 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-18 06:45 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-18 06:45 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-18 06:44 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-18 06:44 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-18 06:44 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-18 06:44 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 21:01 - 2015-01-23 05:58 - 00000000 ____D () C:\FRST
2015-01-16 21:00 - 2015-01-16 21:00 - 00000000 _____ () C:\Users\Nick\defogger_reenable
2015-01-16 14:36 - 2015-01-16 14:36 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 22:24 - 2015-01-15 22:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG
2015-01-15 22:23 - 2015-01-15 22:23 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg
2015-01-15 22:22 - 2015-01-15 22:24 - 00000000 ____D () C:\ProgramData\AVG
2015-01-15 15:03 - 2015-01-15 15:03 - 00000000 _____ () C:\autoexec.bat
2015-01-15 15:00 - 2015-01-15 15:01 - 00000000 ____D () C:\sh4ldr
2015-01-15 14:39 - 2015-01-15 14:39 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-15 14:06 - 2015-01-15 14:06 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG2015
2015-01-15 14:05 - 2015-01-15 14:05 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\TuneUp Software
2015-01-15 14:04 - 2015-01-17 15:22 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-15 14:04 - 2015-01-15 14:04 - 00000000 ___HD () C:\$AVG
2015-01-15 14:03 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-15 14:02 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-15 14:02 - 2015-01-15 14:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg2015
2015-01-15 14:02 - 2015-01-15 14:02 - 00000000 ____D () C:\Users\Nick\AppData\Local\MFAData
2015-01-03 17:58 - 2015-01-03 17:58 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WB Games
2015-01-03 17:38 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WB Games
2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Rovio
2015-01-03 17:10 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
2015-01-03 17:10 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\Rovio
2015-01-03 17:10 - 2015-01-03 17:10 - 00001094 _____ () C:\Users\Public\Desktop\Bad Piggies.lnk
2014-12-24 20:24 - 2014-12-24 20:24 - 00001270 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-12-24 20:24 - 2014-12-24 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-12-24 19:42 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-12-24 18:25 - 2014-12-24 18:25 - 00000000 ____D () C:\Users\Nick\AppData\Local\Blizzard Entertainment
2014-12-24 18:24 - 2015-01-21 19:29 - 00000000 ____D () C:\Users\Nick\AppData\Local\Battle.net
2014-12-24 18:24 - 2015-01-17 19:44 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Battle.net
2014-12-24 18:24 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 05:57 - 2014-11-27 18:57 - 00000000 ____D () C:\Users\Nick\OneDrive
2015-01-23 05:56 - 2014-12-05 08:31 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-01-23 05:56 - 2014-08-31 20:16 - 01519090 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 05:56 - 2014-03-18 10:54 - 00041654 _____ () C:\Windows\PFRO.log
2015-01-23 05:56 - 2013-08-22 15:46 - 00023391 _____ () C:\Windows\setupact.log
2015-01-23 05:56 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 05:56 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-23 05:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-23 05:51 - 2014-11-27 18:59 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{21898380-5491-4791-BB9B-793C6C26EEF0}
2015-01-23 05:49 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-23 05:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-22 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-21 20:49 - 2014-11-27 18:55 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4218249386-1005423115-940720447-1002
2015-01-21 19:34 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla
2015-01-20 20:39 - 2014-11-27 19:09 - 00000000 ____D () C:\Users\Nick\AppData\Local\CrashDumps
2015-01-20 19:52 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pokki
2015-01-20 19:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-20 15:08 - 2014-11-27 20:08 - 00000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2015-01-20 14:53 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Skype
2015-01-19 21:36 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-19 21:35 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-19 21:34 - 2014-11-27 18:52 - 00002293 _____ () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-01-19 21:33 - 2014-11-27 18:50 - 00000000 ____D () C:\Users\Nick\AppData\Local\clear.fi
2015-01-19 08:55 - 2014-11-30 15:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-18 16:13 - 2014-11-30 15:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-17 20:02 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini
2015-01-17 19:54 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick
2015-01-17 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-01-17 19:47 - 2014-08-31 19:30 - 00000000 ____D () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701}
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-01-17 19:44 - 2014-12-05 08:24 - 00000000 ___RD () C:\Windows\BrowserChoice
2015-01-17 19:44 - 2014-08-31 19:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Temp
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\install_clap
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-17 19:44 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee.com
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-17 19:43 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-17 19:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration
2015-01-17 19:24 - 2014-09-01 04:36 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\winrm
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Vss
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\vpnplugins
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-RS
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\spp
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\networklist
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MsDtc
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Licenses
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SystemResources
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\slmgr
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Media.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spp
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spool
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Speech
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\networklist
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MsDtc
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Licenses
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\SMI
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-17 19:22 - 2014-12-05 08:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-17 19:22 - 2014-11-27 18:50 - 00000000 ____D () C:\Windows\oem
2015-01-17 19:22 - 2014-09-01 04:29 - 00000000 ____D () C:\Windows\NAPP_Dism_Log
2015-01-17 19:22 - 2014-03-18 10:45 - 00000000 ____D () C:\Windows\SKB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\Configuration
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\InputMethod
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\IME
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Speech
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Resources
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PLA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Performance
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\InputMethod
2015-01-17 19:22 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing
2015-01-17 19:21 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla
2015-01-17 19:21 - 2014-08-31 19:50 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-17 19:21 - 2014-07-25 22:28 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Globalization
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Branding
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ADFS
2015-01-17 19:20 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Local\Skype
2015-01-17 19:20 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages
2015-01-17 19:19 - 2014-12-14 11:12 - 00000000 ____D () C:\ProgramData\Battle.net
2015-01-17 19:19 - 2014-11-30 18:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\CyberLink
2015-01-17 19:19 - 2014-11-29 15:04 - 00000000 ____D () C:\ProgramData\Skype
2015-01-17 19:19 - 2014-11-27 19:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-17 19:19 - 2014-08-31 19:50 - 00000000 ____D () C:\ProgramData\CLSK
2015-01-17 19:19 - 2014-08-31 19:34 - 00000000 ____D () C:\Program Files\Realtek
2015-01-17 19:19 - 2014-08-31 19:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-17 19:19 - 2014-08-31 19:21 - 00000000 ____D () C:\ProgramData\Intel
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:23 - 00000000 ____D () C:\ProgramData\WildTangent
2015-01-17 19:19 - 2014-07-25 22:22 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\OEM
2015-01-17 19:19 - 2014-07-25 22:20 - 00000000 ____D () C:\ProgramData\acer
2015-01-17 19:19 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-17 19:19 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-17 19:19 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-01-17 19:18 - 2014-11-29 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-17 19:18 - 2014-11-27 19:36 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-17 19:18 - 2014-11-27 18:50 - 00000000 ____D () C:\Program Files (x86)\OEM
2015-01-17 19:18 - 2014-08-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-17 19:18 - 2014-08-31 19:46 - 00000000 ____D () C:\Program Files (x86)\Spotify
2015-01-17 19:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-01-17 19:18 - 2014-08-31 19:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-17 19:18 - 2014-08-31 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files\Intel
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-17 19:18 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\Foxit PhantomPDF
2015-01-17 19:18 - 2014-07-25 22:26 - 00000000 ____D () C:\Program Files\Acer
2015-01-17 19:18 - 2014-07-25 22:24 - 00000000 ____D () C:\Program Files (x86)\WildGames
2015-01-17 19:18 - 2014-07-25 22:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-17 19:18 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-17 19:17 - 2014-11-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Brick-Force
2015-01-17 19:17 - 2014-07-25 22:57 - 00000000 ___HD () C:\OEM
2015-01-16 05:19 - 2014-07-25 22:58 - 00000000 ____D () C:\Windows\Panther
2015-01-15 17:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-15 14:13 - 2014-11-27 19:10 - 00000000 ____D () C:\Users\Public\OEM
2015-01-15 13:59 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator
2015-01-13 16:42 - 2014-11-28 17:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\.minecraft
2015-01-06 01:08 - 2014-12-05 08:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-12-05 08:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-03 17:10 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\VirtualStore

==================== Files in the root of some directories =======
2014-12-15 14:08 - 2014-12-15 14:08 - 1545696 _____ () C:\Users\Nick\AppData\Roaming\EJSP.exe
2014-12-15 14:07 - 2014-12-15 14:07 - 2031584 _____ () C:\Users\Nick\AppData\Roaming\FYIKETTA.exe
2014-11-27 20:08 - 2015-01-20 15:08 - 0000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2014-11-29 10:08 - 2014-12-17 10:08 - 0000001 _____ () C:\Users\Nick\AppData\Local\DSI.DAT
2014-11-29 10:08 - 2014-11-29 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup1444812342.exe
2014-12-02 14:08 - 2014-12-02 14:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4180595462.exe
2014-12-17 10:08 - 2014-12-17 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4535986252.exe
2014-08-31 19:34 - 2014-08-31 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-06 09:34 - 2014-12-06 09:34 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-21 11:40

==================== End Of Log ============================
--- --- ---


Gruß Anja

schrauber 23.01.2015 12:39
noch Probleme? :)

Sumsum 23.01.2015 14:14
Hi Schrauber ,
nö sieht gut aus.

DANKE
Gruß Anja

hi schrauber,
das ist der nächste und letzte laptop
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:35 on 23/01/2015 (Luka)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Luka at 2015-01-23 13:40:25
Running from C:\Users\Luka\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3009 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.01.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.19.331.104.16 - Infernum Productions AG)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4314.05 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Pokki) (Version: 0.269.5.367 - Pokki)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Java 8 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.156 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA Grafiktreiber 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\...\Pokki) (Version: 0.269.2.471 - Pokki)
Pokki Start Menu (HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1669156641-2173626445-1155326038-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

26-12-2014 19:49:12 McAfee  Vulnerability Scanner
06-01-2015 16:44:59 McAfee  Vulnerability Scanner
15-01-2015 14:47:44 Windows Update
18-01-2015 05:26:55 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2923779E-6EEB-48BE-A74D-8C074541E151} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {3DFAB490-BC03-418E-83E7-D34FE4FBB36F} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {3E10CE56-382E-4FE2-8A3A-C5D2988810CB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-18] (AVAST Software)
Task: {42FAA83D-53B4-43E3-8AFC-4F0C594F53A0} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {4621F24C-2B09-4415-A9B5-59E80B23B1ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {60B276EE-56C8-4E97-9FAB-7836E1483F8E} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {64827652-CE1B-49AA-A10E-52FCF87AF4A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-22] (Adobe Systems Incorporated)
Task: {7CC3A020-2B4B-420B-B12D-B45BF4A1101B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {8DC83882-3BE7-46FC-AE3C-D1CDB2DB0DCB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1669156641-2173626445-1155326038-1002
Task: {994731F7-8E67-42AC-BE91-720B10E07F82} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-01-15] (Enigma Software Group USA, LLC.)
Task: {AA9F1F0F-147D-4013-A93A-B1C5D81C0680} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {B2CE8F20-0599-41C0-BEA3-9A89E6256B24} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {E8DF4AF4-EF16-4598-B5BD-1E5B87068BBA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-19] (Microsoft Corporation)
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {F755230F-C227-4F17-8539-8168B8570140} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-07-01] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-07-25 22:23 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-01-18 05:28 - 2015-01-18 05:28 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-18 05:28 - 2015-01-18 05:28 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-03-13 00:00 - 2014-03-13 00:00 - 00055528 _____ () C:\Program Files\Acer\User Experience Improvement Program\Framework\AcrHttp.dll
2014-08-31 19:33 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-25 21:14 - 2014-02-25 21:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 21:11 - 2014-02-25 21:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 21:17 - 2014-02-25 21:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-12-19 21:59 - 2014-12-19 21:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-03-19 02:35 - 2014-03-07 17:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-12-19 21:59 - 2014-12-19 21:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-01-18 15:08 - 2015-01-18 15:08 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011800\algo.dll
2015-01-18 05:28 - 2015-01-18 05:28 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-01-19 08:28 - 2015-01-19 08:28 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011801\algo.dll
2015-01-22 19:35 - 2015-01-22 19:35 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012201\algo.dll
2014-08-31 19:30 - 2013-12-10 00:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-09 16:05 - 2015-01-09 16:05 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-12-19 21:16 - 2014-12-19 21:16 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-12-29 13:25 - 2014-12-29 13:25 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-12-29 13:26 - 2014-12-29 13:26 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2014-12-19 21:10 - 2014-12-19 21:10 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-12-19 22:00 - 2014-12-19 22:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2015-01-18 05:28 - 2015-01-18 05:28 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-17 05:35 - 2015-01-17 05:35 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Luka\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1669156641-2173626445-1155326038-500 - Administrator - Disabled)
Gast (S-1-5-21-1669156641-2173626445-1155326038-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1669156641-2173626445-1155326038-1004 - Limited - Enabled)
Luka (S-1-5-21-1669156641-2173626445-1155326038-1002 - Administrator - Enabled) => C:\Users\Luka
UpdatusUser (S-1-5-21-1669156641-2173626445-1155326038-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/23/2015 01:37:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.6, Zeitstempel: 0x5494253a
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0xcd0
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5

Error: (01/22/2015 06:48:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/21/2015 04:47:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.11.12 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1130

Startzeit: 01d035752cf28f94

Endzeit: 171

Anwendungspfad: C:\Program Files (x86)\Java\jre8\bin\javaw.exe

Berichts-ID: da5b9a82-a184-11e4-8268-f8a963e5e1d3

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/21/2015 02:06:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/20/2015 09:12:00 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (01/20/2015 01:58:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/19/2015 08:14:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUKA)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/19/2015 10:05:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.6, Zeitstempel: 0x5494253a
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0xd78
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5

Error: (01/19/2015 09:28:50 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/19/2015 08:31:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUKA)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (01/22/2015 08:25:37 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (01/22/2015 08:25:36 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (01/22/2015 08:25:36 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (01/22/2015 08:25:36 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (01/22/2015 08:25:36 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (01/22/2015 08:25:35 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (01/19/2015 08:14:15 PM) (Source: DCOM) (EventID: 10010) (User: LUKA)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Error: (01/19/2015 05:15:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (01/19/2015 08:32:31 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (01/19/2015 08:28:35 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053AvastVBoxSvcNicht verfügbar{F319F1B8-7587-4146-AF9C-0D6D77819BF1}


Microsoft Office Sessions:
=========================
Error: (01/23/2015 01:37:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.65494253aMSVCR90.dll9.0.30729.838751ea24a5c000000500056b1dcd001d0370836bb21d8C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll93a9ebee-a2fc-11e4-8268-f8a963e5e1d3

Error: (01/22/2015 06:48:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/21/2015 04:47:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.11.12113001d035752cf28f94171C:\Program Files (x86)\Java\jre8\bin\javaw.exeda5b9a82-a184-11e4-8268-f8a963e5e1d3

Error: (01/21/2015 02:06:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/20/2015 09:12:00 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description:

Error: (01/20/2015 01:58:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/19/2015 08:14:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUKA)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (01/19/2015 10:05:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BackgroundAgent.exe1.0.1.65494253aMSVCR90.dll9.0.30729.838751ea24a5c000000500056b1dd7801d033b9c98212a9C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll4db23f15-9fba-11e4-8268-f8a963e5e1d3

Error: (01/19/2015 09:28:50 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/19/2015 08:31:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUKA)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927142


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 31%
Total physical RAM: 8115.27 MB
Available physical RAM: 5548.19 MB
Total Pagefile: 9395.27 MB
Available Pagefile: 6803.14 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:914.95 GB) (Free:829.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2403E243)

Partition: GPT Partition Type.

==================== End Of Log ============================
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Luka (administrator) on LUKA on 23-01-2015 13:38:09
Running from C:\Users\Luka\Downloads
Loaded Profiles: UpdatusUser & Luka (Available profiles: UpdatusUser & Luka)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\Luka\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2015-01-18] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\...\RunOnce: [RegDXVA1] => C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\abPhoto\SwitchUserVideoKey.reg"
HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\...\RunOnce: [SetAsDefault] => C:\Program Files (x86)\Acer\Acer Video Player\SwitchUserVideoKey.bat
HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-08-31] (Spotify Ltd)
HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1669156641-2173626445-1155326038-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1669156641-2173626445-1155326038-1002 -> DefaultScope {F753A533-7534-4F65-AB02-3473A90F9370} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20141119&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1669156641-2173626445-1155326038-1002 -> {45788ED6-5B7C-4024-BC69-85ED07F5FC1E} URL =
SearchScopes: HKU\S-1-5-21-1669156641-2173626445-1155326038-1002 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1669156641-2173626445-1155326038-1002 -> {F753A533-7534-4F65-AB02-3473A90F9370} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20141119&p={SearchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Luka\AppData\Roaming\Mozilla\Firefox\Profiles\44l7zhyq.default
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=B111DE662D20141119&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-07-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-18]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-07-25]
FF HKU\S-1-5-21-1669156641-2173626445-1155326038-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-18] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-18] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-11-26] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154320 2014-12-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2015-01-15] (Enigma Software Group USA, LLC.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-18] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-01-15] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-01-15] ()
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-09] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2015-01-18] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 13:38 - 2015-01-23 13:38 - 00022867 _____ () C:\Users\Luka\Downloads\FRST.txt
2015-01-23 13:38 - 2015-01-23 13:38 - 00000000 ____D () C:\FRST
2015-01-23 13:36 - 2015-01-23 13:36 - 02126848 _____ (Farbar) C:\Users\Luka\Downloads\FRST64.exe
2015-01-23 13:35 - 2015-01-23 13:35 - 00000470 _____ () C:\Users\Luka\Desktop\defogger_disable.log
2015-01-23 13:35 - 2015-01-23 13:35 - 00000000 _____ () C:\Users\Luka\defogger_reenable
2015-01-23 13:34 - 2015-01-23 13:34 - 00050477 _____ () C:\Users\Luka\Downloads\Defogger.exe
2015-01-23 13:31 - 2015-01-23 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-19 08:29 - 2015-01-19 08:33 - 00000197 _____ () C:\Windows\system32\2015-01-19-07-29-56.001-AvastVBoxSVC.exe-4876.log
2015-01-18 05:53 - 2015-01-18 05:53 - 00000247 _____ () C:\Windows\system32\2015-01-18-04-53-10.003-aswFe.exe-3084.log
2015-01-18 05:47 - 2015-01-18 05:52 - 00000247 _____ () C:\Windows\system32\2015-01-18-04-47-12.001-aswFe.exe-8104.log
2015-01-18 05:47 - 2015-01-18 05:47 - 00000197 _____ () C:\Windows\system32\2015-01-18-04-47-09.035-AvastVBoxSVC.exe-7888.log
2015-01-18 05:40 - 2015-01-18 05:40 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-18 05:40 - 2015-01-18 05:40 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-18 05:32 - 2015-01-18 05:32 - 00000000 ____D () C:\Users\Luka\AppData\Roaming\AVAST Software
2015-01-18 05:30 - 2015-01-18 05:30 - 00001984 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-18 05:30 - 2015-01-18 05:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-18 05:29 - 2015-01-18 05:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-18 05:29 - 2015-01-18 05:29 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-18 05:29 - 2015-01-18 05:29 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-18 05:29 - 2015-01-18 05:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-18 05:29 - 2015-01-18 05:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-18 05:27 - 2015-01-18 05:27 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-18 05:26 - 2015-01-18 05:27 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-17 05:35 - 2015-01-17 05:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-15 14:56 - 2015-01-15 14:56 - 00003314 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2015-01-15 14:56 - 2015-01-15 14:56 - 00001107 _____ () C:\Users\Luka\Desktop\SpyHunter.lnk
2015-01-15 14:56 - 2015-01-15 14:56 - 00000000 ____D () C:\Users\Luka\AppData\Roaming\Enigma Software Group
2015-01-15 14:56 - 2015-01-15 14:56 - 00000000 _____ () C:\autoexec.bat
2015-01-15 14:52 - 2015-01-15 14:55 - 00000000 ____D () C:\sh4ldr
2015-01-15 14:32 - 2015-01-15 14:32 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-01-15 14:31 - 2015-01-15 14:31 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-15 14:29 - 2015-01-15 14:30 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Luka\Downloads\SpyHunter-Installer.exe
2015-01-14 16:25 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:25 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:25 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 16:25 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 16:25 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 16:25 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 16:25 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 16:25 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 16:25 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 16:25 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 16:25 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-14 16:25 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 16:25 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-14 16:25 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-14 16:25 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 16:25 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-14 16:25 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-14 16:25 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-14 16:25 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-14 16:25 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-14 16:25 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-14 16:25 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-14 16:25 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 16:25 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-14 16:25 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-01 10:29 - 2015-01-07 12:30 - 00000000 ____D () C:\Users\Luka\Documents\StarCraft II
2015-01-01 10:29 - 2015-01-01 10:29 - 00001117 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2015-01-01 10:29 - 2015-01-01 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-01-01 10:25 - 2015-01-01 12:37 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-12-24 18:02 - 2014-12-24 21:35 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-12-24 17:33 - 2015-01-22 20:24 - 00000000 ____D () C:\Users\Luka\AppData\Local\Battle.net
2014-12-24 17:33 - 2015-01-01 10:29 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-12-24 17:33 - 2014-12-24 17:59 - 00000000 ____D () C:\Users\Luka\AppData\Roaming\Battle.net
2014-12-24 17:33 - 2014-12-24 17:33 - 00001138 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-12-24 17:33 - 2014-12-24 17:33 - 00000000 ____D () C:\Users\Luka\AppData\Local\Blizzard Entertainment
2014-12-24 17:33 - 2014-12-24 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-24 17:33 - 2014-12-24 17:33 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-24 17:29 - 2014-12-24 17:29 - 00000000 ____D () C:\ProgramData\Battle.net

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 13:37 - 2014-11-20 08:37 - 00000000 ____D () C:\Users\Luka\AppData\Local\CrashDumps
2015-01-23 13:37 - 2014-08-31 20:26 - 01048961 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 13:35 - 2014-11-19 10:23 - 00000000 ____D () C:\Users\Luka
2015-01-23 13:33 - 2014-11-19 10:30 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1669156641-2173626445-1155326038-1002
2015-01-23 13:31 - 2014-11-28 13:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 13:30 - 2014-11-19 10:41 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{64C2BB8E-102C-4690-BC30-1086C50F546B}
2015-01-23 13:30 - 2014-11-19 10:23 - 00000000 ____D () C:\Users\Luka\AppData\Local\Pokki
2015-01-23 13:29 - 2014-12-21 09:18 - 00000000 ____D () C:\Users\Luka\AppData\Roaming\Skype
2015-01-23 13:29 - 2014-11-19 10:31 - 00000000 ____D () C:\Users\Luka\OneDrive
2015-01-23 13:28 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-22 19:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-22 19:31 - 2014-11-28 13:07 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-21 15:03 - 2014-11-23 23:21 - 00000000 ____D () C:\Users\Luka\AppData\Roaming\.minecraft
2015-01-19 08:27 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-19 08:27 - 2014-03-18 10:54 - 00018342 _____ () C:\Windows\PFRO.log
2015-01-19 08:27 - 2013-08-22 15:46 - 00022662 _____ () C:\Windows\setupact.log
2015-01-19 08:27 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-17 15:11 - 2014-11-20 10:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-16 13:19 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-16 13:17 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-15 14:51 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-14 16:22 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-14 16:21 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-14 16:20 - 2014-11-19 10:26 - 00000000 ____D () C:\Users\Luka\AppData\Local\clear.fi
2015-01-06 16:56 - 2014-09-01 04:47 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-01-06 16:56 - 2014-09-01 04:47 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-01-06 16:56 - 2014-03-18 11:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-06 12:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-06 01:08 - 2014-11-20 10:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-11-20 10:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-02 15:23 - 2014-11-19 10:27 - 00002331 _____ () C:\Users\Luka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-12-26 20:13 - 2014-11-23 18:55 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-26 20:07 - 2014-12-20 15:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-26 20:07 - 2014-12-20 15:15 - 00000000 ____D () C:\ProgramData\Skype
2014-12-24 22:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-12-24 09:06 - 2014-11-20 10:54 - 00000000 ____D () C:\Users\Luka\AppData\Local\Adobe

==================== Files in the root of some directories =======
2014-08-31 19:44 - 2014-08-31 19:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Luka\AppData\Local\Temp\COMAP.EXE
C:\Users\Luka\AppData\Local\Temp\ICReinstall_Free_Download_Setup.exe
C:\Users\Luka\AppData\Local\Temp\oct367.tmp.exe
C:\Users\Luka\AppData\Local\Temp\oct3CA3.tmp.exe
C:\Users\Luka\AppData\Local\Temp\oct48F1.tmp.exe
C:\Users\Luka\AppData\Local\Temp\oct9180.tmp.exe
C:\Users\Luka\AppData\Local\Temp\oct91B8.tmp.exe
C:\Users\Luka\AppData\Local\Temp\oct945E.tmp.exe
C:\Users\Luka\AppData\Local\Temp\octEB33.tmp.exe
C:\Users\Luka\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-11 14:58

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-23 14:11:02
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002f WDC_WD10JPVX-22JC3T0 rev.01.01A01 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Luka\AppData\Local\Temp\ugldapow.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\system32\mfevtps.exe[1500] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                                                                                      00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text    C:\Windows\system32\mfevtps.exe[1500] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                                                                                      00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text    C:\Windows\system32\mfevtps.exe[1500] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118                                                                                                                                                                        00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text    C:\Windows\system32\mfevtps.exe[1500] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142                                                                                                                                                                        00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[1600] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                            00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[1600] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                            00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[1600] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                                00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[1600] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                                00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe[4876] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                      00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe[4876] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                      00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe[4876] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                          00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe[4876] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                          00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[5684] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                            00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[5684] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                            00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[5684] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                              00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[5684] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                              00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe[3608] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                                  00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe[3608] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                                  00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe[3608] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118                                                                                                                      00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe[3608] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142                                                                                                                      00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text    C:\Windows\system32\nvvsvc.exe[9152] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                                                      00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text    C:\Windows\system32\nvvsvc.exe[9152] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                                                      00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text    C:\Windows\system32\nvvsvc.exe[9152] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                                                          00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text    C:\Windows\system32\nvvsvc.exe[9152] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                                                          00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[5440] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194                                                                                                                                      00007ff9e49a1f6a 4 bytes [9A, E4, F9, 7F]
.text    C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[5440] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218                                                                                                                                      00007ff9e49a1f82 4 bytes [9A, E4, F9, 7F]
.text    C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4436] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                                                        00007ff9ffe0169a 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4436] C:\Windows\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                                                        00007ff9ffe016a2 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4436] C:\Windows\system32\psapi.dll!QueryWorkingSet + 118                                                                                                                                          00007ff9ffe0181a 4 bytes [E0, FF, F9, 7F]
.text    C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe[4436] C:\Windows\system32\psapi.dll!QueryWorkingSet + 142                                                                                                                                          00007ff9ffe01832 4 bytes [E0, FF, F9, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [5896:3652]                                                                                                                                                                                                    00007ffa017381b0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [5896:6484]                                                                                                                                                                                                    00007ffa01ae99b0
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [5896:8488]                                                                                                                                                                                                    00007ffa02250310
Thread  C:\Windows\system32\csrss.exe [8008:5936]                                                                                                                                                                                                                        fffff96000902b90
---- Processes - GMER 2.1 ----

Library  C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c\Microsoft.PerfTrack.dll (*** suspicious ***) @ C:\Windows\syswow64\wwahost.exe [4460] (Microsoft.PerfTrack.dll/Microsoft Corporation)(2014-08-31 18:17:16)                          000000006edd0000
Library  C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c\LibWrap.dll (*** suspicious ***) @ C:\Windows\syswow64\wwahost.exe [4460] (Microsoft Skype/Microsoft Corporation)(2014-12-14 08:49:23)                                              000000005be30000
Library  C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c\MicrosoftAdvertising.dll (*** suspicious ***) @ C:\Windows\syswow64\wwahost.exe [4460] (Microsoft Advertising Native SDK for Windows 8/Microsoft Corporation)(2014-08-31 18:17:16)  0000000057af0000

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                                                                                                                                            unknown MBR code

---- EOF - GMER 2.1 ----



gruss
Anja

schrauber 23.01.2015 17:12
Probleme mit diesem? Der sieht gut aus :)

Sumsum 23.01.2015 18:43
Hi schrauber ,

keine Probleme
du sagst sieht gut aus freu.

Vielen lieben Dank für deine Hilfe.:daumenhoc:daumenhoc

Gruß Anja


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:01 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58