Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 8: Werbung überall, Scrollen klappt nicht (https://www.trojaner-board.de/152239-windows-8-werbung-ueberall-scrollen-klappt.html)

schrauber 17.04.2014 19:38
Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen


FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logfiles. Treiber vom Mousepad erneuern. Externe Maus als Test anklemmen, scrollen versuchen.

Wenn extern geht und Treiber nicht hilft, Mousepad am Laptop kaputt.

LisaBunny 19.04.2014 09:18

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by Lisa (administrator) on DERGERÄT on 18-04-2014 11:17:44
Running from C:\Users\Lisa\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [170304 2012-08-08] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [398656 2012-08-08] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [440640 2012-08-08] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {481AA274-0DA3-41BF-8732-0950E04B5904} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1

FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SmartSaver+ 8 - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534\Extensions\16eede48-12e9-4c79-bd54-c82622138533@630d8a34-73af-4e03-9664-9082492eb220.com [2014-04-15]
FF Extension: HQVid8.1v2 - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com [2014-04-15]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-27] (Dritek System INC.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [X]

==================== Drivers (Whitelisted) ====================

S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-10] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-27] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-14 22:25 - 2014-04-14 22:25 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Mozilla
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-14 21:33 - 2014-04-14 21:33 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup95.exe
2014-04-14 21:33 - 2014-04-14 21:33 - 00001232 _____ () C:\Users\Lisa\Desktop\Revo Uninstaller.lnk
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 21:32 - 2014-04-15 22:16 - 00028188 _____ () C:\Users\Lisa\Documents\Links.odt
2014-04-14 21:21 - 2014-04-14 21:21 - 00000000 ____D () C:\Users\Lisa\Desktop\FRST-OlderVersion
2014-04-14 20:14 - 2014-04-14 20:14 - 00448512 _____ (OldTimer Tools) C:\Users\Lisa\Desktop\TFC.exe
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Macromedia
2014-04-14 12:04 - 2014-04-17 22:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 12:04 - 2014-04-14 12:05 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Adobe
2014-04-14 12:04 - 2014-04-14 12:04 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 09:17 - 2014-04-14 09:17 - 00309992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-13 20:38 - 2014-04-18 11:17 - 00010681 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-04-13 20:34 - 2014-04-13 20:34 - 00987448 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-04-13 17:45 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-13 17:44 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-13 17:44 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-13 17:44 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-13 17:44 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-13 17:44 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-13 17:44 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-13 17:44 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 17:44 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-13 17:44 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-13 17:44 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 17:44 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-13 17:44 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-13 17:44 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-13 17:44 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-13 17:44 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-13 17:44 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-13 17:44 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-13 17:44 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-13 17:44 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-13 17:43 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-13 17:43 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-13 17:43 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-13 17:43 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-13 17:43 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-13 17:43 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-13 17:43 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-13 17:43 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-13 17:43 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-13 17:43 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-13 17:43 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-13 17:43 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-13 17:43 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-13 17:43 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-13 17:43 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-13 17:43 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-13 17:39 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-04-13 17:39 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-04-13 17:38 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-13 17:38 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-13 17:38 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-13 17:38 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-13 17:38 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-13 17:35 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-13 17:35 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-13 17:35 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-13 17:35 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-13 17:31 - 2014-01-19 09:33 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-04-13 17:29 - 2014-04-13 17:29 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2014-04-13 17:21 - 2014-04-13 17:21 - 03218352 _____ (McAfee, Inc.) C:\Users\Lisa\Downloads\MCPR68.exe
2014-04-10 13:25 - 2014-04-10 13:25 - 00000611 _____ () C:\Users\Lisa\Desktop\JRT.txt
2014-04-10 13:19 - 2014-04-10 13:19 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 13:18 - 2014-04-10 13:18 - 01016261 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2014-04-10 13:13 - 2014-04-10 13:14 - 00000000 ____D () C:\AdwCleaner
2014-04-10 13:12 - 2014-04-10 13:12 - 01426178 _____ () C:\Users\Lisa\Downloads\adwcleaner.exe
2014-04-10 13:10 - 2014-04-10 13:10 - 00000263 _____ () C:\Users\Lisa\Desktop\mbam.txt
2014-04-10 12:36 - 2014-04-10 13:08 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 12:36 - 2014-04-10 12:36 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-10 12:36 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 12:36 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 12:36 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 12:35 - 2014-04-10 12:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 12:24 - 2014-04-10 12:24 - 00190744 _____ () C:\Users\Lisa\Downloads\Setup.exe
2014-04-09 08:52 - 2014-04-18 11:17 - 00000000 ____D () C:\FRST
2014-04-09 08:52 - 2014-04-09 08:53 - 00031090 _____ () C:\Users\Lisa\Desktop\Addition.txt
2014-04-09 08:51 - 2014-04-14 21:21 - 02054144 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-04-09 00:10 - 2014-04-09 00:12 - 138607664 _____ () C:\Users\Lisa\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-08 23:53 - 2014-04-18 10:47 - 00002792 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3.job
2014-04-08 23:53 - 2014-04-18 10:47 - 00002206 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4.job
2014-04-08 23:53 - 2014-04-18 10:47 - 00001442 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5.job
2014-04-08 23:53 - 2014-04-18 10:47 - 00001354 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1.job
2014-04-08 23:53 - 2014-04-08 23:53 - 00005796 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3
2014-04-08 23:53 - 2014-04-08 23:53 - 00005210 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4
2014-04-08 23:53 - 2014-04-08 23:53 - 00004446 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5
2014-04-08 23:53 - 2014-04-08 23:53 - 00004358 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1
2014-04-08 23:53 - 2014-04-08 23:53 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 8
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Mozilla
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-08 23:12 - 2014-04-08 23:12 - 00000000 ____D () C:\ProgramData\CDB
2014-04-08 23:10 - 2014-04-08 23:12 - 00000155 _____ () C:\Windows\Reimage.ini
2014-04-08 22:59 - 2012-08-30 13:37 - 02213776 _____ (ELAN Microelectronics Corp.) C:\Windows\ETDUninst.dll
2014-04-08 22:33 - 2014-04-18 10:47 - 00002198 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001532 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001460 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001444 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001430 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001330 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.job
2014-04-08 22:33 - 2014-04-08 22:34 - 00004536 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5
2014-04-08 22:33 - 2014-04-08 22:34 - 00004434 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5
2014-04-08 22:33 - 2014-04-08 22:33 - 00005202 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4
2014-04-08 22:33 - 2014-04-08 22:33 - 00004464 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1
2014-04-08 22:33 - 2014-04-08 22:33 - 00004448 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2
2014-04-08 22:33 - 2014-04-08 22:33 - 00004340 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1
2014-04-08 22:33 - 2014-04-08 22:33 - 00004334 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2
2014-04-08 22:32 - 2014-04-18 10:47 - 00003136 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job
2014-04-08 22:32 - 2014-04-18 10:47 - 00002786 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.job
2014-04-08 22:32 - 2014-04-18 10:47 - 00002338 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.job
2014-04-08 22:32 - 2014-04-18 10:47 - 00001336 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1.job
2014-04-08 22:32 - 2014-04-08 22:33 - 00006140 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3
2014-04-08 22:32 - 2014-04-08 22:33 - 00005342 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4
2014-04-08 22:32 - 2014-04-08 22:33 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-08 22:32 - 2014-04-08 22:33 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v2
2014-04-08 22:32 - 2014-04-08 22:32 - 01100952 _____ (AnyProtect.com) C:\Users\Lisa\AppData\Local\nsuCDC5.tmp
2014-04-08 22:32 - 2014-04-08 22:32 - 00005790 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3
2014-04-08 22:31 - 2014-04-18 10:47 - 00000406 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-08 22:31 - 2014-04-14 20:14 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Genesis
2014-04-08 22:31 - 2014-04-08 22:31 - 00002984 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-08 22:31 - 2014-04-08 22:31 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-08 22:31 - 2014-04-08 22:31 - 00000000 ____D () C:\Program Files (x86)\Re-markit Corp

==================== One Month Modified Files and Folders =======

2014-04-18 11:17 - 2014-04-13 20:38 - 00010681 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-04-18 11:17 - 2014-04-09 08:52 - 00000000 ____D () C:\FRST
2014-04-18 11:11 - 2013-05-06 22:23 - 01659204 _____ () C:\Windows\WindowsUpdate.log
2014-04-18 11:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-18 10:47 - 2014-04-08 23:53 - 00002792 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3.job
2014-04-18 10:47 - 2014-04-08 23:53 - 00002206 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4.job
2014-04-18 10:47 - 2014-04-08 23:53 - 00001442 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5.job
2014-04-18 10:47 - 2014-04-08 23:53 - 00001354 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1.job
2014-04-18 10:47 - 2014-04-08 22:33 - 00002198 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job
2014-04-18 10:47 - 2014-04-08 22:33 - 00001532 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5.job
2014-04-18 10:47 - 2014-04-08 22:33 - 00001460 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job
2014-04-18 10:47 - 2014-04-08 22:33 - 00001444 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.job
2014-04-18 10:47 - 2014-04-08 22:33 - 00001430 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.job
2014-04-18 10:47 - 2014-04-08 22:33 - 00001330 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.job
2014-04-18 10:47 - 2014-04-08 22:32 - 00003136 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job
2014-04-18 10:47 - 2014-04-08 22:32 - 00002786 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.job
2014-04-18 10:47 - 2014-04-08 22:32 - 00002338 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.job
2014-04-18 10:47 - 2014-04-08 22:32 - 00001336 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1.job
2014-04-18 10:47 - 2014-04-08 22:31 - 00000406 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-18 10:47 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-17 22:44 - 2014-04-14 12:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-17 21:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-17 13:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-17 00:35 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-16 13:13 - 2013-06-01 15:14 - 00000000 ____D () C:\Users\Lisa\Documents\VRHs
2014-04-16 11:36 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-15 22:16 - 2014-04-14 21:32 - 00028188 _____ () C:\Users\Lisa\Documents\Links.odt
2014-04-15 10:08 - 2012-09-03 12:56 - 00050050 _____ () C:\Windows\PFRO.log
2014-04-14 22:25 - 2014-04-14 22:25 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Mozilla
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-14 21:33 - 2014-04-14 21:33 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup95.exe
2014-04-14 21:33 - 2014-04-14 21:33 - 00001232 _____ () C:\Users\Lisa\Desktop\Revo Uninstaller.lnk
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 21:21 - 2014-04-14 21:21 - 00000000 ____D () C:\Users\Lisa\Desktop\FRST-OlderVersion
2014-04-14 21:21 - 2014-04-09 08:51 - 02054144 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-04-14 20:14 - 2014-04-14 20:14 - 00448512 _____ (OldTimer Tools) C:\Users\Lisa\Desktop\TFC.exe
2014-04-14 20:14 - 2014-04-08 22:31 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Genesis
2014-04-14 19:18 - 2013-05-15 13:22 - 00000000 ____D () C:\Users\Lisa\AppData\Local\CrashDumps
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Macromedia
2014-04-14 12:05 - 2014-04-14 12:04 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Adobe
2014-04-14 12:04 - 2014-04-14 12:04 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 09:17 - 2014-04-14 09:17 - 00309992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-13 20:34 - 2014-04-13 20:34 - 00987448 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-04-13 17:58 - 2013-10-15 23:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-13 17:49 - 2013-05-08 14:08 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1594293785-3982079482-3168495513-1002
2014-04-13 17:29 - 2014-04-13 17:29 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2014-04-13 17:24 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-04-13 17:21 - 2014-04-13 17:21 - 03218352 _____ (McAfee, Inc.) C:\Users\Lisa\Downloads\MCPR68.exe
2014-04-10 13:25 - 2014-04-10 13:25 - 00000611 _____ () C:\Users\Lisa\Desktop\JRT.txt
2014-04-10 13:19 - 2014-04-10 13:19 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 13:18 - 2014-04-10 13:18 - 01016261 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2014-04-10 13:14 - 2014-04-10 13:13 - 00000000 ____D () C:\AdwCleaner
2014-04-10 13:12 - 2014-04-10 13:12 - 01426178 _____ () C:\Users\Lisa\Downloads\adwcleaner.exe
2014-04-10 13:10 - 2014-04-10 13:10 - 00000263 _____ () C:\Users\Lisa\Desktop\mbam.txt
2014-04-10 13:08 - 2014-04-10 12:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 12:36 - 2014-04-10 12:36 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-10 12:35 - 2014-04-10 12:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 12:24 - 2014-04-10 12:24 - 00190744 _____ () C:\Users\Lisa\Downloads\Setup.exe
2014-04-10 12:17 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-09 08:53 - 2014-04-09 08:52 - 00031090 _____ () C:\Users\Lisa\Desktop\Addition.txt
2014-04-09 07:10 - 2012-09-28 01:10 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-04-09 07:10 - 2012-09-28 01:10 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-04-09 07:10 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 00:12 - 2014-04-09 00:10 - 138607664 _____ () C:\Users\Lisa\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-08 23:53 - 2014-04-08 23:53 - 00005796 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3
2014-04-08 23:53 - 2014-04-08 23:53 - 00005210 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4
2014-04-08 23:53 - 2014-04-08 23:53 - 00004446 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5
2014-04-08 23:53 - 2014-04-08 23:53 - 00004358 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1
2014-04-08 23:53 - 2014-04-08 23:53 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 8
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Mozilla
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-08 23:12 - 2014-04-08 23:12 - 00000000 ____D () C:\ProgramData\CDB
2014-04-08 23:12 - 2014-04-08 23:10 - 00000155 _____ () C:\Windows\Reimage.ini
2014-04-08 22:34 - 2014-04-08 22:33 - 00004536 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5
2014-04-08 22:34 - 2014-04-08 22:33 - 00004434 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5
2014-04-08 22:33 - 2014-04-08 22:33 - 00005202 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4
2014-04-08 22:33 - 2014-04-08 22:33 - 00004464 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1
2014-04-08 22:33 - 2014-04-08 22:33 - 00004448 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2
2014-04-08 22:33 - 2014-04-08 22:33 - 00004340 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1
2014-04-08 22:33 - 2014-04-08 22:33 - 00004334 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2
2014-04-08 22:33 - 2014-04-08 22:32 - 00006140 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3
2014-04-08 22:33 - 2014-04-08 22:32 - 00005342 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4
2014-04-08 22:33 - 2014-04-08 22:32 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-08 22:33 - 2014-04-08 22:32 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v2
2014-04-08 22:32 - 2014-04-08 22:32 - 01100952 _____ (AnyProtect.com) C:\Users\Lisa\AppData\Local\nsuCDC5.tmp
2014-04-08 22:32 - 2014-04-08 22:32 - 00005790 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3
2014-04-08 22:31 - 2014-04-08 22:31 - 00002984 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-08 22:31 - 2014-04-08 22:31 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-08 22:31 - 2014-04-08 22:31 - 00000000 ____D () C:\Program Files (x86)\Re-markit Corp
2014-04-08 22:31 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-03 09:51 - 2014-04-10 12:36 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 12:36 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 12:36 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 23:18 - 2014-02-08 01:44 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-02-08 01:44 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:51 - 2013-05-11 12:35 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-26 20:42 - 2014-01-01 14:47 - 00000000 ____D () C:\Users\Lisa\Documents\Uni
2014-03-24 23:37 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\LiveKernelReports

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-07 09:05

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014
Ran by Lisa at 2014-04-18 11:18:33
Running from C:\Users\Lisa\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Genesis (HKCU\...\genesis) (Version:  - )
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Ihr Firmenname)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden

==================== Restore Points  =========================

03-04-2014 10:39:40 Geplanter Prüfpunkt
08-04-2014 21:01:52 Removed Broadcom Card Reader Driver Installer.
13-04-2014 15:50:11 Windows Modules Installer
13-04-2014 15:50:11 Windows Update
14-04-2014 20:14:14 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1F069D73-D2DA-4AAF-A370-6B1C036D7A3D} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {1FAF3C39-A1EE-451C-8C01-A4439BC04B44} - System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3 => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.exe [2014-04-08] ()
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3079639B-54F3-410A-AA4D-47248EB50A01} - System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3 => C:\Program Files (x86)\SmartSaver+ 8\365c2923-b81b-461a-ba4b-1eba770fbbb7-3.exe [2014-04-08] (smart-saverplus)
Task: {37A58AF1-AD9B-441C-B5BB-33E1B7E2E028} - \Re-markit Update ATTENTION ====> No Task File
Task: {3B04812C-632E-440A-9B5B-B3AEF5B353AF} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {3C03CF3E-160B-4132-AAB5-329B979A2C8A} - System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1 => C:\Program Files (x86)\HQVid8.1v2\HQVid8.1v2-codedownloader.exe [2014-04-08] (High-QualityV9)
Task: {47FC598C-951C-4CE1-89E3-EE0310CC7B39} - System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2 => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.exe [2014-04-08] ()
Task: {7D2CE3E0-9C7B-4B14-8F4A-66EC9B32153F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {7D49CD0E-2AE1-4781-9C8F-3740F29C1C5D} - System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5 => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.exe [2014-04-08] (High-QualityV9)
Task: {7DB79DB1-802A-4FE6-8A9C-AF2D518A10CF} - System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-08] ()
Task: {8FE66615-B4A4-4B43-A783-31C11E100264} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {94FB1C19-E321-4765-AC1D-CC746716B398} - System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2 => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.exe [2014-04-08] (High-QualityV9)
Task: {9AB18F4A-3A0C-4F4F-A2C0-4A910E28EF7B} - System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4 => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.exe [2014-04-08] ()
Task: {A2C6AFEB-D81C-4B85-851A-E235560EB1E2} - System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4 => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.exe [2014-04-08] (High-QualityV9)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A8B00D79-8CF9-41AD-B6D0-0A0BC4C759A2} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {B7FF15ED-EA7E-4BD3-861B-A8B8547E91C3} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {B9D2AB6C-06B8-4D3B-8F1B-907A1FBBE7ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated)
Task: {C29914B2-FB69-4A6D-ADCA-C1C36A633DD5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C9B0F7F1-771D-41F3-B095-95DD526E696F} - System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1 => C:\Program Files (x86)\SmartSaver+ 8\SmartSaver+ 8-codedownloader.exe [2014-04-08] (smart-saverplus)
Task: {CD8D5C93-3426-45D3-B8B2-CA46DF7BD96D} - System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5 => C:\Program Files (x86)\SmartSaver+ 8\365c2923-b81b-461a-ba4b-1eba770fbbb7-5.exe [2014-04-08] (smart-saverplus)
Task: {CEDAB060-F54A-42B8-BFD4-65CDCA82D8CE} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {DDFE7BB4-C960-4D48-AFB8-AF6FC94DBE3D} - System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4 => C:\Program Files (x86)\SmartSaver+ 8\365c2923-b81b-461a-ba4b-1eba770fbbb7-4.exe [2014-04-08] (smart-saverplus)
Task: {E1B232EC-44E8-4A4C-974B-D2ECB59CF591} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {E3A2E92C-8A5E-469E-83FB-DFCC1F111F33} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {E470265A-A901-42DD-BACF-30D10CF12412} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe [2014-04-08] () <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EEC074CA-5669-4DD7-B106-25CE9C31AA0F} - System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5 => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5.exe [2014-04-08] ()
Task: {F8E653C1-B9B9-445C-8545-2AA0CAA75B42} - System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3 => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.exe [2014-04-08] (High-QualityV9)
Task: C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1.job => C:\Program Files (x86)\SmartSaver+ 8\SmartSaver+ 8-codedownloader.exe
Task: C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3.job => C:\Program Files (x86)\SmartSaver+ 8\365c2923-b81b-461a-ba4b-1eba770fbbb7-3.exe
Task: C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4.job => C:\Program Files (x86)\SmartSaver+ 8\365c2923-b81b-461a-ba4b-1eba770fbbb7-4.exe
Task: C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5.job => C:\Program Files (x86)\SmartSaver+ 8\365c2923-b81b-461a-ba4b-1eba770fbbb7-5.exe
Task: C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe
Task: C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.job => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.exe
Task: C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.exe
Task: C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.exe
Task: C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5.job => C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1.job => C:\Program Files (x86)\HQVid8.1v2\HQVid8.1v2-codedownloader.exe
Task: C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.job => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.exe
Task: C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.job => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.exe
Task: C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.job => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.exe
Task: C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.job => C:\Program Files (x86)\HQVid8.1v2\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.exe
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-04-08 22:31 - 2014-04-08 22:31 - 00077312 _____ () C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe
2012-09-03 13:50 - 2012-08-08 17:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-23 00:04 - 2012-08-23 00:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-23 00:04 - 2012-08-23 00:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-09-27 15:31 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/17/2014 08:34:06 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/14/2014 07:18:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x1640
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5

Error: (04/14/2014 07:08:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x12d0
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5

Error: (04/13/2014 11:10:25 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x8d4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5

Error: (04/13/2014 09:31:43 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x8c8
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5

Error: (04/13/2014 09:16:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x1000a2c6
ID des fehlerhaften Prozesses: 0xcfc
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5

Error: (04/13/2014 09:09:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0xc1c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5

Error: (04/13/2014 09:07:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x12e8
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5

Error: (04/13/2014 09:07:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x40
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5

Error: (04/13/2014 08:26:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.


System errors:
=============
Error: (04/14/2014 09:18:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Dritek WMI Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/14/2014 08:16:04 PM) (Source: Service Control Manager) (User: )
Description: Dienst "CCDMonitorService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/12/2014 09:52:30 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/12/2014 09:52:30 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/12/2014 09:52:30 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/12/2014 09:52:30 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/12/2014 09:52:29 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/11/2014 02:07:40 AM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.20.2 mit dem Computer mit der
Netzwerkhardwareadresse FC-0F-E6-F5-02-91 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.


Microsoft Office Sessions:
=========================
Error: (04/17/2014 08:34:06 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/14/2014 07:18:04 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.2.9200.16578515fac6ec0000374000daa3c164001cf580427333509C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dllbcaef67c-c3f8-11e3-80f9-b888e3a5db85

Error: (04/14/2014 07:08:13 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.2.9200.16578515fac6ec0000374000daa3c12d001cf57c90e8ebb47C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll5c53319b-c3f7-11e3-80f9-b888e3a5db85

Error: (04/13/2014 11:10:25 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.2.9200.16578515fac6ec0000374000daa3c8d401cf575b1963b20aC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll078069f3-c350-11e3-80f8-b888e3a5db85

Error: (04/13/2014 09:31:43 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.2.9200.16578515fac6ec0000374000daa3c8c801cf574cdfc4273aC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll3e24e5cc-c342-11e3-80f7-b888e3a5db85

Error: (04/13/2014 09:16:09 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37unknown0.0.0.000000000c00001a51000a2c6cfc01cf574c322ac194C:\Program Files (x86)\Mozilla Firefox\firefox.exeunknown1168d012-c340-11e3-80f7-b888e3a5db85

Error: (04/13/2014 09:09:59 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.2.9200.16578515fac6ec0000374000daa3cc1c01cf574ba8049b57C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll34b32bec-c33f-11e3-80f7-b888e3a5db85

Error: (04/13/2014 09:07:33 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.2.9200.16578515fac6ec0000374000daa3c12e801cf574b92ba1ac1C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dlldd6ac0b1-c33e-11e3-80f7-b888e3a5db85

Error: (04/13/2014 09:07:07 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.2.9200.16578515fac6ec0000374000daa3c4001cf5749f036b141C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dllce3187dd-c33e-11e3-80f7-b888e3a5db85

Error: (04/13/2014 08:26:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 8007.27 MB
Available physical RAM: 6815.5 MB
Total Pagefile: 9223.27 MB
Available Pagefile: 8005.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.19 GB) (Free:565.45 GB) NTFS
Drive d: (AR6PC) (CDROM) (Total:3.1 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: D8418E4D)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 19.04.2014 19:36
Noch Probleme mit Firefox?

LisaBunny 19.04.2014 22:36
ja, immer noch werbung :(

schrauber 20.04.2014 18:12
Schau mal ob du unter installierte Software Re-Markit findest. WEnn ja deinstallierne.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
FF Extension: SmartSaver+ 8 - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534\Extensions\16eede48-12e9-4c79-bd54-c82622138533@630d8a34-73af-4e03-9664-9082492eb220.com [2014-04-15]
FF Extension: HQVid8.1v2 - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com [2014-04-15]
2014-04-08 23:53 - 2014-04-18 10:47 - 00002792 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3.job
2014-04-08 23:53 - 2014-04-18 10:47 - 00002206 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4.job
2014-04-08 23:53 - 2014-04-18 10:47 - 00001442 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5.job
2014-04-08 23:53 - 2014-04-18 10:47 - 00001354 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1.job
2014-04-08 23:53 - 2014-04-08 23:53 - 00005796 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3
2014-04-08 23:53 - 2014-04-08 23:53 - 00005210 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4
2014-04-08 23:53 - 2014-04-08 23:53 - 00004446 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5
2014-04-08 23:53 - 2014-04-08 23:53 - 00004358 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1
2014-04-08 23:53 - 2014-04-08 23:53 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 8
2014-04-08 22:33 - 2014-04-18 10:47 - 00002198 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001532 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001460 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001444 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001430 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001330 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.job
2014-04-08 22:33 - 2014-04-08 22:34 - 00004536 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5
2014-04-08 22:33 - 2014-04-08 22:34 - 00004434 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5
2014-04-08 22:33 - 2014-04-08 22:33 - 00005202 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4
2014-04-08 22:33 - 2014-04-08 22:33 - 00004464 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1
2014-04-08 22:33 - 2014-04-08 22:33 - 00004448 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2
2014-04-08 22:33 - 2014-04-08 22:33 - 00004340 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1
2014-04-08 22:33 - 2014-04-08 22:33 - 00004334 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2
2014-04-08 22:32 - 2014-04-18 10:47 - 00003136 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job
2014-04-08 22:32 - 2014-04-18 10:47 - 00002786 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.job
2014-04-08 22:32 - 2014-04-18 10:47 - 00002338 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.job
2014-04-08 22:32 - 2014-04-18 10:47 - 00001336 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1.job
2014-04-08 22:32 - 2014-04-08 22:33 - 00006140 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3
2014-04-08 22:32 - 2014-04-08 22:33 - 00005342 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4
2014-04-08 22:32 - 2014-04-08 22:33 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-08 22:32 - 2014-04-08 22:33 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v2
2014-04-08 22:32 - 2014-04-08 22:32 - 01100952 _____ (AnyProtect.com) C:\Users\Lisa\AppData\Local\nsuCDC5.tmp
2014-04-08 22:32 - 2014-04-08 22:32 - 00005790 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3
2014-04-08 22:31 - 2014-04-18 10:47 - 00000406 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-08 22:31 - 2014-04-14 20:14 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Genesis
2014-04-08 22:31 - 2014-04-08 22:31 - 00002984 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-08 22:31 - 2014-04-08 22:31 - 00000000 ____D () C:\Program Files (x86)\Re-markit Corp

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


LisaBunny 21.04.2014 11:23
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-04-2014 02
Ran by Lisa at 2014-04-21 12:22:36 Run:3
Running from C:\Users\Lisa\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
FF Extension: SmartSaver+ 8 - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534\Extensions\16eede48-12e9-4c79-bd54-c82622138533@630d8a34-73af-4e03-9664-9082492eb220.com [2014-04-15]
FF Extension: HQVid8.1v2 - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com [2014-04-15]
2014-04-08 23:53 - 2014-04-18 10:47 - 00002792 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3.job
2014-04-08 23:53 - 2014-04-18 10:47 - 00002206 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4.job
2014-04-08 23:53 - 2014-04-18 10:47 - 00001442 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5.job
2014-04-08 23:53 - 2014-04-18 10:47 - 00001354 _____ () C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1.job
2014-04-08 23:53 - 2014-04-08 23:53 - 00005796 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3
2014-04-08 23:53 - 2014-04-08 23:53 - 00005210 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4
2014-04-08 23:53 - 2014-04-08 23:53 - 00004446 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5
2014-04-08 23:53 - 2014-04-08 23:53 - 00004358 _____ () C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1
2014-04-08 23:53 - 2014-04-08 23:53 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 8
2014-04-08 22:33 - 2014-04-18 10:47 - 00002198 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001532 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001460 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001444 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001430 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.job
2014-04-08 22:33 - 2014-04-18 10:47 - 00001330 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.job
2014-04-08 22:33 - 2014-04-08 22:34 - 00004536 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5
2014-04-08 22:33 - 2014-04-08 22:34 - 00004434 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5
2014-04-08 22:33 - 2014-04-08 22:33 - 00005202 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4
2014-04-08 22:33 - 2014-04-08 22:33 - 00004464 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1
2014-04-08 22:33 - 2014-04-08 22:33 - 00004448 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2
2014-04-08 22:33 - 2014-04-08 22:33 - 00004340 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1
2014-04-08 22:33 - 2014-04-08 22:33 - 00004334 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2
2014-04-08 22:32 - 2014-04-18 10:47 - 00003136 _____ () C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job
2014-04-08 22:32 - 2014-04-18 10:47 - 00002786 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.job
2014-04-08 22:32 - 2014-04-18 10:47 - 00002338 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.job
2014-04-08 22:32 - 2014-04-18 10:47 - 00001336 _____ () C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1.job
2014-04-08 22:32 - 2014-04-08 22:33 - 00006140 _____ () C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3
2014-04-08 22:32 - 2014-04-08 22:33 - 00005342 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4
2014-04-08 22:32 - 2014-04-08 22:33 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-08 22:32 - 2014-04-08 22:33 - 00000000 ____D () C:\Program Files (x86)\HQVid8.1v2
2014-04-08 22:32 - 2014-04-08 22:32 - 01100952 _____ (AnyProtect.com) C:\Users\Lisa\AppData\Local\nsuCDC5.tmp
2014-04-08 22:32 - 2014-04-08 22:32 - 00005790 _____ () C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3
2014-04-08 22:31 - 2014-04-18 10:47 - 00000406 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-08 22:31 - 2014-04-14 20:14 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Genesis
2014-04-08 22:31 - 2014-04-08 22:31 - 00002984 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-08 22:31 - 2014-04-08 22:31 - 00000000 ____D () C:\Program Files (x86)\Re-markit Corp
       
*****************

C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534\Extensions\16eede48-12e9-4c79-bd54-c82622138533@630d8a34-73af-4e03-9664-9082492eb220.com not found.
C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com not found.
"C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3.job" => File/Directory not found.
"C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4.job" => File/Directory not found.
"C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5.job" => File/Directory not found.
"C:\Windows\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1.job" => File/Directory not found.
"C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-3" => File/Directory not found.
"C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-4" => File/Directory not found.
"C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-5" => File/Directory not found.
"C:\Windows\System32\Tasks\365c2923-b81b-461a-ba4b-1eba770fbbb7-1" => File/Directory not found.
"C:\Program Files (x86)\SmartSaver+ 8" => File/Directory not found.
"C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job" => File/Directory not found.
"C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5.job" => File/Directory not found.
"C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job" => File/Directory not found.
"C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.job" => File/Directory not found.
"C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5.job" => File/Directory not found.
"C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2.job" => File/Directory not found.
"C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5" => File/Directory not found.
"C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-5" => File/Directory not found.
"C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4" => File/Directory not found.
"C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1" => File/Directory not found.
"C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2" => File/Directory not found.
"C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1" => File/Directory not found.
"C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-2" => File/Directory not found.
"C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job" => File/Directory not found.
"C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3.job" => File/Directory not found.
"C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4.job" => File/Directory not found.
"C:\Windows\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-1.job" => File/Directory not found.
"C:\Windows\System32\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3" => File/Directory not found.
"C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-4" => File/Directory not found.
"C:\Program Files (x86)\MediaPlayerplus" => File/Directory not found.
"C:\Program Files (x86)\HQVid8.1v2" => File/Directory not found.
C:\Users\Lisa\AppData\Local\nsuCDC5.tmp => Moved successfully.
"C:\Windows\System32\Tasks\d8196673-3ed8-4a48-a051-70eb7ce8fdf0-3" => File/Directory not found.
"C:\Windows\Tasks\Re-markit_wd.job" => File/Directory not found.
"C:\Users\Lisa\AppData\Local\Genesis" => File/Directory not found.
"C:\Windows\System32\Tasks\Re-markit_wd" => File/Directory not found.
"C:\Program Files (x86)\Re-markit Corp" => File/Directory not found.

==== End of Fixlog ====

schrauber 22.04.2014 12:07
Re-Markit gefunden? Probleme noch da?

Frisches FRST log bitte.

LisaBunny 23.04.2014 00:24
ja, gefunden und deinstalliert, aber reste sind immer noch mit der suchfunktion meines pcs zu finden, die ich nicht löschen kann..
Werbung ist schon besser geworden.

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Lisa (administrator) on DERGERÄT on 23-04-2014 01:21:55
Running from C:\Users\Lisa\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {481AA274-0DA3-41BF-8732-0950E04B5904} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1

FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-27] (Dritek System INC.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [X]

==================== Drivers (Whitelisted) ====================

S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-21] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-27] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-21 11:35 - 2014-04-21 11:35 - 01322509 _____ () C:\Users\Lisa\Downloads\adwcleaner.exe
2014-04-14 22:25 - 2014-04-14 22:25 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Mozilla
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-14 21:33 - 2014-04-14 21:33 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup95.exe
2014-04-14 21:33 - 2014-04-14 21:33 - 00001232 _____ () C:\Users\Lisa\Desktop\Revo Uninstaller.lnk
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 21:32 - 2014-04-15 22:16 - 00028188 _____ () C:\Users\Lisa\Documents\Links.odt
2014-04-14 21:21 - 2014-04-23 01:21 - 00000000 ____D () C:\Users\Lisa\Desktop\FRST-OlderVersion
2014-04-14 20:14 - 2014-04-14 20:14 - 00448512 _____ (OldTimer Tools) C:\Users\Lisa\Desktop\TFC.exe
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Macromedia
2014-04-14 12:04 - 2014-04-23 00:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 12:04 - 2014-04-14 12:05 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Adobe
2014-04-14 12:04 - 2014-04-14 12:04 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 09:17 - 2014-04-14 09:17 - 00309992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-13 20:38 - 2014-04-23 01:21 - 00009797 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-04-13 20:34 - 2014-04-13 20:34 - 00987448 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-04-13 17:45 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-13 17:44 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-13 17:44 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-13 17:44 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-13 17:44 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-13 17:44 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-13 17:44 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-13 17:44 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 17:44 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-13 17:44 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-13 17:44 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 17:44 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-13 17:44 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-13 17:44 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-13 17:44 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-13 17:44 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-13 17:44 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-13 17:44 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-13 17:44 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-13 17:44 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-13 17:43 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-13 17:43 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-13 17:43 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-13 17:43 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-13 17:43 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-13 17:43 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-13 17:43 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-13 17:43 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-13 17:43 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-13 17:43 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-13 17:43 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-13 17:43 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-13 17:43 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-13 17:43 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-13 17:43 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-13 17:43 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-13 17:39 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-04-13 17:39 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-04-13 17:38 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-13 17:38 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-13 17:38 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-13 17:38 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-13 17:38 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-13 17:35 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-13 17:35 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-13 17:35 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-13 17:35 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-13 17:31 - 2014-01-19 09:33 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-04-13 17:29 - 2014-04-13 17:29 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2014-04-13 17:21 - 2014-04-13 17:21 - 03218352 _____ (McAfee, Inc.) C:\Users\Lisa\Downloads\MCPR68.exe
2014-04-10 13:25 - 2014-04-10 13:25 - 00000611 _____ () C:\Users\Lisa\Desktop\JRT.txt
2014-04-10 13:19 - 2014-04-10 13:19 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 13:18 - 2014-04-10 13:18 - 01016261 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2014-04-10 13:13 - 2014-04-21 11:41 - 00000000 ____D () C:\AdwCleaner
2014-04-10 13:10 - 2014-04-10 13:10 - 00000263 _____ () C:\Users\Lisa\Desktop\mbam.txt
2014-04-10 12:36 - 2014-04-21 11:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 12:36 - 2014-04-10 12:36 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-10 12:36 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 12:36 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 12:36 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 12:35 - 2014-04-10 12:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 12:24 - 2014-04-10 12:24 - 00190744 _____ () C:\Users\Lisa\Downloads\Setup.exe
2014-04-09 08:52 - 2014-04-23 01:21 - 00000000 ____D () C:\FRST
2014-04-09 08:52 - 2014-04-18 11:18 - 00027424 _____ () C:\Users\Lisa\Desktop\Addition.txt
2014-04-09 08:51 - 2014-04-23 01:21 - 02061312 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-04-09 00:10 - 2014-04-09 00:12 - 138607664 _____ () C:\Users\Lisa\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Mozilla
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-08 23:12 - 2014-04-08 23:12 - 00000000 ____D () C:\ProgramData\CDB
2014-04-08 23:10 - 2014-04-08 23:12 - 00000155 _____ () C:\Windows\Reimage.ini
2014-04-08 22:59 - 2012-08-30 13:37 - 02213776 _____ (ELAN Microelectronics Corp.) C:\Windows\ETDUninst.dll
2014-04-08 22:31 - 2014-04-08 22:31 - 00000008 __RSH () C:\ProgramData\ntuser.pol

==================== One Month Modified Files and Folders =======

2014-04-23 01:22 - 2014-04-13 20:38 - 00009797 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-04-23 01:21 - 2014-04-14 21:21 - 00000000 ____D () C:\Users\Lisa\Desktop\FRST-OlderVersion
2014-04-23 01:21 - 2014-04-09 08:52 - 00000000 ____D () C:\FRST
2014-04-23 01:21 - 2014-04-09 08:51 - 02061312 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-04-23 01:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-23 00:44 - 2014-04-14 12:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 00:14 - 2013-05-06 22:23 - 01920148 _____ () C:\Windows\WindowsUpdate.log
2014-04-22 23:47 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-22 15:01 - 2013-06-01 15:14 - 00000000 ____D () C:\Users\Lisa\Documents\VRHs
2014-04-21 12:13 - 2012-09-03 12:56 - 00068230 _____ () C:\Windows\PFRO.log
2014-04-21 12:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\PLA
2014-04-21 11:47 - 2014-04-10 12:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 11:41 - 2014-04-10 13:13 - 00000000 ____D () C:\AdwCleaner
2014-04-21 11:35 - 2014-04-21 11:35 - 01322509 _____ () C:\Users\Lisa\Downloads\adwcleaner.exe
2014-04-21 11:24 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-21 11:19 - 2013-11-07 22:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\DivX
2014-04-21 11:19 - 2013-05-15 13:22 - 00000000 ____D () C:\Users\Lisa\AppData\Local\CrashDumps
2014-04-18 11:18 - 2014-04-09 08:52 - 00027424 _____ () C:\Users\Lisa\Desktop\Addition.txt
2014-04-17 21:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-17 13:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-17 00:35 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-16 11:36 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-15 22:16 - 2014-04-14 21:32 - 00028188 _____ () C:\Users\Lisa\Documents\Links.odt
2014-04-14 22:25 - 2014-04-14 22:25 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Mozilla
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-14 21:33 - 2014-04-14 21:33 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup95.exe
2014-04-14 21:33 - 2014-04-14 21:33 - 00001232 _____ () C:\Users\Lisa\Desktop\Revo Uninstaller.lnk
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 20:14 - 2014-04-14 20:14 - 00448512 _____ (OldTimer Tools) C:\Users\Lisa\Desktop\TFC.exe
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Macromedia
2014-04-14 12:05 - 2014-04-14 12:04 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Adobe
2014-04-14 12:04 - 2014-04-14 12:04 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 09:17 - 2014-04-14 09:17 - 00309992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-13 20:34 - 2014-04-13 20:34 - 00987448 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-04-13 17:58 - 2013-10-15 23:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-13 17:49 - 2013-05-08 14:08 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1594293785-3982079482-3168495513-1002
2014-04-13 17:29 - 2014-04-13 17:29 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2014-04-13 17:24 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-04-13 17:21 - 2014-04-13 17:21 - 03218352 _____ (McAfee, Inc.) C:\Users\Lisa\Downloads\MCPR68.exe
2014-04-10 13:25 - 2014-04-10 13:25 - 00000611 _____ () C:\Users\Lisa\Desktop\JRT.txt
2014-04-10 13:19 - 2014-04-10 13:19 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 13:18 - 2014-04-10 13:18 - 01016261 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2014-04-10 13:10 - 2014-04-10 13:10 - 00000263 _____ () C:\Users\Lisa\Desktop\mbam.txt
2014-04-10 12:36 - 2014-04-10 12:36 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-10 12:35 - 2014-04-10 12:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 12:24 - 2014-04-10 12:24 - 00190744 _____ () C:\Users\Lisa\Downloads\Setup.exe
2014-04-09 07:10 - 2012-09-28 01:10 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-04-09 07:10 - 2012-09-28 01:10 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-04-09 07:10 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 00:12 - 2014-04-09 00:10 - 138607664 _____ () C:\Users\Lisa\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Mozilla
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-08 23:12 - 2014-04-08 23:12 - 00000000 ____D () C:\ProgramData\CDB
2014-04-08 23:12 - 2014-04-08 23:10 - 00000155 _____ () C:\Windows\Reimage.ini
2014-04-08 22:31 - 2014-04-08 22:31 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-08 22:31 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-03 09:51 - 2014-04-10 12:36 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 12:36 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 12:36 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 23:18 - 2014-02-08 01:44 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-02-08 01:44 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:51 - 2013-05-11 12:35 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-26 20:42 - 2014-01-01 14:47 - 00000000 ____D () C:\Users\Lisa\Documents\Uni
2014-03-24 23:37 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\LiveKernelReports

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 10:47

==================== End Of Log ============================
--- --- ---

schrauber 23.04.2014 14:15
Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)
  • Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    :filefind
    *markit*
    :regfind
    markit
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

LisaBunny 28.04.2014 20:23
Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 21:16 on 28/04/2014 by Lisa
Administrator - Elevation successful

========== filefind ==========

Searching for "*markit*"
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Recent\Re-markit Update.vir.lnk        --a---- 4298 bytes        [09:25 21/04/2014]        [09:25 21/04/2014] F224F1861F68498A366C4E932E55B2C2
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Recent\re-markit.lnk        --a---- 2080 bytes        [09:25 21/04/2014]        [09:25 21/04/2014] FA584C8FE0680458699B6B0DDCE0D823

========== regfind ==========

Searching for "markit"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Re_markit]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37A58AF1-AD9B-441C-B5BB-33E1B7E2E028}]
"Path"="\Re-markit Update"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Re-markit Update]
[HKEY_USERS\S-1-5-21-1594293785-3982079482-3168495513-1002\Software\AppDataLow\Software\Re_markit]

Searching for "        "
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\HQVid8.1v2\Plugins\102]
"JavaScript"="
appAPI.internal.monetization = appAPI.internal.monetization || {};
if (typeof appAPI.internal.monetization.plugins === "undefined") { appAPI.internal.monetization.plugins = {}; }

appAPI.internal.monetization.plugins[102] = function() {

    if (!appAPI.internal.monetization.shouldRunByVertical(102, ["shopping"])){
        return;
    }

    function getHardId() {
        try {
            var userId = "fcrdr" + appAPI.getCrossriderID();
            return userId;
        } catch(e) {
            return "";
        }
    }

    function getChannelName() {
        var appId = "def";
        try {
            appId = appAPI.internal.monetization.getSubId();
        } catch(e) {
            appId = "def";
        }
        try {
            return "crdr_" + appId;
        } catch(e) {
            return "crdr_def";
        }
    }

 
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\SmartSaver+ 8\Plugins\102]
"JavaScript"="
appAPI.internal.monetization = appAPI.internal.monetization || {};
if (typeof appAPI.internal.monetization.plugins === "undefined") { appAPI.internal.monetization.plugins = {}; }

appAPI.internal.monetization.plugins[102] = function() {

    if (!appAPI.internal.monetization.shouldRunByVertical(102, ["shopping"])){
        return;
    }

    function getHardId() {
        try {
            var userId = "fcrdr" + appAPI.getCrossriderID();
            return userId;
        } catch(e) {
            return "";
        }
    }

    function getChannelName() {
        var appId = "def";
        try {
            appId = appAPI.internal.monetization.getSubId();
        } catch(e) {
            appId = "def";
        }
        try {
            return "crdr_" + appId;
        } catch(e) {
            return "crdr_def";
        }
    }

[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\ASPEncoder]
"Description"="
        <h3>Das Kernstück Ihres HD-Videoerlebnisses</h3>
        <p>Der Codec, der die Videowelt revolutioniert hat, wurde weiter optimiert. Wir bezeichnen diese Version als „Pro“, da sie zudem fantastische fortschrittliche Encoding-Einstellungen bietet, mit denen Sie mit Drittanbietersoftware hochwertige DivX-Video generieren können, die auf jedem beliebigen DivX Certified®-Gerät wiedergegeben werden können.</p>
        <h3>Gute Gründe für den DivX Codec</h3>
        <ul>
            <li>Erstellen Sie mit Drittanbietersoftware oder mit dem DivX Converter hochwertige, stark komprimierte DivX-Videos.</li>
            <li>Wir garantieren, dass Ihre Videos abgesehen von Deinem PC auch auf DivX Certified-DVD-Playern, Mobiltelefonen, Spielekonsolen uvm. abgespielt werden können.</li>
            <li>Optimieren Sie Ihre Videos mit den fortschrittlichen Encoding-Einstellungen, um hochwertigere Dateien zu erhalten.</li>
        </ul>"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Converter]
"Description"="
          <p>DivX Plus® Converter konvertiert im Handumdrehen gängige Formate in DivX-, MKV- und MP4-Videos in hoher Qualität – für eine reibungslose, zuverlässige Wiedergabe auf einer ganzen Reihe von Unterhaltungselektronikgeräten</p>
          <ul>
              <li>Konvertieren einer ganzen Reihe von Formaten in DivX- und DivX Plus – zur Wiedergabe auf DivX Certified-Geräten</li>
              <li>Zwei neue MP4-Profile zum einfachen Erstellen von Videos für iPhone® und iPad®</li>
              <li>Erstellen erweiterter Funktionen wie reibungslosem Vor- und Rücklauf und Kombination mehrerer Dateien in einem Video</li>
              <li>Videos in einer einzigen Sitzung gleichzeitig konvertieren – sogar bei verschiedenen Formaten</li>
              <li>15-Tage-Testversion des MPEG-2/DVD-Plug-Ins um Deine DVDs zu konvertieren.</li>
          </ul>
          "
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Player]
"Description"="
          <p>Der DivX Plus® Player bietet beeindruckende HD-Videowiedergabe</p>
          <ul>
              <li>Hochwertiges DivX (.avi und .divX), DivX Plus (.mkv) und andere gängige Videoformate auf dem PC ansehen</li>
              <li>Einfache Übertragung von Videos mit DivX to Go® auf beliebige DivX Certified®-Geräte oder Streaming auf DLNA-kompatible Geräte bei Dir zu Hause</li>
              <li>Erweiterte Funktionen wie reibungsloser Vor- und Rücklauf, mehrere Untertitel und mehrere Audiospuren</li>
          </ul>
          "
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\BundleGroups\divx.com]
"BundleGroupDescription"="
        <p>DivX Plus®-Software bietet alles, was Du für ein echtes Kinoerlebnis brauchst – auf dem Computer, zu Hause und unterwegs. Das beste DivX® Video-Erlebnis erhältst Du, wenn Du alle Komponenten installierst. <a href="hxxp://go.divx.com/WhatsNew/de" target="_blank">Neu in dieser Version.</a></p>
        <ul>
          <li>Konvertieren in DivX und MKV mithilfe von DivX Converter und Tools von Drittanbietern – unbegrenzt und kostenlos</li>
          <li>Zwei neue MP4-Profile zum Erstellen von Videos für iPhone®, iPad® und mehr </li>
          <li>Streaming auf DLNA-kompatible Geräte bei Dir zu Hause</li>
          <li>15-Tage-Testversion des MPEG-2/DVD-Plug-Ins um Deine DVDs zu konvertieren.</li>
        </ul>
        "
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\InstallGroups\FiltersAndCodecs]
"Description"="
          <p>Mit dem DivX Plus® Codec Pack kannst Du DivX®-Videos mit Deinen Lieblingsanwendungen abspielen und erstellen.</p>
          <ul>
              <li>DivX- und DivX Plus-Videos auf jedem beliebigen Media-Player abspielen (wie beispielsweise Windows Media Player, QuickTime, Media Player Classic)</li>
              <li>Ausgabe von AVI-Videos mit Deiner Lieblingsbearbeitungssoftware (z. B. Sony Vegas, Virtual Dub)</li>
              <li>Konvertieren in DivX und MKV mithilfe von DivX Converter und Tools von Drittanbietern – unbegrenzt und kostenlos</li>
          </ul>
          "
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\InstallGroups\SharedLibraries]
"Description"="
          <ul>
              <li>Das DivX VOD-Plug-in sorgt für besseres Erlebnis für Kunden, die Filme von DivX VOD - Shops beziehen.</li>
          </ul>
          "
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\WebPlayer]
"Description"="
          <p>Der DivX Plus® Web Player bietet hochwertiges HD-Videostreaming in Deinem Lieblingsbrowser.</p>
          <ul>
            <li>Unterstützt*DivX Plus Streaming™*(adaptives Streaming von H.264/MKV-Video mit Features).</li>
            <li>Streaming der gängigsten Formate im Internet (.divx, .avi, .mkv, .mp4, .mov)</li>
            <li>Weniger CPU- und Akkuverbrauch mit H.264-DXVA-Hardwarebeschleunigung</li>
          </ul>
          "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{BC683B56-7620-4DC5-AB71-C2AC26DA220C}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
                <Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
                <Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
            </Rating>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-1594293785-3982079482-3168495513-1002\{1BE9FC36-CE8F-44C0-8BDA-263BF3287ADD}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
            <Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
        </Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-1594293785-3982079482-3168495513-1002\{24617797-9743-4EF3-9206-FCB69B66464F}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
            <Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
        </Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-1594293785-3982079482-3168495513-1002\{3AF89F25-7471-4DFD-8CA1-8D48359FDEEE}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
            <Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
        </Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-1594293785-3982079482-3168495513-1002\{AB7D742B-7D78-4744-B90D-72FC9EF8190C}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
            <Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
            <Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
            <Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
            <Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
        </Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"="            <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" >                <InitializationParameters>                    <Param Name="PSVersion" Value="3.0"/>                </InitializationParameters>                <Resources>                    <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true">                        <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                        <Capability Type="Shell"/>                    </Reso
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"="            <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="28800" RunAsUser="" RunAsPassword="" AutoRestart="false"    Enabled="true" >                <InitializationParameters>                    <Param Name="PSVersion" Value="3.0"/>                    <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/>                    <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/>                    <Param Name="SessionConfigurationData"                          Value="                       
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Architecture="32" Enabled="true" >                        <InitializationParameters>                            <Param Name="PSVersion" Value="3.0"/>                        </InitializationParameters>                        <Resources>                            <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true">                                <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>               
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000]
"DriverDesc"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000\Settings]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{9679B310-6BEF-4A31-BB69-59D47BBBC0C3}\0000]
"DriverDesc"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{9679B310-6BEF-4A31-BB69-59D47BBBC0C3}\0000]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{9679B310-6BEF-4A31-BB69-59D47BBBC0C3}\0000\Settings]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\PCI\VEN_10DE&DEV_0DE9&SUBSYS_06481025&REV_A1\4&21c4c802&0&0008]
"DeviceDesc"="@oem23.inf,%nvidia_dev.0de9.0648.1025%;NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_SCSI#DISK&VEN_BROADCOM&PROD_SD&REV_0001#5&2205FC7F&0&000000#]
"DeviceDesc"="SD              "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_ANDROID&REV_FFFF#74C600029FFC00000163A1A918016029&0#]
"DeviceDesc"="Android        "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvlddmkm\Device0]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvlddmkm\Device1]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvlddmkm\Device2]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvlddmkm\Device3]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000]
"DriverDesc"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000\Settings]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{9679B310-6BEF-4A31-BB69-59D47BBBC0C3}\0000]
"DriverDesc"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{9679B310-6BEF-4A31-BB69-59D47BBBC0C3}\0000]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{9679B310-6BEF-4A31-BB69-59D47BBBC0C3}\0000\Settings]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0DE9&SUBSYS_06481025&REV_A1\4&21c4c802&0&0008]
"DeviceDesc"="@oem23.inf,%nvidia_dev.0de9.0648.1025%;NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_SCSI#DISK&VEN_BROADCOM&PROD_SD&REV_0001#5&2205FC7F&0&000000#]
"DeviceDesc"="SD              "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_ANDROID&REV_FFFF#74C600029FFC00000163A1A918016029&0#]
"DeviceDesc"="Android        "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nvlddmkm\Device0]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nvlddmkm\Device1]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nvlddmkm\Device2]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nvlddmkm\Device3]
"Device Description"="NVIDIA GeForce GT 630M                  "
[HKEY_USERS\S-1-5-21-1594293785-3982079482-3168495513-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\HQVid8.1v2\Plugins\102]
"JavaScript"="
appAPI.internal.monetization = appAPI.internal.monetization || {};
if (typeof appAPI.internal.monetization.plugins === "undefined") { appAPI.internal.monetization.plugins = {}; }

appAPI.internal.monetization.plugins[102] = function() {

    if (!appAPI.internal.monetization.shouldRunByVertical(102, ["shopping"])){
        return;
    }

    function getHardId() {
        try {
            var userId = "fcrdr" + appAPI.getCrossriderID();
            return userId;
        } catch(e) {
            return "";
        }
    }

    function getChannelName() {
        var appId = "def";
        try {
            appId = appAPI.internal.monetization.getSubId();
        } catch(e) {
            appId = "def";
        }
        try {
            return "crdr_" + appId;
        } catch(e) {
         
[HKEY_USERS\S-1-5-21-1594293785-3982079482-3168495513-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\SmartSaver+ 8\Plugins\102]
"JavaScript"="
appAPI.internal.monetization = appAPI.internal.monetization || {};
if (typeof appAPI.internal.monetization.plugins === "undefined") { appAPI.internal.monetization.plugins = {}; }

appAPI.internal.monetization.plugins[102] = function() {

    if (!appAPI.internal.monetization.shouldRunByVertical(102, ["shopping"])){
        return;
    }

    function getHardId() {
        try {
            var userId = "fcrdr" + appAPI.getCrossriderID();
            return userId;
        } catch(e) {
            return "";
        }
    }

    function getChannelName() {
        var appId = "def";
        try {
            appId = appAPI.internal.monetization.getSubId();
        } catch(e) {
            appId = "def";
        }
        try {
            return "crdr_" + appId;
        } catch(e) {
     
[HKEY_USERS\S-1-5-21-1594293785-3982079482-3168495513-1002_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\HQVid8.1v2\Plugins\102]
"JavaScript"="
appAPI.internal.monetization = appAPI.internal.monetization || {};
if (typeof appAPI.internal.monetization.plugins === "undefined") { appAPI.internal.monetization.plugins = {}; }

appAPI.internal.monetization.plugins[102] = function() {

    if (!appAPI.internal.monetization.shouldRunByVertical(102, ["shopping"])){
        return;
    }

    function getHardId() {
        try {
            var userId = "fcrdr" + appAPI.getCrossriderID();
            return userId;
        } catch(e) {
            return "";
        }
    }

    function getChannelName() {
        var appId = "def";
        try {
            appId = appAPI.internal.monetization.getSubId();
        } catch(e) {
            appId = "def";
        }
        try {
            return "crdr_" + appId;
        } catch(e) {
            return
[HKEY_USERS\S-1-5-21-1594293785-3982079482-3168495513-1002_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\SmartSaver+ 8\Plugins\102]
"JavaScript"="
appAPI.internal.monetization = appAPI.internal.monetization || {};
if (typeof appAPI.internal.monetization.plugins === "undefined") { appAPI.internal.monetization.plugins = {}; }

appAPI.internal.monetization.plugins[102] = function() {

    if (!appAPI.internal.monetization.shouldRunByVertical(102, ["shopping"])){
        return;
    }

    function getHardId() {
        try {
            var userId = "fcrdr" + appAPI.getCrossriderID();
            return userId;
        } catch(e) {
            return "";
        }
    }

    function getChannelName() {
        var appId = "def";
        try {
            appId = appAPI.internal.monetization.getSubId();
        } catch(e) {
            appId = "def";
        }
        try {
            return "crdr_" + appId;
        } catch(e) {
            retu

-= EOF =-

schrauber 29.04.2014 19:25
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Recent\Re-markit Update.vir.lnk
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Recent\re-markit.lnk
reg: reg delete HKEY_CURRENT_USER\Software\AppDataLow\Software\Re_markit /f
reg: reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37A58AF1-AD9B-441C-B5BB-33E1B7E2E028} /f
reg: reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Re-markit Update /f
reg: reg delete HKEY_USERS\S-1-5-21-1594293785-3982079482-3168495513-1002\Software\AppDataLow\Software\Re_markit /f

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




FRST öffnen, Haken setzen bei Additional und scannen, poste bitte beide Logfiles. Noch Probleme?

LisaBunny 30.04.2014 16:17
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-04-2014 01
Ran by Lisa at 2014-04-30 17:14:19 Run:4
Running from C:\Users\Lisa\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Recent\Re-markit Update.vir.lnk
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Recent\re-markit.lnk
reg: reg delete HKEY_CURRENT_USER\Software\AppDataLow\Software\Re_markit /f
reg: reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37A58AF1-AD9B-441C-B5BB-33E1B7E2E028} /f
reg: reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Re-markit Update /f
reg: reg delete HKEY_USERS\S-1-5-21-1594293785-3982079482-3168495513-1002\Software\AppDataLow\Software\Re_markit /f
       
*****************

C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Recent\Re-markit Update.vir.lnk => Moved successfully.
C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Recent\re-markit.lnk => Moved successfully.

========= reg delete HKEY_CURRENT_USER\Software\AppDataLow\Software\Re_markit /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37A58AF1-AD9B-441C-B5BB-33E1B7E2E028} /f =========

FEHLER: Ungltige Syntax.
Geben Sie "REG DELETE /?" ein, um die Syntax anzuzeigen.


========= End of Reg: =========


========= reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Re-markit Update /f =========

FEHLER: Ungltige Syntax.
Geben Sie "REG DELETE /?" ein, um die Syntax anzuzeigen.


========= End of Reg: =========


========= reg delete HKEY_USERS\S-1-5-21-1594293785-3982079482-3168495513-1002\Software\AppDataLow\Software\Re_markit /f =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


==== End of Fixlog ====

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-04-2014 01
Ran by Lisa (administrator) on DERGERÄT on 30-04-2014 17:15:00
Running from C:\Users\Lisa\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {481AA274-0DA3-41BF-8732-0950E04B5904} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {481AA274-0DA3-41BF-8732-0950E04B5904} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1

FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\f5x9mlqr.default-1397507398534
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-27] (Dritek System INC.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [X]

==================== Drivers (Whitelisted) ====================

S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-21] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-27] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-28 21:16 - 2014-04-28 21:20 - 00053370 _____ () C:\Users\Lisa\Desktop\SystemLook.txt
2014-04-28 21:15 - 2014-04-28 21:15 - 00165376 _____ () C:\Users\Lisa\Desktop\SystemLook_x64.exe
2014-04-21 11:35 - 2014-04-21 11:35 - 01322509 _____ () C:\Users\Lisa\Downloads\adwcleaner.exe
2014-04-14 22:25 - 2014-04-14 22:25 - 00001127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-14 22:25 - 2014-04-14 22:25 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Mozilla
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-14 21:33 - 2014-04-14 21:33 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup95.exe
2014-04-14 21:33 - 2014-04-14 21:33 - 00001232 _____ () C:\Users\Lisa\Desktop\Revo Uninstaller.lnk
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 21:32 - 2014-04-15 22:16 - 00028188 _____ () C:\Users\Lisa\Documents\Links.odt
2014-04-14 21:21 - 2014-04-30 17:14 - 00000000 ____D () C:\Users\Lisa\Desktop\FRST-OlderVersion
2014-04-14 20:14 - 2014-04-14 20:14 - 00448512 _____ (OldTimer Tools) C:\Users\Lisa\Desktop\TFC.exe
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Macromedia
2014-04-14 12:04 - 2014-04-30 16:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 12:04 - 2014-04-28 19:45 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 12:04 - 2014-04-14 12:05 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Adobe
2014-04-14 09:17 - 2014-04-14 09:17 - 00309992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-13 20:38 - 2014-04-30 17:15 - 00010675 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-04-13 20:34 - 2014-04-13 20:34 - 00987448 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-04-13 17:45 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-13 17:44 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-13 17:44 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-13 17:44 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-13 17:44 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-13 17:44 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-13 17:44 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-13 17:44 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 17:44 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-13 17:44 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-13 17:44 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 17:44 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-13 17:44 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-13 17:44 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-13 17:44 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-13 17:44 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-13 17:44 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-13 17:44 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-13 17:44 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-13 17:44 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-13 17:43 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-13 17:43 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-13 17:43 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-13 17:43 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-13 17:43 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-13 17:43 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-13 17:43 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-13 17:43 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-13 17:43 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-13 17:43 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-13 17:43 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-13 17:43 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-13 17:43 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-13 17:43 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-13 17:43 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-13 17:43 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-13 17:43 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-13 17:43 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-13 17:39 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-04-13 17:39 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-04-13 17:38 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-13 17:38 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-13 17:38 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-13 17:38 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-13 17:38 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-13 17:35 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-13 17:35 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-13 17:35 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-13 17:35 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-13 17:31 - 2014-01-19 09:33 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-04-13 17:29 - 2014-04-13 17:29 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2014-04-13 17:21 - 2014-04-13 17:21 - 03218352 _____ (McAfee, Inc.) C:\Users\Lisa\Downloads\MCPR68.exe
2014-04-10 13:25 - 2014-04-10 13:25 - 00000611 _____ () C:\Users\Lisa\Desktop\JRT.txt
2014-04-10 13:19 - 2014-04-10 13:19 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 13:18 - 2014-04-10 13:18 - 01016261 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2014-04-10 13:13 - 2014-04-21 11:41 - 00000000 ____D () C:\AdwCleaner
2014-04-10 13:10 - 2014-04-10 13:10 - 00000263 _____ () C:\Users\Lisa\Desktop\mbam.txt
2014-04-10 12:36 - 2014-04-21 11:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-10 12:36 - 2014-04-10 12:36 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-10 12:36 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-10 12:36 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-10 12:36 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-10 12:35 - 2014-04-10 12:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 12:24 - 2014-04-10 12:24 - 00190744 _____ () C:\Users\Lisa\Downloads\Setup.exe
2014-04-09 08:52 - 2014-04-30 17:15 - 00000000 ____D () C:\FRST
2014-04-09 08:52 - 2014-04-18 11:18 - 00027424 _____ () C:\Users\Lisa\Desktop\Addition.txt
2014-04-09 08:51 - 2014-04-30 17:14 - 02060800 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-04-09 00:10 - 2014-04-09 00:12 - 138607664 _____ () C:\Users\Lisa\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Mozilla
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-08 23:12 - 2014-04-08 23:12 - 00000000 ____D () C:\ProgramData\CDB
2014-04-08 23:10 - 2014-04-08 23:12 - 00000155 _____ () C:\Windows\Reimage.ini
2014-04-08 22:59 - 2012-08-30 13:37 - 02213776 _____ (ELAN Microelectronics Corp.) C:\Windows\ETDUninst.dll
2014-04-08 22:31 - 2014-04-08 22:31 - 00000008 __RSH () C:\ProgramData\ntuser.pol

==================== One Month Modified Files and Folders =======

2014-04-30 17:15 - 2014-04-13 20:38 - 00010675 _____ () C:\Users\Lisa\Desktop\FRST.txt
2014-04-30 17:15 - 2014-04-09 08:52 - 00000000 ____D () C:\FRST
2014-04-30 17:14 - 2014-04-14 21:21 - 00000000 ____D () C:\Users\Lisa\Desktop\FRST-OlderVersion
2014-04-30 17:14 - 2014-04-09 08:51 - 02060800 _____ (Farbar) C:\Users\Lisa\Desktop\FRST64.exe
2014-04-30 17:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-30 16:50 - 2013-05-06 22:23 - 01523985 _____ () C:\Windows\WindowsUpdate.log
2014-04-30 16:44 - 2014-04-14 12:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-30 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-30 09:13 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-29 12:07 - 2014-01-01 14:47 - 00000000 ____D () C:\Users\Lisa\Documents\Uni
2014-04-28 21:20 - 2014-04-28 21:16 - 00053370 _____ () C:\Users\Lisa\Desktop\SystemLook.txt
2014-04-28 21:15 - 2014-04-28 21:15 - 00165376 _____ () C:\Users\Lisa\Desktop\SystemLook_x64.exe
2014-04-28 21:14 - 2013-06-01 15:14 - 00000000 ____D () C:\Users\Lisa\Documents\VRHs
2014-04-28 19:45 - 2014-04-14 12:04 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-25 02:25 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-23 01:47 - 2014-02-08 01:44 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2014-02-08 01:44 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-21 12:13 - 2012-09-03 12:56 - 00068230 _____ () C:\Windows\PFRO.log
2014-04-21 12:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\PLA
2014-04-21 11:47 - 2014-04-10 12:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 11:41 - 2014-04-10 13:13 - 00000000 ____D () C:\AdwCleaner
2014-04-21 11:35 - 2014-04-21 11:35 - 01322509 _____ () C:\Users\Lisa\Downloads\adwcleaner.exe
2014-04-21 11:24 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-21 11:19 - 2013-11-07 22:23 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\DivX
2014-04-21 11:19 - 2013-05-15 13:22 - 00000000 ____D () C:\Users\Lisa\AppData\Local\CrashDumps
2014-04-18 11:18 - 2014-04-09 08:52 - 00027424 _____ () C:\Users\Lisa\Desktop\Addition.txt
2014-04-17 00:35 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-16 11:36 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-15 22:16 - 2014-04-14 21:32 - 00028188 _____ () C:\Users\Lisa\Documents\Links.odt
2014-04-14 22:25 - 2014-04-14 22:25 - 00001127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-14 22:25 - 2014-04-14 22:25 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Mozilla
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-14 22:25 - 2014-04-14 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-14 21:33 - 2014-04-14 21:33 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lisa\Downloads\revosetup95.exe
2014-04-14 21:33 - 2014-04-14 21:33 - 00001232 _____ () C:\Users\Lisa\Desktop\Revo Uninstaller.lnk
2014-04-14 21:33 - 2014-04-14 21:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-14 20:14 - 2014-04-14 20:14 - 00448512 _____ (OldTimer Tools) C:\Users\Lisa\Desktop\TFC.exe
2014-04-14 12:05 - 2014-04-14 12:05 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Macromedia
2014-04-14 12:05 - 2014-04-14 12:04 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Adobe
2014-04-14 09:17 - 2014-04-14 09:17 - 00309992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 22:34 - 2014-04-13 22:34 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-13 21:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-13 20:34 - 2014-04-13 20:34 - 00987448 _____ () C:\Users\Lisa\Downloads\SecurityCheck.exe
2014-04-13 17:58 - 2013-10-15 23:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-13 17:49 - 2013-05-08 14:08 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1594293785-3982079482-3168495513-1002
2014-04-13 17:29 - 2014-04-13 17:29 - 02347384 _____ (ESET) C:\Users\Lisa\Downloads\esetsmartinstaller_enu.exe
2014-04-13 17:24 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-04-13 17:21 - 2014-04-13 17:21 - 03218352 _____ (McAfee, Inc.) C:\Users\Lisa\Downloads\MCPR68.exe
2014-04-10 13:25 - 2014-04-10 13:25 - 00000611 _____ () C:\Users\Lisa\Desktop\JRT.txt
2014-04-10 13:19 - 2014-04-10 13:19 - 00000000 ____D () C:\Windows\ERUNT
2014-04-10 13:18 - 2014-04-10 13:18 - 01016261 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2014-04-10 13:10 - 2014-04-10 13:10 - 00000263 _____ () C:\Users\Lisa\Desktop\mbam.txt
2014-04-10 12:36 - 2014-04-10 12:36 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-10 12:36 - 2014-04-10 12:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-10 12:35 - 2014-04-10 12:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 12:24 - 2014-04-10 12:24 - 00190744 _____ () C:\Users\Lisa\Downloads\Setup.exe
2014-04-09 07:10 - 2012-09-28 01:10 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-04-09 07:10 - 2012-09-28 01:10 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-04-09 07:10 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 00:12 - 2014-04-09 00:10 - 138607664 _____ () C:\Users\Lisa\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\Users\Lisa\AppData\Local\Mozilla
2014-04-08 23:50 - 2014-04-08 23:50 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-08 23:12 - 2014-04-08 23:12 - 00000000 ____D () C:\ProgramData\CDB
2014-04-08 23:12 - 2014-04-08 23:10 - 00000155 _____ () C:\Windows\Reimage.ini
2014-04-08 22:31 - 2014-04-08 22:31 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-08 22:31 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-03 09:51 - 2014-04-10 12:36 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-10 12:36 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-10 12:36 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 03:51 - 2013-05-11 12:35 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-27 10:10

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-04-2014 01
Ran by Lisa at 2014-04-30 17:15:40
Running from C:\Users\Lisa\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Ihr Firmenname)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden

==================== Restore Points  =========================

13-04-2014 15:50:11 Windows Update
13-04-2014 15:50:11 Windows Modules Installer
14-04-2014 20:14:14 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 de)
24-04-2014 14:21:52 Geplanter Prüfpunkt
30-04-2014 09:44:51 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1F069D73-D2DA-4AAF-A370-6B1C036D7A3D} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {37A58AF1-AD9B-441C-B5BB-33E1B7E2E028} - \Re-markit Update No Task File <==== ATTENTION
Task: {3B04812C-632E-440A-9B5B-B3AEF5B353AF} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {7D2CE3E0-9C7B-4B14-8F4A-66EC9B32153F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {8FE66615-B4A4-4B43-A783-31C11E100264} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A8B00D79-8CF9-41AD-B6D0-0A0BC4C759A2} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {B7FF15ED-EA7E-4BD3-861B-A8B8547E91C3} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {B9D2AB6C-06B8-4D3B-8F1B-907A1FBBE7ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {C29914B2-FB69-4A6D-ADCA-C1C36A633DD5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CEDAB060-F54A-42B8-BFD4-65CDCA82D8CE} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {E1B232EC-44E8-4A4C-974B-D2ECB59CF591} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {E3A2E92C-8A5E-469E-83FB-DFCC1F111F33} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-09-03 13:50 - 2012-08-08 17:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-23 00:04 - 2012-08-23 00:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-08-23 00:04 - 2012-08-23 00:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-09-27 15:31 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-14 22:25 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/30/2014 01:50:25 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/29/2014 09:36:50 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/28/2014 11:11:04 AM) (Source: Application Hang) (User: )
Description: Programm glcnd.exe, Version 6.2.8516.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e74

Startzeit: 01cf62bdb1a588ce

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe\glcnd.exe

Berichts-ID: 04919a66-ceb5-11e3-811b-b888e3a5db85

Vollständiger Name des fehlerhaften Pakets: Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.Reader

Error: (04/28/2014 11:11:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: DerGerät)
Description: Das Paket „Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (04/28/2014 11:10:57 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/25/2014 01:50:44 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/21/2014 11:19:45 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DivXConverterLauncher.exe, Version: 9.2.0.16, Zeitstempel: 0x519dc32b
Name des fehlerhaften Moduls: DivXConverterLauncher.dll, Version: 9.2.0.16, Zeitstempel: 0x519dc325
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00071ede
ID des fehlerhaften Prozesses: 0x510
Startzeit der fehlerhaften Anwendung: 0xDivXConverterLauncher.exe0
Pfad der fehlerhaften Anwendung: DivXConverterLauncher.exe1
Pfad des fehlerhaften Moduls: DivXConverterLauncher.exe2
Berichtskennung: DivXConverterLauncher.exe3
Vollständiger Name des fehlerhaften Pakets: DivXConverterLauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DivXConverterLauncher.exe5

Error: (04/17/2014 08:34:06 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/14/2014 07:18:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x1640
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5

Error: (04/14/2014 07:08:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x12d0
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5


System errors:
=============
Error: (04/24/2014 11:20:16 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/24/2014 11:20:16 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/14/2014 09:18:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Dritek WMI Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/14/2014 08:16:04 PM) (Source: Service Control Manager) (User: )
Description: Dienst "CCDMonitorService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/12/2014 09:52:30 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/12/2014 09:52:30 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/12/2014 09:52:30 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/12/2014 09:52:30 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/12/2014 09:52:29 AM) (Source: DCOM) (User: DerGerät)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DerGerätLisaS-1-5-21-1594293785-3982079482-3168495513-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/11/2014 02:07:40 AM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.20.2 mit dem Computer mit der
Netzwerkhardwareadresse FC-0F-E6-F5-02-91 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.


Microsoft Office Sessions:
=========================
Error: (04/30/2014 01:50:25 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/29/2014 09:36:50 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/28/2014 11:11:04 AM) (Source: Application Hang)(User: )
Description: glcnd.exe6.2.8516.0e7401cf62bdb1a588ce4294967295C:\Program Files\WindowsApps\Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe\glcnd.exe04919a66-ceb5-11e3-811b-b888e3a5db85Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbweMicrosoft.Reader

Error: (04/28/2014 11:11:00 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: DerGerät)
Description: Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe

Error: (04/28/2014 11:10:57 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/25/2014 01:50:44 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/21/2014 11:19:45 AM) (Source: Application Error)(User: )
Description: DivXConverterLauncher.exe9.2.0.16519dc32bDivXConverterLauncher.dll9.2.0.16519dc325c000000500071ede51001cf5d42cee3f73eC:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.exeC:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.dll137e70ee-c936-11e3-8109-b888e3a5db85

Error: (04/17/2014 08:34:06 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/14/2014 07:18:04 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.2.9200.16578515fac6ec0000374000daa3c164001cf580427333509C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dllbcaef67c-c3f8-11e3-80f9-b888e3a5db85

Error: (04/14/2014 07:08:13 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.2.9200.16578515fac6ec0000374000daa3c12d001cf57c90e8ebb47C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll5c53319b-c3f7-11e3-80f9-b888e3a5db85


==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 8007.27 MB
Available physical RAM: 6285.5 MB
Total Pagefile: 9223.27 MB
Available Pagefile: 7533.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.19 GB) (Free:561.9 GB) NTFS
Drive d: (AR6PC) (CDROM) (Total:3.1 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: D8418E4D)

Partition: GPT Partition Type.

==================== End Of Log ============================

Momentan hab ich keine Probleme mehr, ich hoffe, das bleibt auch so :)
Also soweit ich das sehe, ist alles okay...

schrauber 01.05.2014 16:09
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

LisaBunny 06.05.2014 16:00
okay, vielen, vielen DAnk!
Alles geklärt, keine Fragen mehr ;)

schrauber 07.05.2014 09:45
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:32 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131