Trojaner-Board - Viren, Malware usw. vom Laptop entfernen

Ich weiß leider nicht wo ich die Logs finden soll oder sie sein könnten. Das Problem besteht aber wahrscheinlich schön viel länger.

FRST:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01

Ran by Computer (administrator) on COMPUTER-PC on 16-12-2014 15:47:26

Running from C:\Users\Computer\Desktop

Loaded Profile: Computer (Available profiles: Computer)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Akamai Technologies, Inc.) C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Akamai Technologies, Inc.) C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

() C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)

HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [combofix] => C:\ComboFix\CF17175.3XE /c C:\ComboFix\Combobatch.bat

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297112 2014-12-09] (COMODO)

HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)

HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)

HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1980416 2013-12-18] (Wondershare)

HKLM-x32\...\Run: [PrivDogService] => "C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe"

HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)

HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)

HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\RunOnce: [Adobe Speed Launcher] => 1418736929

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)

AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)

AppInit_DLLs-x32:  c:\Windows\SysWOW64\guard32.dll => c:\Windows\SysWOW64\guard32.dll [352272 2014-12-09] (COMODO)

AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKU\S-1-5-21-1066331368-3135870475-817509354-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-1066331368-3135870475-817509354-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/

HKU\S-1-5-21-1066331368-3135870475-817509354-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope value is missing.

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 

FireFox:

========

FF ProfilePath: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\5maq89ab.default

FF NewTab: hxxp://www.google.com/

FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=

FF SearchEngineOrder.1: Google

FF SelectedSearchEngine: Google

FF Homepage: hxxp://www.google.com

FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()

FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1066331368-3135870475-817509354-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\Firefox\Extensions: [PrivDog@AdTrustMedia.com] - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\5maq89ab.default\extensions

FF Extension: No Name - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\5maq89ab.default\extensions [2014-03-21]
 

Chrome: 

=======

CHR Profile: C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-04]

CHR Extension: (Google Drive) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-04]

CHR Extension: (YouTube) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-04]

CHR Extension: (Google-Suche) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-04]

CHR Extension: (Google Wallet) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-23]

CHR Extension: (Google Mail) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-04]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-25] (Comodo Security Solutions, Inc.)

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-09] (COMODO)

S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-09] (COMODO)

R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)

R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4204272 2012-08-28] (INCA Internet Co., Ltd.) [File not signed]

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-03] ()

S2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

S3 AsyncMac; C:\Windows\SysWOW64\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation)

R1 cdrom; C:\Windows\SysWOW64\DRIVERS\cdrom.sys [147456 2010-11-21] (Microsoft Corporation)

S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-09-03] (Windows (R) Win 7 DDK provider) [File not signed]

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-09] (COMODO)

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2014-12-09] (COMODO)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-26] (DT Soft Ltd)

R3 hamachi; C:\Windows\System32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)

R3 intelppm; C:\Windows\SysWOW64\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-16] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

R0 NDIS; C:\Windows\SysWOW64\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)

R3 Ndisuio; C:\Windows\SysWOW64\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation)

R3 NDProxy; C:\Windows\SysWow64\Drivers\NDProxy.sys [57856 2010-11-21] (Microsoft Corporation)

R1 NetBIOS; C:\Windows\SysWOW64\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation)

R1 NetBT; C:\Windows\SysWOW64\DRIVERS\netbt.sys [261632 2010-11-21] (Microsoft Corporation)

R1 Null; C:\Windows\SysWow64\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [136192 2013-04-03] (MCCI Corporation)

S3 ssm_mdfl; C:\Windows\System32\DRIVERS\ssm_mdfl.sys [18944 2013-04-03] (MCCI Corporation)

S3 ssm_mdm; C:\Windows\System32\DRIVERS\ssm_mdm.sys [172032 2013-04-03] (MCCI Corporation)

S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-07] (Anchorfree Inc.)

R0 Tcpip; C:\Windows\SysWOW64\drivers\tcpip.sys [1897408 2013-11-26] (Microsoft Corporation)

S3 TCPIP6; C:\Windows\SysWOW64\DRIVERS\tcpip.sys [1897408 2013-11-26] (Microsoft Corporation)

R1 tdx; C:\Windows\SysWOW64\DRIVERS\tdx.sys [119296 2010-11-21] (Microsoft Corporation)

S3 wod0205; C:\Windows\System32\DRIVERS\wod0205.sys [33160 2011-04-23] (WeOnlyDo Software)

S3 b57xdbd; system32\DRIVERS\b57xdbd.sys [X]

S3 b57xdmp; system32\DRIVERS\b57xdmp.sys [X]

S3 bScsiMSa; system32\DRIVERS\bScsiMSa.sys [X]

S3 bScsiSDa; system32\DRIVERS\bScsiSDa.sys [X]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 EuMusDesignVirtualAudioCableWdm; system32\DRIVERS\vrtaucbl.sys [X]

S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]

S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]

S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]

S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]

S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]

S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]

S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]

S3 usj; \??\C:\AeriaGames\EdenEternal\avital\ussjcs64.sys [X]

S3 zbrk; \??\C:\Program Files (x86)\ZombiRock\bin\avital\zbrc64.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 

NETSVCx32: AppInfo -> C:\Windows\SysWOW64\appinfo.dll ==> No File.

NETSVCx32: browser -> C:\Windows\SysWOW64\browser.dll ==> No File.

NETSVCx32: EapHost -> C:\Windows\SysWOW64\eapsvc.dll ==> No File.

NETSVCx32: hkmsvc -> C:\Windows\SysWOW64\kmsvc.dll ==> No File.

NETSVCx32: IKEEXT -> C:\Windows\SysWOW64\ikeext.dll ==> No File.

NETSVCx32: MMCSS -> C:\Windows\SysWOW64\mmcss.dll ==> No File.

NETSVCx32: ProfSvc -> C:\Windows\SysWOW64\profsvc.dll ==> No File.

NETSVCx32: seclogon -> %windir%\SysWOW64\seclogon.dll ==> No File.

NETSVCx32: wercplsupport -> C:\Windows\SysWOW64\wercplsupport.dll ==> No File.

NETSVCx32: BDESVC -> C:\Windows\SysWOW64\bdesvc.dll ==> No File.
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-12-16 15:47 - 2014-12-16 15:47 - 00023048 _____ () C:\Users\Computer\Desktop\FRST.txt

2014-12-16 15:47 - 2014-12-16 15:47 - 00000000 ____D () C:\Users\Computer\Desktop\FRST-OlderVersion

2014-12-16 15:11 - 2014-12-16 15:11 - 00117320 _____ () C:\Users\Computer\Downloads\OptiFine_1.7.10_L_A4.jar

2014-12-12 22:55 - 2014-12-12 22:56 - 04501720 _____ (Tunngle.net GmbH ) C:\Users\Computer\Downloads\Tunngle_Setup_v5.0 (1).exe

2014-12-12 16:41 - 2014-12-12 16:41 - 00000000 ____D () C:\Windows\system32\appraiser

2014-12-11 22:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2014-12-11 22:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2014-12-11 14:43 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-12-11 14:43 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-12-11 14:43 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-12-11 14:43 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-12-11 14:43 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-12-11 14:43 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-12-11 14:43 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-12-11 14:43 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-12-11 14:43 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-12-11 14:43 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-12-11 14:43 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-12-11 14:43 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-12-11 14:43 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-12-11 14:43 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-12-11 14:43 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-12-11 14:43 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-12-11 14:43 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-12-11 14:43 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-12-11 14:43 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-12-11 14:43 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-12-11 14:43 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-12-11 14:43 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-12-11 14:43 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-12-11 14:43 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-12-11 14:43 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-12-11 14:43 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-12-11 14:43 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-12-11 14:43 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-12-11 14:43 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-12-11 14:43 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-12-11 14:43 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-12-11 14:43 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-12-11 14:43 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-12-11 14:43 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-12-11 14:43 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-12-11 14:43 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-12-11 14:43 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-12-11 14:43 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-12-11 14:43 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-12-11 14:43 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-12-11 14:43 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-12-11 14:43 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-12-11 14:43 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-12-11 14:43 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-12-11 14:43 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-12-11 14:43 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-12-11 14:43 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-12-11 14:43 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-12-11 14:43 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-12-11 14:43 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-12-11 14:43 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-12-11 14:43 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-12-11 14:43 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-12-11 14:43 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-12-11 14:43 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-12-11 14:43 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2014-12-11 14:41 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-12-11 14:41 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2014-12-11 14:38 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-12-11 14:38 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-12-11 14:38 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2014-12-11 14:38 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe

2014-12-11 14:38 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe

2014-12-11 14:38 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll

2014-12-11 14:38 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll

2014-12-11 14:38 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll

2014-12-11 14:38 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll

2014-12-11 14:38 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe

2014-12-11 14:38 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll

2014-12-11 14:38 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll

2014-12-11 14:38 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll

2014-12-11 14:38 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll

2014-12-11 14:38 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

2014-12-11 14:37 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-12-11 14:37 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-12-08 12:59 - 2014-12-08 12:59 - 03161056 _____ (Piriform Ltd) C:\Users\Computer\Downloads\rcsetup151_slim.exe

2014-12-08 12:59 - 2014-12-08 12:59 - 00001662 _____ () C:\Users\Public\Desktop\Recuva.lnk

2014-12-05 18:49 - 2014-12-07 06:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle

2014-12-05 18:49 - 2014-12-07 06:49 - 00000000 ____D () C:\Program Files (x86)\Tunngle

2014-12-05 18:49 - 2014-12-06 01:34 - 00000000 ____D () C:\ProgramData\Tunngle

2014-12-05 18:49 - 2014-12-05 18:49 - 00000000 ____D () C:\Users\Public\Documents\Tunngle

2014-12-05 18:47 - 2014-12-05 18:47 - 04501720 _____ (Tunngle.net GmbH ) C:\Users\Computer\Downloads\Tunngle_Setup_v5.0.exe

2014-12-05 18:35 - 2014-12-05 18:35 - 00651067 _____ () C:\Users\Computer\Downloads\MiniVPN.zip

2014-12-05 18:12 - 2014-12-05 18:13 - 02133688 _____ ( ) C:\Users\Computer\Downloads\WippienInst.exe

2014-12-05 14:54 - 2014-12-16 14:35 - 00043501 _____ () C:\Windows\SysWOW64\debug.log

2014-12-04 22:36 - 2014-12-04 22:36 - 00000000 _____ () C:\Windows\SysWOW64\shoE61D.tmp

2014-12-04 22:30 - 2014-12-04 22:30 - 00000000 ____D () C:\ProgramData\LogMeIn

2014-12-04 22:18 - 2014-12-04 22:18 - 00000000 ____D () C:\Users\Computer\AppData\Local\LogMeInIgnition

2014-12-04 22:16 - 2014-12-04 22:16 - 00001024 _____ () C:\.rnd

2014-12-04 22:13 - 2014-12-04 22:14 - 26279936 _____ () C:\Users\Computer\Downloads\LogMeIn.msi

2014-12-04 19:27 - 2014-12-04 19:27 - 00000000 ____D () C:\zoek_backup

2014-12-04 19:22 - 2014-12-04 19:23 - 01295360 _____ () C:\Users\Computer\Desktop\zoek.exe

2014-12-04 18:28 - 2014-12-16 14:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-12-04 18:27 - 2014-12-04 18:27 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-12-04 18:27 - 2014-12-04 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-12-04 18:27 - 2014-12-04 18:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-12-04 18:27 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-12-04 18:27 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-12-04 18:27 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-12-04 18:23 - 2014-12-04 18:24 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Computer\Desktop\mbam-setup-2.0.4.1028.exe

2014-12-03 20:14 - 2014-12-03 20:30 - 00000000 ___SD () C:\32788R22FWJFW

2014-12-03 18:56 - 2014-12-03 18:56 - 05600127 ____R (Swearware) C:\Users\Computer\Desktop\ComboFix.exe

2014-12-02 19:17 - 2014-12-02 19:17 - 02154496 _____ () C:\Users\Computer\Desktop\AdwCleaner_4.103.exe

2014-12-02 19:15 - 2014-12-16 15:47 - 02119168 _____ (Farbar) C:\Users\Computer\Desktop\FRST64.exe

2014-12-02 16:58 - 2014-12-02 16:58 - 00262144 _____ () C:\Windows\Minidump\120214-26941-01.dmp

2014-11-26 14:00 - 2014-12-08 13:37 - 00000000 ____D () C:\Users\Computer\Desktop\Kurdi - Tirki

2014-11-26 13:52 - 2014-12-08 13:58 - 00000000 ____D () C:\Users\Computer\Desktop\Deutsch - Englisch

2014-11-24 14:19 - 2014-11-24 14:20 - 00000000 ____D () C:\Users\Computer\Desktop\Neuer Ordner (3)

2014-11-23 00:34 - 2014-11-23 00:34 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\java

2014-11-19 12:45 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-11-19 12:45 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll

2014-11-19 12:45 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-11-19 12:45 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

2014-11-16 11:51 - 2014-11-16 11:51 - 00000000 __SHD () C:\Users\Computer\AppData\Local\EmieBrowserModeList
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-12-16 15:47 - 2014-02-25 18:24 - 00000000 ____D () C:\FRST

2014-12-16 15:46 - 2014-05-25 16:07 - 00000000 ____D () C:\Program Files\Recuva

2014-12-16 15:44 - 2012-10-27 12:30 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat

2014-12-16 15:07 - 2012-10-08 20:00 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.minecraft

2014-12-16 15:01 - 2013-07-04 14:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-12-16 14:57 - 2014-02-23 16:47 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-12-16 14:48 - 2014-03-01 22:22 - 01189300 _____ () C:\Windows\WindowsUpdate.log

2014-12-16 14:44 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-12-16 14:44 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-12-16 14:35 - 2014-05-31 17:32 - 00074013 _____ () C:\Windows\setupact.log

2014-12-16 14:35 - 2014-02-23 16:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-12-16 14:35 - 2012-07-06 11:13 - 00000000 ____D () C:\ProgramData\clear.fi

2014-12-16 14:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-12-14 13:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2014-12-12 23:03 - 2012-12-26 17:25 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\TS3Client

2014-12-12 21:22 - 2012-08-23 16:00 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-12-12 21:13 - 2013-11-14 21:10 - 00000000 ____D () C:\Users\Computer\AppData\Local\Battle.net

2014-12-12 20:35 - 2013-11-14 21:35 - 00000000 ____D () C:\Program Files (x86)\Hearthstone

2014-12-12 20:35 - 2013-11-14 21:10 - 00000000 ____D () C:\Program Files (x86)\Battle.net

2014-12-12 16:41 - 2014-05-06 22:04 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-12-12 16:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-12-12 16:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat

2014-12-11 22:43 - 2013-09-14 11:12 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-12-11 22:43 - 2013-09-14 11:12 - 00000000 ____D () C:\Windows\system32\MRT

2014-12-11 21:29 - 2014-05-05 19:18 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO

2014-12-11 21:28 - 2014-05-06 14:42 - 00055142 _____ () C:\Windows\system32\Drivers\fvstore.dat

2014-12-11 21:27 - 2012-01-31 18:43 - 01008210 _____ () C:\Windows\system32\perfh007.dat

2014-12-11 21:27 - 2012-01-31 18:43 - 00313284 _____ () C:\Windows\system32\perfc007.dat

2014-12-11 17:45 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-12-11 17:41 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-12-11 17:40 - 2014-04-13 12:56 - 00000000 ____D () C:\Program Files (x86)\Origin Games

2014-12-11 17:40 - 2013-07-10 17:28 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive

2014-12-11 15:01 - 2013-07-04 14:12 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-12-11 15:01 - 2012-07-14 14:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-12-11 15:01 - 2011-10-14 04:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-12-09 01:20 - 2014-05-05 19:18 - 00354520 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll

2014-12-09 01:20 - 2014-05-05 19:18 - 00286424 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll

2014-12-09 01:20 - 2014-05-05 19:18 - 00045784 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll

2014-12-09 01:20 - 2014-05-05 19:18 - 00040664 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll

2014-12-09 01:20 - 2012-10-05 00:32 - 00792648 _____ (COMODO) C:\Windows\system32\Drivers\cmdGuard.sys

2014-12-09 01:20 - 2012-10-05 00:32 - 00437792 _____ (COMODO) C:\Windows\system32\guard64.dll

2014-12-09 01:20 - 2012-10-05 00:32 - 00352272 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll

2014-12-09 01:20 - 2012-10-05 00:32 - 00104608 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys

2014-12-09 01:20 - 2012-10-05 00:32 - 00045880 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys

2014-12-09 01:20 - 2012-10-05 00:32 - 00040736 _____ (COMODO) C:\Windows\system32\cmdcsr.dll

2014-12-09 01:20 - 2012-10-05 00:32 - 00020184 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys

2014-12-08 14:02 - 2009-07-14 06:13 - 01653366 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-12-08 13:57 - 2014-11-13 16:59 - 00000000 ____D () C:\Users\Computer\Desktop\sc-h320

2014-12-07 06:49 - 2014-05-19 18:12 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Tunngle

2014-12-07 06:49 - 2014-03-04 19:33 - 00000000 ____D () C:\Users\Computer\AppData\Local\Mozilla

2014-12-07 06:49 - 2013-11-14 21:10 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Battle.net

2014-12-07 06:49 - 2012-12-14 14:21 - 00000000 ____D () C:\Users\Computer\AppData\Local\Akamai

2014-12-07 06:49 - 2012-07-06 11:04 - 00000000 ____D () C:\Users\Computer\AppData\Local\PowerCinema

2014-12-07 06:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration

2014-12-07 06:48 - 2014-05-05 19:19 - 00000000 ____D () C:\Program Files (x86)\AdTrustMedia

2014-12-06 21:51 - 2012-07-06 11:04 - 00065376 _____ () C:\Users\Computer\AppData\Local\GDIPFONTCACHEV1.DAT

2014-12-06 21:50 - 2012-07-06 11:03 - 00000000 ____D () C:\Users\Computer

2014-12-05 18:46 - 2014-05-19 18:00 - 00000000 ____D () C:\Program Files\Wippien

2014-12-05 18:35 - 2014-04-07 18:16 - 00000000 ____D () C:\Users\Computer\AppData\Local\CrashDumps

2014-12-05 18:26 - 2014-05-19 18:00 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Wippien

2014-12-05 14:53 - 2014-06-21 23:45 - 00004098 _____ () C:\Windows\PFRO.log

2014-12-04 21:55 - 2014-05-09 16:48 - 00000000 ____D () C:\Users\Computer\AppData\Local\Windows Live

2014-12-04 21:34 - 2014-03-23 17:15 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Skype

2014-12-04 19:20 - 2014-02-25 16:00 - 00000000 ____D () C:\AdwCleaner

2014-12-04 19:02 - 2011-10-14 04:42 - 00000000 ____D () C:\Windows\sk

2014-12-04 18:27 - 2014-02-25 17:02 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-12-04 17:34 - 2013-12-31 22:19 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\vlc

2014-12-03 19:17 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini

2014-12-03 19:15 - 2014-02-25 18:54 - 00000000 ____D () C:\Windows\erdnt

2014-12-03 19:15 - 2009-07-14 03:34 - 82051072 _____ () C:\Windows\system32\config\software.bak

2014-12-03 19:15 - 2009-07-14 03:34 - 22282240 _____ () C:\Windows\system32\config\system.bak

2014-12-03 19:15 - 2009-07-14 03:34 - 02621440 _____ () C:\Windows\system32\config\default.bak

2014-12-03 19:15 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak

2014-12-03 19:15 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak

2014-12-03 19:01 - 2014-02-25 18:54 - 00000000 ____D () C:\Qoobox

2014-12-03 01:57 - 2014-08-21 14:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-12-03 01:55 - 2013-06-27 20:41 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\SoftGrid Client

2014-12-02 16:58 - 2014-06-09 19:59 - 380472941 _____ () C:\Windows\MEMORY.DMP

2014-12-02 16:58 - 2014-01-30 15:15 - 00000000 ____D () C:\Windows\Minidump

2014-11-28 09:13 - 2014-05-29 09:51 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll

2014-11-28 09:13 - 2013-04-16 16:14 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll

2014-11-28 09:13 - 2012-10-27 12:29 - 00000000 ____D () C:\Program Files (x86)\Comodo

2014-11-24 16:07 - 2011-10-14 04:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

2014-11-23 10:11 - 2012-07-07 13:04 - 00000000 ___RD () C:\Users\Computer\Desktop\Programme und Sonstiges

2014-11-23 10:11 - 2012-07-07 12:40 - 00000000 ____D () C:\Users\Computer\Desktop\Spiele
 

Some content of TEMP:

====================

C:\Users\Computer\AppData\Local\Temp\Quarantine.exe

C:\Users\Computer\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Computer\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-12-15 00:56
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01

Ran by Computer at 2014-12-16 15:48:17

Running from C:\Users\Computer\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)

Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)

Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden

Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)

Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)

Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)

Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)

Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)

Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden

Akamai NetSession Interface (HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)

Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden

Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )

Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )

Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - )

Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)

clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden

clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden

clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden

clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)

CodeBlocks (HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)

Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)

COMODO Internet Security (HKLM\...\{E62381A7-B1C1-4121-8262-84D38C77786C}) (Version: 5.12.55693.2551 - COMODO Security Solutions Inc.)

Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)

Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)

Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)

eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)

ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)

Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)

FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden

ffdshow (HKLM-x32\...\ffdshow) (Version: 20051221-gcc4.0.2-sse-x264.nl - Milan Cutka)

Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

gamelauncher-ps2-psg (HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 PSG) (Version:  - Sony Online Entertainment)

GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)

GeekBuddy (HKLM-x32\...\{79B9250E-3714-4877-A2B0-D6C1E93E471A}) (Version: 4.18.121 - Comodo Security Solutions Inc)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Happy Cloud Client (HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\HappyCloud) (Version: 1.342 - Happy Cloud, Inc.)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)

HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)

Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)

Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)

Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)

Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden

John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden

Nero CoverDesigner (HKLM-x32\...\{F1676432-361C-44EE-9596-24C1BB5608B8}) (Version: 12.0.00900 - Nero AG)

newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)

newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9 - )

NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)

NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden

Nuclear Coffee - VideoGet (HKLM-x32\...\VideoGet_is1) (Version: 2011 - Nuclear Coffee)

NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)

PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden

Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden

PrivDog (HKLM-x32\...\PrivDog) (Version: 2.2.0.14 - privdog.com)

Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)

ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)

Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13034_9 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.5.3.13034_9 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)

SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden

Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)

SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

System Requirements Lab CYRI (HKLM-x32\...\{E362724E-9320-4946-AF34-874E7B6B2927}) (Version: 6.0.7.0 - Husdawg, LLC)

System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)

TeamSpeak 3 Client (HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.23358 Beta - TeamViewer)

Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden

Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)

VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)

Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden

Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)

WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 

==================== Restore Points  =========================
 

11-12-2014 16:06:08 Geplanter Prüfpunkt

11-12-2014 16:41:47 Removed Path of Exile

11-12-2014 16:43:49 Removed BlueStacks Notification Center

11-12-2014 21:41:09 Windows Update
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 03:34 - 2014-12-03 19:17 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {0C084FA2-CD43-4C45-88D6-0C57E2CBA24B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)

Task: {10D30386-06F3-497E-AE30-73CA27AB7BB5} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)

Task: {1DB8E5EE-FFC1-4EB2-A01B-E685409A3136} - System32\Tasks\{0B1B33EA-9BE1-42D4-B1CB-F7EC353326C6} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.115/de/go/help.faq.installer?LastError=1618

Task: {1E2A9A5A-9C83-403D-AF2E-BB305D81DA39} - \DealPlyUpdate No Task File <==== ATTENTION

Task: {2B63B253-E2C9-415A-AA48-17B4D56389B9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {38BBBA3C-6D02-4D5F-A484-D8851762E8D5} - \Dealply No Task File <==== ATTENTION

Task: {4217E322-7B9B-4ECC-93EB-6BE9497E047F} - System32\Tasks\{09EE7E6D-41E9-4A55-B9F2-D38643665ED1} => pcalua.exe -a "C:\Users\Computer\Documents\CraftBukkit\Bukkit Operator Panel.exe" -d C:\Users\Computer\Documents\CraftBukkit

Task: {42FDFF01-33C9-4E77-A904-0D9AA9F112AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-23] (Google Inc.)

Task: {5C50CA41-D724-463D-A5F4-F6B6D39C999A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-23] (Google Inc.)

Task: {7E0D7E15-EDCA-470A-A964-82B9731D6095} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-08-09] (Acer)

Task: {7F0D1FF6-B74F-46C3-AAA6-AA88F1F5B9E5} - System32\Tasks\{83852D6E-2C73-43FD-BA7A-950DBDC1C2C1} => pcalua.exe -a C:\Users\Computer\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall

Task: {84784F2C-D488-47D0-8561-CF7CCAD8E4C2} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)

Task: {8E9D5B5B-A206-4734-8E33-7661A54E6801} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)

Task: {B1240CDE-9AE4-4990-9383-59F26284D3CE} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO)

Task: {B337389D-86D4-430D-B526-96A99D4A581E} - System32\Tasks\{D7D81865-C23F-47AF-B74D-25F90A0194C8} => pcalua.exe -a "C:\Program Files (x86)\GameforgeLive\Games\TUR_tru\Metin2\Installer_m2k-Mod.exe" -d "C:\Program Files (x86)\GameforgeLive\Games\TUR_tru\Metin2"

Task: {B94FD2F5-3B64-428A-A13E-844B8FA66B1A} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)

Task: {BD2B409E-0547-4C71-A3C4-4CE2A897ED4A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)

Task: {C6D85D27-103F-4B39-90A4-E1FCABD815EF} - System32\Tasks\{FF813ECD-F42B-42D8-AEBB-A5F1EF2E15F6} => pcalua.exe -a "C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\Uninstaller.exe"

Task: {CE7BA481-D6CC-45CF-99AF-07B4AAB46C84} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)

Task: {D6A35DB5-0DEF-4C0C-A902-75481AF16A56} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)

Task: {F62519F6-1A22-4C9A-ACA6-2188C39336D9} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-04-02 16:02 - 2014-03-04 15:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-04-02 16:11 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2011-10-14 04:57 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2012-08-24 18:23 - 2014-01-03 20:56 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2012-10-05 00:33 - 2013-04-15 18:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav

2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll

2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll

2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll

2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll

2014-10-16 16:44 - 2014-10-16 16:44 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll

2011-10-14 04:15 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

2014-02-23 16:49 - 2014-02-20 02:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll

2014-02-23 16:49 - 2014-02-20 02:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll

2014-02-23 16:49 - 2014-02-20 02:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll

2014-02-23 16:49 - 2014-02-20 02:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll

2014-02-23 16:49 - 2014-02-20 02:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll

2014-02-23 16:49 - 2014-02-20 02:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll

2014-02-23 16:49 - 2014-02-20 02:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Users\Computer\Downloads\OptiFine_1.7.10_L_A4.jar:$CmdZnID

AlternateDataStreams: C:\Users\Computer\Downloads\Tunngle_Setup_v5.0 (1).exe:$CmdTcID

AlternateDataStreams: C:\Users\Computer\Downloads\Tunngle_Setup_v5.0 (1).exe:$CmdZnID
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\Services: Hamachi2Svc => 2

MSCONFIG\Services: NAUpdate => 2

MSCONFIG\Services: NOBU => 2

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: Steam Client Service => 3

MSCONFIG\Services: TeamViewer8 => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe

MSCONFIG\startupreg: BrowserPlugInHelper => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe

MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Spotify => "C:\Users\Computer\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Computer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
 

========================= Accounts: ==========================
 

Administrator (S-1-5-21-1066331368-3135870475-817509354-500 - Administrator - Disabled)

ASPNET (S-1-5-21-1066331368-3135870475-817509354-1008 - Limited - Enabled)

Computer (S-1-5-21-1066331368-3135870475-817509354-1001 - Administrator - Enabled) => C:\Users\Computer

Gast (S-1-5-21-1066331368-3135870475-817509354-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1066331368-3135870475-817509354-1003 - Limited - Enabled)
 

==================== Faulty Device Manager Devices =============
 

Name: Ethernet-Controller

Description: Ethernet-Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft-Teredo-Tunneling-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: Microsoft-Adapter für Miniports virtueller WiFis

Description: Microsoft-Adapter für Miniports virtueller WiFis

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Hamachi Network Interface

Description: Hamachi Network Interface

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: LogMeIn, Inc.

Service: hamachi

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver
 

Name: WeOnlyDo Network Adapter 2.5

Description: WeOnlyDo Network Adapter 2.5

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: WeOnlyDo Network Provider

Service: wod0205

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (12/16/2014 02:35:52 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/15/2014 05:22:52 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Nur zur Information.

Fehler bei der Registrierung des Click-2-Run-Pakets.
 

Error: (12/15/2014 05:00:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/14/2014 09:20:46 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/13/2014 06:15:20 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Nur zur Information.

Error: Das Zeitlimit für den Vorgang wurde erreicht.

 ErrorCode: 14007(0x36b7).
 

Error: (12/13/2014 06:04:46 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/12/2014 11:46:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/12/2014 11:45:58 PM) (Source: NvStreamSvc) (EventID: 1) (User: )

Description: NvStreamSvcNvVAD initialization failed [6]
 

Error: (12/12/2014 11:45:58 PM) (Source: NvStreamSvc) (EventID: 1) (User: )

Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 

Error: (12/12/2014 11:45:58 PM) (Source: NvStreamSvc) (EventID: 1) (User: )

Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
 

System errors:

=============

Error: (12/16/2014 02:40:02 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 70. Der interne Fehlerstatus lautet: 105.
 

Error: (12/16/2014 02:35:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

CFRMD
 

Error: (12/16/2014 02:35:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 

%%126
 

Error: (12/15/2014 05:00:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

CFRMD
 

Error: (12/15/2014 05:00:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 

%%126
 

Error: (12/14/2014 09:20:41 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

CFRMD
 

Error: (12/14/2014 09:20:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 

%%126
 

Error: (12/13/2014 06:07:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (12/13/2014 06:07:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Rapid Storage Technology erreicht.
 

Error: (12/13/2014 06:04:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

CFRMD
 
 

Microsoft Office Sessions:

=========================

Error: (12/16/2014 02:35:52 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/15/2014 05:22:52 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Fehler bei der Registrierung des Click-2-Run-Pakets.
 

Error: (12/15/2014 05:00:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/14/2014 09:20:46 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/13/2014 06:15:20 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Das Zeitlimit für den Vorgang wurde erreicht.

 ErrorCode: 14007(0x36b7).
 

Error: (12/13/2014 06:04:46 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/12/2014 11:46:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/12/2014 11:45:58 PM) (Source: NvStreamSvc) (EventID: 1) (User: )

Description: NvStreamSvcNvVAD initialization failed [6]
 

Error: (12/12/2014 11:45:58 PM) (Source: NvStreamSvc) (EventID: 1) (User: )

Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 

Error: (12/12/2014 11:45:58 PM) (Source: NvStreamSvc) (EventID: 1) (User: )

Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz

Percentage of memory in use: 40%

Total physical RAM: 6509.86 MB

Available physical RAM: 3854.96 MB

Total Pagefile: 13017.9 MB

Available Pagefile: 9923.28 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: (Acer) (Fixed) (Total:447.66 GB) (Free:221.54 GB) NTFS

Drive e: (BALDURS_GATE_DARK_ALLIANCE_2) (CDROM) (Total:3.44 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8A52EBDC)

Partition 1: (Not Active) - (Size=18 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=447.7 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

AdwCleaner[S3]

Code:

# AdwCleaner v4.105 - Bericht erstellt am 18/12/2014 um 16:22:22

# Aktualisiert 08/12/2014 von Xplode

# Database : 2014-12-16.1 [Live]

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Benutzername : Computer - COMPUTER-PC

# Gestartet von : C:\Users\Computer\Desktop\AdwCleaner_4.105.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\AdTrustMedia

[#] Ordner Gelöscht : C:\Program Files (x86)\AdTrustMedia

Ordner Gelöscht : C:\Program Files\AdTrustMedia

Ordner Gelöscht : C:\Users\Computer\AppData\Local\AdTrustMedia

Datei Gelöscht : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage

Datei Gelöscht : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal

Datei Gelöscht : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
 

***** [ Tasks ] *****
 

Task Gelöscht : Dealply

Task Gelöscht : DealPlyUpdate
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [PrivDog@AdTrustMedia.com]

Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.17496
 
 

-\\ Mozilla Firefox v30.0 (de)
 

[5maq89ab.default\prefs.js] - Zeile gelöscht : user_pref("extensions.trusted-ads.ExLst", "{\"u\":{\"v\":\"1.70\",\"d\":\"032414\"},\"h\":{\"pogo.com\":{\"p\":[{\"e\":\"/.*/\",\"r\":[\"/connect\\\\.facebook\\\\.net\\\\/en_US\\\\/all\\\\.js$/i\"]}]}[...]

[5maq89ab.default\prefs.js] - Zeile gelöscht : user_pref("extensions.trusted-ads.list_api", "{\"r\":[\"hxxp://24x7homesecurity.com/\",\"hxxp://8tracks.com/\",\"hxxp://a1supplements.com/\",\"hxxp://aactionair.net/\",\"hxxp://abcnews.go.com/\",\"htt[...]
 

-\\ Google Chrome v33.0.1750.117
 
 

-\\ Chromium v
 
 

-\\ Comodo Dragon v36.1.1.21
 
 

*************************
 

AdwCleaner[R0].txt - [14590 octets] - [25/02/2014 16:00:33]

AdwCleaner[R1].txt - [940 octets] - [25/02/2014 16:14:04]

AdwCleaner[R2].txt - [1059 octets] - [25/02/2014 17:06:06]

AdwCleaner[R3].txt - [16982 octets] - [04/12/2014 18:02:15]

AdwCleaner[R4].txt - [2645 octets] - [18/12/2014 16:16:36]

AdwCleaner[S3].txt - [2580 octets] - [18/12/2014 16:22:22]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2640 octets] ##########

JRT

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.0 (11.29.2014:1)

OS: Windows 7 Home Premium x64

Ran by Computer on 18.12.2014 at 16:31:00,19

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\privdogservice
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 

~~~ FireFox
 

Successfully deleted the following from C:\Users\Computer\AppData\Roaming\mozilla\firefox\profiles\5maq89ab.default\prefs.js
 

user_pref("extensions.trusted-ads.TrustAd", "{\"r\":[{\"t\":\"FQDN\",\"r\":\"trustedads.adtrustmedia.com\",\"c\":[{\"i\":\"1\",\"s\":[\"display.clickpoint.com\",\"www.africawi

Emptied folder: C:\Users\Computer\AppData\Roaming\mozilla\firefox\profiles\5maq89ab.default\minidumps [4 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 18.12.2014 at 16:50:57,16

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014

Ran by Computer (administrator) on COMPUTER-PC on 18-12-2014 16:54:45

Running from C:\Users\Computer\Desktop

Loaded Profile: Computer (Available profiles: Computer)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Akamai Technologies, Inc.) C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(Akamai Technologies, Inc.) C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)

HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [combofix] => C:\ComboFix\CF17175.3XE /c C:\ComboFix\Combobatch.bat

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297112 2014-12-09] (COMODO)

HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)

HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)

HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1980416 2013-12-18] (Wondershare)

HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Computer\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)

HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)

AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)

AppInit_DLLs-x32:  c:\Windows\SysWOW64\guard32.dll => c:\Windows\SysWOW64\guard32.dll [352272 2014-12-09] (COMODO)

AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKU\S-1-5-21-1066331368-3135870475-817509354-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-1066331368-3135870475-817509354-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/

HKU\S-1-5-21-1066331368-3135870475-817509354-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 

FireFox:

========

FF ProfilePath: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\5maq89ab.default

FF NewTab: hxxp://www.google.com/

FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=

FF SearchEngineOrder.1: Google

FF SelectedSearchEngine: Google

FF Homepage: hxxp://www.google.com

FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()

FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1066331368-3135870475-817509354-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 

Chrome: 

=======

CHR Profile: C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-04]

CHR Extension: (Google Drive) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-04]

CHR Extension: (YouTube) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-04]

CHR Extension: (Google-Suche) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-04]

CHR Extension: (Google Wallet) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-23]

CHR Extension: (Google Mail) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-04]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-25] (Comodo Security Solutions, Inc.)

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-09] (COMODO)

S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-09] (COMODO)

R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)

R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4204272 2012-08-28] (INCA Internet Co., Ltd.) [File not signed]

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-03] ()

S2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

S3 AsyncMac; C:\Windows\SysWOW64\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation)

R1 cdrom; C:\Windows\SysWOW64\DRIVERS\cdrom.sys [147456 2010-11-21] (Microsoft Corporation)

S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-09-03] (Windows (R) Win 7 DDK provider) [File not signed]

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-09] (COMODO)

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2014-12-09] (COMODO)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-26] (DT Soft Ltd)

R3 hamachi; C:\Windows\System32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)

R3 intelppm; C:\Windows\SysWOW64\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-18] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

R0 NDIS; C:\Windows\SysWOW64\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)

R3 Ndisuio; C:\Windows\SysWOW64\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation)

R3 NDProxy; C:\Windows\SysWow64\Drivers\NDProxy.sys [57856 2010-11-21] (Microsoft Corporation)

R1 NetBIOS; C:\Windows\SysWOW64\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation)

R1 NetBT; C:\Windows\SysWOW64\DRIVERS\netbt.sys [261632 2010-11-21] (Microsoft Corporation)

R1 Null; C:\Windows\SysWow64\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [136192 2013-04-03] (MCCI Corporation)

S3 ssm_mdfl; C:\Windows\System32\DRIVERS\ssm_mdfl.sys [18944 2013-04-03] (MCCI Corporation)

S3 ssm_mdm; C:\Windows\System32\DRIVERS\ssm_mdm.sys [172032 2013-04-03] (MCCI Corporation)

S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-07] (Anchorfree Inc.)

R0 Tcpip; C:\Windows\SysWOW64\drivers\tcpip.sys [1897408 2013-11-26] (Microsoft Corporation)

S3 TCPIP6; C:\Windows\SysWOW64\DRIVERS\tcpip.sys [1897408 2013-11-26] (Microsoft Corporation)

R1 tdx; C:\Windows\SysWOW64\DRIVERS\tdx.sys [119296 2010-11-21] (Microsoft Corporation)

S3 wod0205; C:\Windows\System32\DRIVERS\wod0205.sys [33160 2011-04-23] (WeOnlyDo Software)

S3 b57xdbd; system32\DRIVERS\b57xdbd.sys [X]

S3 b57xdmp; system32\DRIVERS\b57xdmp.sys [X]

S3 bScsiMSa; system32\DRIVERS\bScsiMSa.sys [X]

S3 bScsiSDa; system32\DRIVERS\bScsiSDa.sys [X]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 EuMusDesignVirtualAudioCableWdm; system32\DRIVERS\vrtaucbl.sys [X]

S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]

S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]

S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]

S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]

S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]

S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]

S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]

S3 usj; \??\C:\AeriaGames\EdenEternal\avital\ussjcs64.sys [X]

S3 zbrk; \??\C:\Program Files (x86)\ZombiRock\bin\avital\zbrc64.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 

NETSVCx32: AppInfo -> C:\Windows\SysWOW64\appinfo.dll ==> No File.

NETSVCx32: browser -> C:\Windows\SysWOW64\browser.dll ==> No File.

NETSVCx32: EapHost -> C:\Windows\SysWOW64\eapsvc.dll ==> No File.

NETSVCx32: hkmsvc -> C:\Windows\SysWOW64\kmsvc.dll ==> No File.

NETSVCx32: IKEEXT -> C:\Windows\SysWOW64\ikeext.dll ==> No File.

NETSVCx32: MMCSS -> C:\Windows\SysWOW64\mmcss.dll ==> No File.

NETSVCx32: ProfSvc -> C:\Windows\SysWOW64\profsvc.dll ==> No File.

NETSVCx32: seclogon -> %windir%\SysWOW64\seclogon.dll ==> No File.

NETSVCx32: wercplsupport -> C:\Windows\SysWOW64\wercplsupport.dll ==> No File.

NETSVCx32: BDESVC -> C:\Windows\SysWOW64\bdesvc.dll ==> No File.
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-12-18 16:54 - 2014-12-18 16:55 - 00022457 _____ () C:\Users\Computer\Desktop\FRST.txt

2014-12-18 16:50 - 2014-12-18 16:50 - 00001260 _____ () C:\Users\Computer\Desktop\JRT.txt

2014-12-18 16:30 - 2014-12-18 16:30 - 00000000 ____D () C:\Windows\ERUNT

2014-12-18 16:28 - 2014-12-18 16:28 - 01707646 _____ (Thisisu) C:\Users\Computer\Desktop\JRT.exe

2014-12-18 16:22 - 2014-12-18 16:22 - 00002728 _____ () C:\Users\Computer\Desktop\AdwCleaner[S3].txt

2014-12-16 19:59 - 2014-12-16 19:59 - 00000000 _____ () C:\Users\Computer\Desktop\Neues Textdokument.txt

2014-12-16 16:43 - 2014-12-16 16:43 - 02166272 _____ () C:\Users\Computer\Desktop\AdwCleaner_4.105.exe

2014-12-16 15:47 - 2014-12-18 16:54 - 00000000 ____D () C:\Users\Computer\Desktop\FRST-OlderVersion

2014-12-16 15:11 - 2014-12-16 20:04 - 00117070 _____ () C:\Users\Computer\Downloads\OptiFine_1.7.10_L_A4.jar

2014-12-12 22:55 - 2014-12-12 22:56 - 04501720 _____ (Tunngle.net GmbH ) C:\Users\Computer\Downloads\Tunngle_Setup_v5.0 (1).exe

2014-12-12 16:41 - 2014-12-12 16:41 - 00000000 ____D () C:\Windows\system32\appraiser

2014-12-11 22:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2014-12-11 22:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2014-12-11 14:43 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-12-11 14:43 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-12-11 14:43 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-12-11 14:43 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-12-11 14:43 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-12-11 14:43 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-12-11 14:43 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-12-11 14:43 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-12-11 14:43 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-12-11 14:43 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-12-11 14:43 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-12-11 14:43 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-12-11 14:43 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-12-11 14:43 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-12-11 14:43 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-12-11 14:43 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-12-11 14:43 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-12-11 14:43 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-12-11 14:43 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-12-11 14:43 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-12-11 14:43 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-12-11 14:43 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-12-11 14:43 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-12-11 14:43 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-12-11 14:43 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-12-11 14:43 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-12-11 14:43 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-12-11 14:43 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-12-11 14:43 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-12-11 14:43 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-12-11 14:43 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-12-11 14:43 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-12-11 14:43 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-12-11 14:43 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-12-11 14:43 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-12-11 14:43 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-12-11 14:43 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-12-11 14:43 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-12-11 14:43 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-12-11 14:43 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-12-11 14:43 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-12-11 14:43 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-12-11 14:43 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-12-11 14:43 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-12-11 14:43 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-12-11 14:43 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-12-11 14:43 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-12-11 14:43 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-12-11 14:43 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-12-11 14:43 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-12-11 14:43 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-12-11 14:43 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-12-11 14:43 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-12-11 14:43 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-12-11 14:43 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-12-11 14:43 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-12-11 14:41 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2014-12-11 14:41 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-12-11 14:41 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2014-12-11 14:38 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-12-11 14:38 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-12-11 14:38 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2014-12-11 14:38 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe

2014-12-11 14:38 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe

2014-12-11 14:38 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll

2014-12-11 14:38 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll

2014-12-11 14:38 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll

2014-12-11 14:38 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll

2014-12-11 14:38 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe

2014-12-11 14:38 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll

2014-12-11 14:38 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll

2014-12-11 14:38 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll

2014-12-11 14:38 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll

2014-12-11 14:38 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

2014-12-11 14:37 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-12-11 14:37 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-12-08 12:59 - 2014-12-08 12:59 - 03161056 _____ (Piriform Ltd) C:\Users\Computer\Downloads\rcsetup151_slim.exe

2014-12-08 12:59 - 2014-12-08 12:59 - 00001662 _____ () C:\Users\Public\Desktop\Recuva.lnk

2014-12-05 18:49 - 2014-12-07 06:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle

2014-12-05 18:49 - 2014-12-07 06:49 - 00000000 ____D () C:\Program Files (x86)\Tunngle

2014-12-05 18:49 - 2014-12-06 01:34 - 00000000 ____D () C:\ProgramData\Tunngle

2014-12-05 18:49 - 2014-12-05 18:49 - 00000000 ____D () C:\Users\Public\Documents\Tunngle

2014-12-05 18:47 - 2014-12-05 18:47 - 04501720 _____ (Tunngle.net GmbH ) C:\Users\Computer\Downloads\Tunngle_Setup_v5.0.exe

2014-12-05 18:35 - 2014-12-05 18:35 - 00651067 _____ () C:\Users\Computer\Downloads\MiniVPN.zip

2014-12-05 18:12 - 2014-12-05 18:13 - 02133688 _____ ( ) C:\Users\Computer\Downloads\WippienInst.exe

2014-12-05 14:54 - 2014-12-18 16:23 - 00051969 _____ () C:\Windows\SysWOW64\debug.log

2014-12-04 22:36 - 2014-12-04 22:36 - 00000000 _____ () C:\Windows\SysWOW64\shoE61D.tmp

2014-12-04 22:30 - 2014-12-04 22:30 - 00000000 ____D () C:\ProgramData\LogMeIn

2014-12-04 22:18 - 2014-12-04 22:18 - 00000000 ____D () C:\Users\Computer\AppData\Local\LogMeInIgnition

2014-12-04 22:16 - 2014-12-04 22:16 - 00001024 _____ () C:\.rnd

2014-12-04 22:13 - 2014-12-04 22:14 - 26279936 _____ () C:\Users\Computer\Downloads\LogMeIn.msi

2014-12-04 19:27 - 2014-12-04 19:27 - 00000000 ____D () C:\zoek_backup

2014-12-04 19:22 - 2014-12-04 19:23 - 01295360 _____ () C:\Users\Computer\Desktop\zoek.exe

2014-12-04 18:28 - 2014-12-18 16:23 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-12-04 18:27 - 2014-12-04 18:27 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-12-04 18:27 - 2014-12-04 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-12-04 18:27 - 2014-12-04 18:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-12-04 18:27 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-12-04 18:27 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-12-04 18:27 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-12-04 18:23 - 2014-12-04 18:24 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Computer\Desktop\mbam-setup-2.0.4.1028.exe

2014-12-03 20:14 - 2014-12-03 20:30 - 00000000 ___SD () C:\32788R22FWJFW

2014-12-03 18:56 - 2014-12-03 18:56 - 05600127 ____R (Swearware) C:\Users\Computer\Desktop\ComboFix.exe

2014-12-02 19:15 - 2014-12-18 16:54 - 02121216 _____ (Farbar) C:\Users\Computer\Desktop\FRST64.exe

2014-12-02 16:58 - 2014-12-02 16:58 - 00262144 _____ () C:\Windows\Minidump\120214-26941-01.dmp

2014-11-26 14:00 - 2014-12-08 13:37 - 00000000 ____D () C:\Users\Computer\Desktop\Kurdi - Tirki

2014-11-26 13:52 - 2014-12-08 13:58 - 00000000 ____D () C:\Users\Computer\Desktop\Deutsch - Englisch

2014-11-24 14:19 - 2014-11-24 14:20 - 00000000 ____D () C:\Users\Computer\Desktop\Neuer Ordner (3)

2014-11-23 00:34 - 2014-11-23 00:34 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\java

2014-11-19 12:45 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-11-19 12:45 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll

2014-11-19 12:45 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-11-19 12:45 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-12-18 16:54 - 2014-02-25 18:24 - 00000000 ____D () C:\FRST

2014-12-18 16:53 - 2012-10-27 12:30 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat

2014-12-18 16:32 - 2014-03-01 22:22 - 01257492 _____ () C:\Windows\WindowsUpdate.log

2014-12-18 16:32 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-12-18 16:32 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-12-18 16:27 - 2014-02-25 16:00 - 00000000 ____D () C:\AdwCleaner

2014-12-18 16:23 - 2014-06-21 23:45 - 00004412 _____ () C:\Windows\PFRO.log

2014-12-18 16:23 - 2014-05-31 17:32 - 00074853 _____ () C:\Windows\setupact.log

2014-12-18 16:23 - 2014-02-23 16:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-12-18 16:23 - 2012-07-06 11:13 - 00000000 ____D () C:\ProgramData\clear.fi

2014-12-18 16:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-12-18 16:01 - 2013-07-04 14:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-12-18 15:58 - 2014-02-23 16:47 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-12-16 20:11 - 2012-10-08 20:00 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\.minecraft

2014-12-16 19:06 - 2014-05-25 16:07 - 00000000 ____D () C:\Program Files\Recuva

2014-12-16 16:42 - 2013-11-14 21:10 - 00000000 ____D () C:\Users\Computer\AppData\Local\Battle.net

2014-12-16 16:18 - 2013-11-14 21:10 - 00000000 ____D () C:\Program Files (x86)\Battle.net

2014-12-14 13:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2014-12-12 23:03 - 2012-12-26 17:25 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\TS3Client

2014-12-12 21:22 - 2012-08-23 16:00 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-12-12 20:35 - 2013-11-14 21:35 - 00000000 ____D () C:\Program Files (x86)\Hearthstone

2014-12-12 16:41 - 2014-05-06 22:04 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-12-12 16:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-12-12 16:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat

2014-12-11 22:43 - 2013-09-14 11:12 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-12-11 22:43 - 2013-09-14 11:12 - 00000000 ____D () C:\Windows\system32\MRT

2014-12-11 21:29 - 2014-05-05 19:18 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO

2014-12-11 21:28 - 2014-05-06 14:42 - 00055142 _____ () C:\Windows\system32\Drivers\fvstore.dat

2014-12-11 21:27 - 2012-01-31 18:43 - 01008210 _____ () C:\Windows\system32\perfh007.dat

2014-12-11 21:27 - 2012-01-31 18:43 - 00313284 _____ () C:\Windows\system32\perfc007.dat

2014-12-11 17:45 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-12-11 17:41 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-12-11 17:40 - 2014-04-13 12:56 - 00000000 ____D () C:\Program Files (x86)\Origin Games

2014-12-11 17:40 - 2013-07-10 17:28 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive

2014-12-11 15:01 - 2013-07-04 14:12 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-12-11 15:01 - 2012-07-14 14:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-12-11 15:01 - 2011-10-14 04:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-12-09 01:20 - 2014-05-05 19:18 - 00354520 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll

2014-12-09 01:20 - 2014-05-05 19:18 - 00286424 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll

2014-12-09 01:20 - 2014-05-05 19:18 - 00045784 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll

2014-12-09 01:20 - 2014-05-05 19:18 - 00040664 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll

2014-12-09 01:20 - 2012-10-05 00:32 - 00792648 _____ (COMODO) C:\Windows\system32\Drivers\cmdGuard.sys

2014-12-09 01:20 - 2012-10-05 00:32 - 00437792 _____ (COMODO) C:\Windows\system32\guard64.dll

2014-12-09 01:20 - 2012-10-05 00:32 - 00352272 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll

2014-12-09 01:20 - 2012-10-05 00:32 - 00104608 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys

2014-12-09 01:20 - 2012-10-05 00:32 - 00045880 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys

2014-12-09 01:20 - 2012-10-05 00:32 - 00040736 _____ (COMODO) C:\Windows\system32\cmdcsr.dll

2014-12-09 01:20 - 2012-10-05 00:32 - 00020184 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys

2014-12-08 14:02 - 2009-07-14 06:13 - 01653366 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-12-08 13:57 - 2014-11-13 16:59 - 00000000 ____D () C:\Users\Computer\Desktop\sc-h320

2014-12-07 06:49 - 2014-05-19 18:12 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Tunngle

2014-12-07 06:49 - 2014-03-04 19:33 - 00000000 ____D () C:\Users\Computer\AppData\Local\Mozilla

2014-12-07 06:49 - 2013-11-14 21:10 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Battle.net

2014-12-07 06:49 - 2012-12-14 14:21 - 00000000 ____D () C:\Users\Computer\AppData\Local\Akamai

2014-12-07 06:49 - 2012-07-06 11:04 - 00000000 ____D () C:\Users\Computer\AppData\Local\PowerCinema

2014-12-07 06:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration

2014-12-06 21:51 - 2012-07-06 11:04 - 00065376 _____ () C:\Users\Computer\AppData\Local\GDIPFONTCACHEV1.DAT

2014-12-06 21:50 - 2012-07-06 11:03 - 00000000 ____D () C:\Users\Computer

2014-12-05 18:46 - 2014-05-19 18:00 - 00000000 ____D () C:\Program Files\Wippien

2014-12-05 18:35 - 2014-04-07 18:16 - 00000000 ____D () C:\Users\Computer\AppData\Local\CrashDumps

2014-12-05 18:26 - 2014-05-19 18:00 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Wippien

2014-12-04 21:55 - 2014-05-09 16:48 - 00000000 ____D () C:\Users\Computer\AppData\Local\Windows Live

2014-12-04 21:34 - 2014-03-23 17:15 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Skype

2014-12-04 19:02 - 2011-10-14 04:42 - 00000000 ____D () C:\Windows\sk

2014-12-04 18:27 - 2014-02-25 17:02 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-12-04 17:34 - 2013-12-31 22:19 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\vlc

2014-12-03 19:17 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini

2014-12-03 19:15 - 2014-02-25 18:54 - 00000000 ____D () C:\Windows\erdnt

2014-12-03 19:15 - 2009-07-14 03:34 - 82051072 _____ () C:\Windows\system32\config\software.bak

2014-12-03 19:15 - 2009-07-14 03:34 - 22282240 _____ () C:\Windows\system32\config\system.bak

2014-12-03 19:15 - 2009-07-14 03:34 - 02621440 _____ () C:\Windows\system32\config\default.bak

2014-12-03 19:15 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak

2014-12-03 19:15 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak

2014-12-03 19:01 - 2014-02-25 18:54 - 00000000 ____D () C:\Qoobox

2014-12-03 01:57 - 2014-08-21 14:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-12-03 01:55 - 2013-06-27 20:41 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\SoftGrid Client

2014-12-02 16:58 - 2014-06-09 19:59 - 380472941 _____ () C:\Windows\MEMORY.DMP

2014-12-02 16:58 - 2014-01-30 15:15 - 00000000 ____D () C:\Windows\Minidump

2014-11-28 09:13 - 2014-05-29 09:51 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll

2014-11-28 09:13 - 2013-04-16 16:14 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll

2014-11-28 09:13 - 2012-10-27 12:29 - 00000000 ____D () C:\Program Files (x86)\Comodo

2014-11-24 16:07 - 2011-10-14 04:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

2014-11-23 10:11 - 2012-07-07 13:04 - 00000000 ___RD () C:\Users\Computer\Desktop\Programme und Sonstiges

2014-11-23 10:11 - 2012-07-07 12:40 - 00000000 ____D () C:\Users\Computer\Desktop\Spiele
 

Some content of TEMP:

====================

C:\Users\Computer\AppData\Local\Temp\Quarantine.exe

C:\Users\Computer\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Computer\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-12-15 00:56
 

==================== End Of Log ============================

--- --- ---

Addition

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014

Ran by Computer at 2014-12-18 16:55:44

Running from C:\Users\Computer\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)

Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)

Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden

Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)

Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)

Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)

Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)

Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)

Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden

Akamai NetSession Interface (HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)

Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden

Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )

Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )

Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - )

Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)

clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden

clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden

clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden

clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)

CodeBlocks (HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)

Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)

COMODO Internet Security (HKLM\...\{E62381A7-B1C1-4121-8262-84D38C77786C}) (Version: 5.12.55693.2551 - COMODO Security Solutions Inc.)

Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)

Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)

Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)

eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)

ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)

Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)

FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden

ffdshow (HKLM-x32\...\ffdshow) (Version: 20051221-gcc4.0.2-sse-x264.nl - Milan Cutka)

Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

gamelauncher-ps2-psg (HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 PSG) (Version:  - Sony Online Entertainment)

GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)

GeekBuddy (HKLM-x32\...\{79B9250E-3714-4877-A2B0-D6C1E93E471A}) (Version: 4.18.121 - Comodo Security Solutions Inc)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Happy Cloud Client (HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\HappyCloud) (Version: 1.342 - Happy Cloud, Inc.)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)

HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)

Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)

Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)

Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)

Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden

John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden

Nero CoverDesigner (HKLM-x32\...\{F1676432-361C-44EE-9596-24C1BB5608B8}) (Version: 12.0.00900 - Nero AG)

newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)

newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9 - )

NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)

NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden

Nuclear Coffee - VideoGet (HKLM-x32\...\VideoGet_is1) (Version: 2011 - Nuclear Coffee)

NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)

PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden

Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden

PrivDog (HKLM-x32\...\PrivDog) (Version: 2.2.0.14 - privdog.com)

Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)

ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)

Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13034_9 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.5.3.13034_9 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)

SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden

Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)

SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

System Requirements Lab CYRI (HKLM-x32\...\{E362724E-9320-4946-AF34-874E7B6B2927}) (Version: 6.0.7.0 - Husdawg, LLC)

System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)

TeamSpeak 3 Client (HKU\S-1-5-21-1066331368-3135870475-817509354-1001\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.23358 Beta - TeamViewer)

Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden

Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)

VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)

Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden

Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)

WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 

==================== Restore Points  =========================
 

11-12-2014 17:06:08 Geplanter Prüfpunkt

11-12-2014 17:41:47 Removed Path of Exile

11-12-2014 17:43:49 Removed BlueStacks Notification Center

11-12-2014 22:41:09 Windows Update
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 03:34 - 2014-12-03 19:17 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {0C084FA2-CD43-4C45-88D6-0C57E2CBA24B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)

Task: {10D30386-06F3-497E-AE30-73CA27AB7BB5} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)

Task: {1DB8E5EE-FFC1-4EB2-A01B-E685409A3136} - System32\Tasks\{0B1B33EA-9BE1-42D4-B1CB-F7EC353326C6} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.115/de/go/help.faq.installer?LastError=1618

Task: {1E2A9A5A-9C83-403D-AF2E-BB305D81DA39} - \DealPlyUpdate No Task File <==== ATTENTION

Task: {2B63B253-E2C9-415A-AA48-17B4D56389B9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {38BBBA3C-6D02-4D5F-A484-D8851762E8D5} - \Dealply No Task File <==== ATTENTION

Task: {4217E322-7B9B-4ECC-93EB-6BE9497E047F} - System32\Tasks\{09EE7E6D-41E9-4A55-B9F2-D38643665ED1} => pcalua.exe -a "C:\Users\Computer\Documents\CraftBukkit\Bukkit Operator Panel.exe" -d C:\Users\Computer\Documents\CraftBukkit

Task: {42FDFF01-33C9-4E77-A904-0D9AA9F112AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-23] (Google Inc.)

Task: {5C50CA41-D724-463D-A5F4-F6B6D39C999A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-23] (Google Inc.)

Task: {7E0D7E15-EDCA-470A-A964-82B9731D6095} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-08-09] (Acer)

Task: {7F0D1FF6-B74F-46C3-AAA6-AA88F1F5B9E5} - System32\Tasks\{83852D6E-2C73-43FD-BA7A-950DBDC1C2C1} => pcalua.exe -a C:\Users\Computer\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe -c /uninstall

Task: {84784F2C-D488-47D0-8561-CF7CCAD8E4C2} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)

Task: {8E9D5B5B-A206-4734-8E33-7661A54E6801} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)

Task: {B1240CDE-9AE4-4990-9383-59F26284D3CE} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO)

Task: {B337389D-86D4-430D-B526-96A99D4A581E} - System32\Tasks\{D7D81865-C23F-47AF-B74D-25F90A0194C8} => pcalua.exe -a "C:\Program Files (x86)\GameforgeLive\Games\TUR_tru\Metin2\Installer_m2k-Mod.exe" -d "C:\Program Files (x86)\GameforgeLive\Games\TUR_tru\Metin2"

Task: {B94FD2F5-3B64-428A-A13E-844B8FA66B1A} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)

Task: {BD2B409E-0547-4C71-A3C4-4CE2A897ED4A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)

Task: {C6D85D27-103F-4B39-90A4-E1FCABD815EF} - System32\Tasks\{FF813ECD-F42B-42D8-AEBB-A5F1EF2E15F6} => pcalua.exe -a "C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\Uninstaller.exe"

Task: {CE7BA481-D6CC-45CF-99AF-07B4AAB46C84} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)

Task: {D6A35DB5-0DEF-4C0C-A902-75481AF16A56} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)

Task: {F62519F6-1A22-4C9A-ACA6-2188C39336D9} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-04-02 16:02 - 2014-03-04 15:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-04-02 16:11 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2011-10-14 04:57 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2012-08-24 18:23 - 2014-01-03 20:56 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2012-10-05 00:33 - 2013-04-15 18:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav

2011-02-09 01:56 - 2011-02-09 01:56 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll

2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll

2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll

2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll

2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll

2014-10-16 16:44 - 2014-10-16 16:44 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll

2011-10-14 04:15 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

2014-02-23 16:49 - 2014-02-20 02:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll

2014-02-23 16:49 - 2014-02-20 02:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll

2014-02-23 16:49 - 2014-02-20 02:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll

2014-02-23 16:49 - 2014-02-20 02:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll

2014-02-23 16:49 - 2014-02-20 02:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll

2014-02-23 16:49 - 2014-02-20 02:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll

2014-02-23 16:49 - 2014-02-20 02:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Users\Computer\Desktop\AdwCleaner_4.105.exe:$CmdTcID

AlternateDataStreams: C:\Users\Computer\Desktop\AdwCleaner_4.105.exe:$CmdZnID

AlternateDataStreams: C:\Users\Computer\Desktop\JRT.exe:$CmdTcID

AlternateDataStreams: C:\Users\Computer\Desktop\JRT.exe:$CmdZnID

AlternateDataStreams: C:\Users\Computer\Downloads\Tunngle_Setup_v5.0 (1).exe:$CmdTcID

AlternateDataStreams: C:\Users\Computer\Downloads\Tunngle_Setup_v5.0 (1).exe:$CmdZnID

AlternateDataStreams: C:\Users\Computer\Downloads\Vertragskuendigung.pdf:$CmdZnID
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\Services: Hamachi2Svc => 2

MSCONFIG\Services: NAUpdate => 2

MSCONFIG\Services: NOBU => 2

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: Steam Client Service => 3

MSCONFIG\Services: TeamViewer8 => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe

MSCONFIG\startupreg: BrowserPlugInHelper => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe

MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Spotify => "C:\Users\Computer\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Computer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
 

========================= Accounts: ==========================
 

Administrator (S-1-5-21-1066331368-3135870475-817509354-500 - Administrator - Disabled)

ASPNET (S-1-5-21-1066331368-3135870475-817509354-1008 - Limited - Enabled)

Computer (S-1-5-21-1066331368-3135870475-817509354-1001 - Administrator - Enabled) => C:\Users\Computer

Gast (S-1-5-21-1066331368-3135870475-817509354-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1066331368-3135870475-817509354-1003 - Limited - Enabled)
 

==================== Faulty Device Manager Devices =============
 

Name: Ethernet-Controller

Description: Ethernet-Controller

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft-Teredo-Tunneling-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 

Name: Microsoft-Adapter für Miniports virtueller WiFis

Description: Microsoft-Adapter für Miniports virtueller WiFis

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: Hamachi Network Interface

Description: Hamachi Network Interface

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: LogMeIn, Inc.

Service: hamachi

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver
 

Name: WeOnlyDo Network Adapter 2.5

Description: WeOnlyDo Network Adapter 2.5

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: WeOnlyDo Network Provider

Service: wod0205

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================
 

System errors:

=============
 

Microsoft Office Sessions:

=========================
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz

Percentage of memory in use: 37%

Total physical RAM: 6509.86 MB

Available physical RAM: 4071.34 MB

Total Pagefile: 13017.9 MB

Available Pagefile: 10101.97 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: (Acer) (Fixed) (Total:447.66 GB) (Free:220.85 GB) NTFS

Drive e: (BALDURS_GATE_DARK_ALLIANCE_2) (CDROM) (Total:3.44 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8A52EBDC)

Partition 1: (Not Active) - (Size=18 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=447.7 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================