Revo fand alles bis auf Caramava, LPT Sstem Updater Service und PC Speed Up, weshalb ich diese nicht deinstallieren konnte. Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 20.12.2014
Suchlauf-Zeit: 14:28:18
Logdatei:
Administrator: Ja
Version: 2.00.4.1028
Malware Datenbank: v2014.12.20.01
Rootkit Datenbank: v2014.12.14.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Pk
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 362008
Verstrichene Zeit: 30 Min, 7 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 57
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [fa1781e4ccb0102659e156b7ac578779],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [fa1781e4ccb0102659e156b7ac578779],
PUP.Optional.Caramava.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f0913486-1b23-46b2-a8ad-dbfc98421f73}, In Quarantäne, [b0617beaf488a4929ac2cf089b678d73],
PUP.Optional.Caramava.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{BC97FB79-D445-4222-83E2-4D6638804806}, In Quarantäne, [b0617beaf488a4929ac2cf089b678d73],
PUP.Optional.Caramava.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F75432CE-D1E0-42B0-BC6F-1DD84781CFCA}, In Quarantäne, [b0617beaf488a4929ac2cf089b678d73],
PUP.Optional.Caramava.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F75432CE-D1E0-42B0-BC6F-1DD84781CFCA}, In Quarantäne, [b0617beaf488a4929ac2cf089b678d73],
PUP.Optional.Caramava.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{BC97FB79-D445-4222-83E2-4D6638804806}, In Quarantäne, [b0617beaf488a4929ac2cf089b678d73],
PUP.Optional.Caramava.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F0913486-1B23-46B2-A8AD-DBFC98421F73}, In Quarantäne, [b0617beaf488a4929ac2cf089b678d73],
PUP.Optional.Caramava.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F0913486-1B23-46B2-A8AD-DBFC98421F73}, In Quarantäne, [b0617beaf488a4929ac2cf089b678d73],
PUP.Optional.Caramava.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F0913486-1B23-46B2-A8AD-DBFC98421F73}, In Quarantäne, [b0617beaf488a4929ac2cf089b678d73],
PUP.Optional.Snapdo.T, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [967bb1b4ed8f092d5d4140d030d31fe1],
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [967bb1b4ed8f092d5d4140d030d31fe1],
PUP.Optional.VBates, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, In Quarantäne, [020f8dd8b5c70d291d8c6079a55d60a0],
PUP.Optional.Caramava.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Caramava, In Quarantäne, [040dafb60e6e1e18b41d523c3cc79967],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\Speedchecker Limited, In Quarantäne, [59b8630235470a2ccdfd2e28996adc24],
PUP.Optional.VbatesHelper.A, HKLM\SOFTWARE\V-bates, In Quarantäne, [c8492c3964180b2b1a9536631ee51ee2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, In Quarantäne, [d63b4d18b9c342f47376c2c93ec58a76],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, In Quarantäne, [1cf5cb9a6c10d3639f4ad1ba05fe2cd4],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [ed2488dd5a22bd79300cc30fa95bda26],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [d63b67fe58241e1893a8c111996b21df],
PUP.Optional.Caramava.A, HKLM\SOFTWARE\WOW6432NODE\Caramava, In Quarantäne, [bd54d29389f304326073078752b1bc44],
PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Speedchecker Limited, In Quarantäne, [59b82b3ae39910265b6f183eab58b44c],
PUP.Optional.VbatesHelper.A, HKLM\SOFTWARE\WOW6432NODE\V-bates, In Quarantäne, [69a8f17492ead85eb8f70d8c19ea37c9],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, In Quarantäne, [47ca83e25725300614082a4720e38a76],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\20891, In Quarantäne, [41d05411b7c5e94de7021873b15201ff],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21836, In Quarantäne, [cc456ef7ccb011256386cac1867d09f7],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [f81970f59fdd0f278889f0e109fbc838],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [b75ae481710bb680e230d7fa05ffac54],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, In Quarantäne, [6ba6a8bd720a3cfa8a57c4ae7a8933cd],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [759c6cf9aad2c175da5bfb78fd067e82],
PUP.Optional.GeForce.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force, In Quarantäne, [937ec0a5ed8f63d3d73c22ad877d847c],
PUP.Optional.Caramava.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Caramava, In Quarantäne, [5db4164f4d2f47efe2f092fc0ef5cf31],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [3ed387de8defbe78cf8ea22053b120e0],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force, In Quarantäne, [50c1a9bcd5a78da94bc8547bf410a858],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\20891, In Quarantäne, [e42d461f9ddf48ee42b4501481825da3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21836, In Quarantäne, [63ae194c6c10f640d62014500df65ba5],
PUP.Optional.iWebar.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\iWebar, In Quarantäne, [b25fa5c02e4e999dbe341183f40f23dd],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Object Browser, In Quarantäne, [749d99cc2953d066b08daf1458ac6799],
PUP.Optional.ShoppingHelper.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, In Quarantäne, [68a92441f7859d991064f5da32d211ef],
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, In Quarantäne, [9d746500cfad56e06a62c0f321e323dd],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [15fc34312d4fa98d42f21360ce3529d7],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [2ae75c091666a591caa5205c60a56b95],
PUP.Optional.ShopperPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [2ae75c091666a591caa5205c60a56b95],
Registrierungswerte: 9
PUP.Optional.VBates, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, In Quarantäne, [020f8dd8b5c70d291d8c6079a55d60a0]
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, In Quarantäne, [020f8dd8b5c70d291d8c6079a55d60a0]
PUP.Optional.VBates, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, In Quarantäne, [45cc4b1a4834ec4a7039954448ba51af],
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, In Quarantäne, [45cc9fc6710bcd69f0b9637611f10000],
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [40d13233cab2e650ee941e4946bdc63a]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantäne, [47ca83e25725300614082a4720e38a76]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [28e96df81d5fb77f8002a4c310f331cf]
PUP.Optional.Snapdo.T, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [88891451b8c4d66077a6afc2d42f827e]
PUP.Optional.ShoppingHelper.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, ShoppingHelper, In Quarantäne, [68a92441f7859d991064f5da32d211ef]
Registrierungsdaten: 7
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsI,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsI,&q={searchTerms}),Ersetzt,[4cc5b5b0f488ec4ae038e88243c2d729]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsU,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsU,&q={searchTerms}),Ersetzt,[37dae184d0ac979f69b24c1e9174a957]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kTAeo-yisldtUXwYZM4gk781H07MAE8GscmBuBf3AobnTPL3xS6USzQr3hdsNc,, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kTAeo-yisldtUXwYZM4gk781H07MAE8GscmBuBf3AobnTPL3xS6USzQr3hdsNc,),Ersetzt,[4dc476ef91eb290dd5474c1edb2acd33]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsU,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsU,&q={searchTerms}),Ersetzt,[2de49dc8c2ba85b1fd1dc1a90ff6d030]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsU,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsU,&q={searchTerms}),Ersetzt,[4ec37bea7ffdf04606178edce12415eb]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsU,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsU,&q={searchTerms}),Ersetzt,[5bb643221e5e14225ac43d2df4118c74]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-2902429972-443509965-4274997157-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsU,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZLLx3LpAeVW-lRGGSHpxmTbfKJHlnyK_aDwNHQILJCOs5WF4O8WajHmvrZxXYtvOGU6mUMpcjELtMpsJpqvbLLTzC9tU_ND2EOUP4kjHJLV2CaYrA9kTwYKmeDnDoBZRad1ddGv6yo0DtZc76f7hM8DFkaf5d8EZqsU,&q={searchTerms}),Ersetzt,[020f60052656a88e12073f2b788d7b85]
Ordner: 26
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, In Quarantäne, [db36cc99b7c5ef473f236e1248bb6997],
PUP.Optional.Caramava.A, C:\Program Files (x86)\Caramava, In Quarantäne, [040dafb60e6e1e18b41d523c3cc79967],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\Partial Backups, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\voice, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\voice\de, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.SearchProtect.A, C:\Users\ouali_000\AppData\Local\SearchProtect, In Quarantäne, [2fe22540adcfc86e0a61a98d887b6997],
PUP.Optional.SearchProtect.A, C:\Users\ouali_000\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [2fe22540adcfc86e0a61a98d887b6997],
PUP.Optional.SearchProtect.A, C:\Users\ouali_000\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [2fe22540adcfc86e0a61a98d887b6997],
PUP.Optional.SearchProtect.A, C:\Users\ouali_000\AppData\Local\SearchProtect\SearchProtect\STG, In Quarantäne, [2fe22540adcfc86e0a61a98d887b6997],
PUP.Optional.SearchProtect.A, C:\Users\ouali_000\AppData\Local\SearchProtect\UI, In Quarantäne, [2fe22540adcfc86e0a61a98d887b6997],
PUP.Optional.SearchProtect.A, C:\Users\ouali_000\AppData\Local\SearchProtect\UI\rep, In Quarantäne, [2fe22540adcfc86e0a61a98d887b6997],
PUP.Optional.SearchProtect.A, C:\Users\Pk\AppData\Local\SearchProtect, In Quarantäne, [c8499dc8374534024229989e11f2f808],
PUP.Optional.SystemSpeedup, C:\Users\Pk\AppData\Roaming\systweak\ssd, In Quarantäne, [878a630248346ccad19741f8d13209f7],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\libraries, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\resources, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{887DCFDB-C6BF-4AA8-BDDE-B889716A2D7E}, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.EZDownloader, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader, In Quarantäne, [4fc2f372f48804324707eb5a996ae51b],
Dateien: 101
PUP.Optional.Caramava.A, C:\Program Files (x86)\Caramava\CaramavaBHO.dll, In Quarantäne, [b0617beaf488a4929ac2cf089b678d73],
PUP.Optional.Sense.A, C:\Users\Pk\AppData\Roaming\UQ.exe, In Quarantäne, [2be604613e3e61d53cc374f46a9755ab],
PUP.Optional.Sense.A, C:\Users\Pk\AppData\Roaming\WEFLS.exe, In Quarantäne, [38d94b1a433974c230cf4e1ae81927d9],
PUP.Optional.Nova.A, C:\Program Files (x86)\3a61f36b-5e00-4615-847d-0d7a34dfcb15\60e03062-9aa0-4f1b-bab1-739a3231ca5e.dll, In Quarantäne, [7c95a6bf97e50b2b43f574811ae721df],
PUP.Optional.Crossrider, C:\Program Files (x86)\3a61f36b-5e00-4615-847d-0d7a34dfcb15\fcbbbec9-0975-4c68-9ba2-4a70c9d2ebad.dll, In Quarantäne, [98799bcaf9837abc516f29bb986c28d8],
PUP.Optional.Nova.A, C:\Program Files (x86)\89399ccd-6ae8-4042-8f69-a6ac4bfe5ed8\00f6ff79-c308-4537-ada6-740d49eefaf8.dll, In Quarantäne, [67aa0560c1bb9c9ae454d520728f1ce4],
PUP.Optional.Crossrider, C:\Program Files (x86)\89399ccd-6ae8-4042-8f69-a6ac4bfe5ed8\89399ccd-6ae8-4042-8f69-a6ac4bfe5ed8.dll, In Quarantäne, [cd447de8b9c35fd7a61af7ed1ce8a25e],
PUP.Optional.Nova.A, C:\Program Files (x86)\89399ccd-6ae8-4042-8f69-a6ac4bfe5ed8\9124dc78-6d21-42dd-b7e3-3813518da944.dll, In Quarantäne, [40d11e47d8a42a0c54e4db1ab150d62a],
PUP.Optional.Crossrider, C:\Program Files (x86)\89399ccd-6ae8-4042-8f69-a6ac4bfe5ed8\d5d8a6bb-476f-4bb9-8cf2-6081992ad6f6.dll, In Quarantäne, [9a774a1b5824181ecdf36a7a8b79d828],
PUP.Optional.Crossrider, C:\Program Files (x86)\AMX Mod X\3a61f36b-5e00-4615-847d-0d7a34dfcb15.dll, In Quarantäne, [7f92bca95824f145912fbb29cc38649c],
PUP.Optional.Nova.A, C:\Program Files (x86)\AMX Mod X\b942e87d-c421-464b-b95d-ab6924e42901.dll, In Quarantäne, [19f8e67fb6c6c670bf79c035d42d5ba5],
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\VCLdr64.dll, In Quarantäne, [a66b2b3a3646181e0fbc3c6ea75a19e7],
PUP.Optional.SmartBar, C:\Windows\Installer\MSIF4EC.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [7d94acb957253303ccb2d7573cc49868],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI77DB.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [cf42f07586f6f44266180727ce3225db],
PUP.Optional.VBates, C:\Windows\Tasks\FF Watcher {B2AB07AB-FEC9-4CBA-87F4-2F55FF6D8165}.job, In Quarantäne, [828f96cfff7dc5712d6f81ea669d46ba],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-1, In Quarantäne, [a0717ee7453793a376a11958ba49cd33],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-11, In Quarantäne, [29e8ee779eded462f81f0a676a99758b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-2, In Quarantäne, [e9287beaa9d3e74fa374bfb2d72c3ec2],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-4, In Quarantäne, [be53cb9abbc1cb6b57c0f879a063b64a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-5, In Quarantäne, [51c088dd3d3ff14560b71b56e91ae11f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-5_user, In Quarantäne, [59b8d2930874f046d14685ec0ef55fa1],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-6, In Quarantäne, [7d9478ed44382b0be433a2cf21e2e11f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-7, In Quarantäne, [5cb5580d7804270f62b56809be4516ea],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-1, In Quarantäne, [e52c8ed7374555e1cc4bdf92a45fcd33],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-11, In Quarantäne, [4cc5ff66cfad2b0b96813839aa5923dd],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-2, In Quarantäne, [17fa7bead9a316202ee97af762a1a858],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-3, In Quarantäne, [0b0681e4cdaf1d19799efa77649fdb25],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-4, In Quarantäne, [d23f01649fdd7abc9285f57ca0639c64],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-5, In Quarantäne, [957cde87c8b4dc5a5bbc1d5403002cd4],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-5_user, In Quarantäne, [020f5f06b7c543f337e0adc4e61dfe02],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-6, In Quarantäne, [68a9184dacd056e057c0ff72ba49b64a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-7, In Quarantäne, [4dc4273e3e3e6acc68af541d4ab99070],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljmibnagodajacnnbifpamhggcohblip_0.localstorage, In Quarantäne, [c34e6203a1dbba7cddfddd944fb442be],
PUP.Optional.SelectNGo.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, Löschen bei Neustart, [b859e67f49337bbb48d8e09d44bf9b65],
PUP.Optional.SelectNGo.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, Löschen bei Neustart, [13fee382adcf2f0747d90a7315ee7987],
PUP.Optional.ShoppingGate.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, In Quarantäne, [a26f75f0512bd6601bf53c4415ee46ba],
PUP.Optional.ShoppingGate.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, In Quarantäne, [8988b3b2225a1c1ab759ceb2966ddf21],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, In Quarantäne, [db36cc99b7c5ef473f236e1248bb6997],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro entfernen.lnk, In Quarantäne, [db36cc99b7c5ef473f236e1248bb6997],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, In Quarantäne, [db36cc99b7c5ef473f236e1248bb6997],
PUP.Optional.Caramava.A, C:\Program Files (x86)\Caramava\Caramava.ico, In Quarantäne, [040dafb60e6e1e18b41d523c3cc79967],
PUP.Optional.Caramava.A, C:\Program Files (x86)\Caramava\CaramavaUninstall.exe, In Quarantäne, [040dafb60e6e1e18b41d523c3cc79967],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-1.job, In Quarantäne, [59b8f471e09c1620901d3f8fe321d828],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-11.job, In Quarantäne, [0d042b3a7dffc96de0cd2ca27e8657a9],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-2.job, In Quarantäne, [aa6750156b113df926874c82c93b22de],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-4.job, In Quarantäne, [af622d38126a50e6822bbc12a163b54b],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-5.job, In Quarantäne, [e32e2f3637452214c0ed824c8b79e11f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-5_user.job, In Quarantäne, [51c01e47fd7fa88ec3ea5579ef15cd33],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-6.job, In Quarantäne, [7a97e87d5527191d6c41e6e8778d09f7],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\111dad0a-f07a-4197-9153-9d7ba0082052-7.job, In Quarantäne, [9c75016483f962d4228b9737c83c3dc3],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-1.job, In Quarantäne, [9c753d2892ea45f1e9c47e50f80cd22e],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-11.job, In Quarantäne, [1df46afb314b3df97c31a02efb095fa1],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-2.job, In Quarantäne, [b859372e205c1422f3ba7658a75d52ae],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-3.job, In Quarantäne, [fc15f96c215b2214e3ca7e50ef15d62a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-4.job, In Quarantäne, [53befa6b5c209b9b2c816c6238cc2ad6],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-5.job, In Quarantäne, [4ac75e07295374c21499a62862a258a8],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-5_user.job, In Quarantäne, [3dd4bda8d4a881b5753848862cd8d828],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-6.job, In Quarantäne, [b061f66fd7a5c96d07a6a7275ca8cb35],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\abe04cdc-0acd-46dd-bce2-6b442ae049e9-7.job, In Quarantäne, [2be6bea71e5e1b1b3a73824c040008f8],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, In Quarantäne, [d63bf273502cff37378cbc123cc804fc],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, In Quarantäne, [f61b7ce91666db5b784c17b74fb5be42],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, In Quarantäne, [ba57eb7a522a5bdbcef737976a9ad42c],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, In Quarantäne, [7c95b8ad126a92a409bd5c72ff05cd33],
PUP.Optional.SearchProtect, C:\Windows\apppatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, In Quarantäne, [3fd21b4a710bbd794bf4854d659fab55],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\ExcludeList.rcp, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\German_rcp.dat, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\log_04-25-2014.log, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\log_04-27-2014.log, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\log_04-28-2014.log, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\log_04-29-2014.log, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\log_04-30-2014.log, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\rcpupdate.ini, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\results.rcp, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\TempHLList.rcp, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.RegCleanerPro.A, C:\Users\Pk\AppData\Roaming\systweak\RegClean Pro\Version 6.1\voice\de\voice.wav, In Quarantäne, [8e83bbaa106c5fd75023a0812ad97789],
PUP.Optional.SearchProtect.A, C:\Users\ouali_000\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [2fe22540adcfc86e0a61a98d887b6997],
PUP.Optional.SearchProtect.A, C:\Users\ouali_000\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [2fe22540adcfc86e0a61a98d887b6997],
PUP.Optional.SearchProtect.A, C:\Users\ouali_000\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [2fe22540adcfc86e0a61a98d887b6997],
PUP.Optional.SystemSpeedup, C:\Users\Pk\AppData\Roaming\systweak\ssd\SSDPTstub.exe, In Quarantäne, [878a630248346ccad19741f8d13209f7],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\background.html, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\logo_128.png, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\main.html, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\main.js, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\manifest.json, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\NMHClient.json, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\libraries\ContentScript.js, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\libraries\DataExchangeScript.js, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.Vbates.A, C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.438_0\resources\LocalScript.js, In Quarantäne, [d8394e1793e97db9d94faf8b000358a8],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, In Quarantäne, [0b06b6af7804ce68cdcca892ce352bd5],
PUP.Optional.EZDownloader, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader\EZDownloader.lnk, In Quarantäne, [4fc2f372f48804324707eb5a996ae51b],
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end) Code:
# AdwCleaner v4.105 - Bericht erstellt am 20/12/2014 um 15:30:09
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-16.1 [Live]
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Pk - OUAILS-PC
# Gestartet von : C:\Users\Pk\Desktop\AdwCleaner_4.105.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
Dienst Gelöscht : pcsuservice
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\pc speed up
Ordner Gelöscht : C:\Users\Pk\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Pk\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Ordner Gelöscht : C:\Users\Pk\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Pk\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\Pk\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\Pk\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Pk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Ordner Gelöscht : C:\Users\Pk\Documents\PCSpeedUp
Ordner Gelöscht : C:\Users\Public\Documents\ShopperPro
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Pk\AppData\Roaming\LiveSupport.exe_log.txt
Datei Gelöscht : C:\Users\Pk\AppData\Roaming\regsvr32.exe_log.txt
Datei Gelöscht : C:\Users\Pk\Desktop\PC Speed Up.lnk
Datei Gelöscht : C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
***** [ Tasks ] *****
Task Gelöscht : PC SpeedUp Service Deactivator
Task Gelöscht : YTDownloader
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Directory\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Drive\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\lnkfile\shell\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2299856A-6506-42E3-A34F-CD35A47C1B19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\LiveSupport
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\Speedchecker Limited
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Sense
Schlüssel Gelöscht : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ShopperPro
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\YTDownloader
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Google Chrome v39.0.2171.95
[C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=dspp&ts=1402354800&from=cor&uid=ST9500325AS_6VEF8HFW&q={searchTerms}
*************************
AdwCleaner[R0].txt - [8895 octets] - [01/05/2014 09:28:39]
AdwCleaner[R1].txt - [10442 octets] - [20/12/2014 15:26:09]
AdwCleaner[S0].txt - [782 octets] - [01/05/2014 09:29:56]
AdwCleaner[S1].txt - [9858 octets] - [20/12/2014 15:30:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [9918 octets] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 x64
Ran by Pk on 20.12.2014 at 15:34:13,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.12.2014 at 15:45:57,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Pk (administrator) on OUAILS-PC on 20-12-2014 15:53:51
Running from C:\Users\Pk\Desktop
Loaded Profile: Pk (Available profiles: Pk & ouali_000)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Dropbox, Inc.) C:\Users\Pk\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-10-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-11-17] (Acer Incorporated)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90368 2014-11-20] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2902429972-443509965-4274997157-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [403568 2014-04-14] (CyberGhost S.R.L.)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2902429972-443509965-4274997157-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2902429972-443509965-4274997157-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Ge-Force -> {11111111-1111-1111-1111-110611191111} -> C:\Program Files (x86)\Ge-Force\Ge-Force-bho64.dll No File
BHO: Sense -> {11111111-1111-1111-1111-110611811153} -> C:\Program Files (x86)\Sense\Sense-bho64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-2902429972-443509965-4274997157-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=MB3038653-7474-418E-BF69-1EF568F15448&SearchSource=55&CUI=&UM=5&UP=SP59E9C460-1DD9-413E-AB72-B1C5C5FEBACB&SSPV=
CHR StartupUrls: Default -> "https://www.google.de/", "hxxp://www.sweet-page.com/?type=hp&ts=1402321604&from=cor&uid=ST9500325AS_6VEF8HFW", "hxxp://www.sweet-page.com/?type=hppp&ts=1402323183&from=cor&uid=ST9500325AS_6VEF8HFW", "hxxp://www.sweet-page.com/?type=hppp&ts=1402324645&from=cor&uid=ST9500325AS_6VEF8HFW", "hxxp://www.sweet-page.com/?type=hppp&ts=1402328681&from=cor&uid=ST9500325AS_6VEF8HFW", "hxxp://www.sweet-page.com/?type=hppp&ts=1402331885&from=cor&uid=ST9500325AS_6VEF8HFW", "hxxp://www.sweet-page.com/?type=hppp&ts=1402338859&from=cor&uid=ST9500325AS_6VEF8HFW", "hxxp://www.sweet-page.com/?type=hppp&ts=1402339144&from=cor&uid=ST9500325AS_6VEF8HFW", "hxxp://www.sweet-page.com/?type=hppp&ts=1402354800&from=cor&uid=ST9500325AS_6VEF8HFW"
CHR Profile: C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-20]
CHR Extension: (Google Drive) - C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-20]
CHR Extension: (Battlefield Heroes) - C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-05-24]
CHR Extension: (Google-Suche) - C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-20]
CHR Extension: (deoodoglhbmpafkajmlggnjnngdclnie) - C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie [2014-12-09]
CHR Extension: (Sense) - C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdiimmpmdoofmahingpgabiikimjgcia [2014-12-10]
CHR Extension: (Google Wallet) - C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-20]
CHR Extension: (Google Mail) - C:\Users\Pk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-20]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2709760 2014-11-17] (Acer Incorporated)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-04-14] (CyberGhost S.R.L)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-10-02] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-20] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-25] ()
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-20 15:53 - 2014-12-20 15:55 - 00018199 _____ () C:\Users\Pk\Desktop\FRST.txt
2014-12-20 15:53 - 2014-12-20 15:53 - 00000000 ____D () C:\Users\Pk\Desktop\FRST-OlderVersion
2014-12-20 15:45 - 2014-12-20 15:45 - 00000611 _____ () C:\Users\Pk\Desktop\JRT.txt
2014-12-20 15:34 - 2014-12-20 15:34 - 00000000 ____D () C:\Windows\ERUNT
2014-12-20 13:30 - 2014-12-20 15:33 - 00000000 ___RD () C:\Users\Pk\Dropbox
2014-12-20 13:30 - 2014-12-20 13:30 - 00001171 _____ () C:\Users\Pk\Desktop\Dropbox.lnk
2014-12-20 13:28 - 2014-12-20 13:28 - 00000000 ____D () C:\Users\Pk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-20 13:24 - 2014-12-20 15:33 - 00000000 ____D () C:\Users\Pk\AppData\Roaming\Dropbox
2014-12-20 13:22 - 2014-12-20 13:23 - 00324224 _____ (Dropbox, Inc.) C:\Users\Pk\Downloads\DropboxInstaller.exe
2014-12-19 18:59 - 2014-12-20 15:46 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-19 18:59 - 2014-12-19 18:59 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-19 18:59 - 2014-12-19 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-19 18:58 - 2014-12-19 18:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-19 18:58 - 2014-12-19 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-19 18:58 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-19 18:58 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-19 18:58 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-19 18:56 - 2014-12-19 18:56 - 02166272 _____ () C:\Users\Pk\Desktop\AdwCleaner_4.105.exe
2014-12-19 18:55 - 2014-12-19 18:57 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Pk\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-19 18:55 - 2014-12-19 18:56 - 01707646 _____ (Thisisu) C:\Users\Pk\Desktop\JRT.exe
2014-12-19 18:08 - 2014-12-19 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-19 18:08 - 2014-12-19 18:08 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-19 18:07 - 2014-12-20 15:31 - 00039424 _____ () C:\Windows\PFRO.log
2014-12-19 16:30 - 2014-12-20 15:54 - 00000000 ___DC () C:\FRST
2014-12-19 16:18 - 2014-12-20 15:53 - 02122240 ____C (Farbar) C:\Users\Pk\Desktop\FRST64.exe
2014-12-19 16:17 - 2014-12-19 16:17 - 00001284 _____ () C:\Users\Pk\Desktop\Revo Uninstaller.lnk
2014-12-19 16:17 - 2014-12-19 16:17 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-16 16:15 - 2014-12-16 16:15 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2014-12-14 11:23 - 2014-12-14 11:38 - 00000459 _____ () C:\Users\Pk\.swfinfo
2014-12-13 17:01 - 2014-12-13 17:01 - 00045112 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-12-10 19:32 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-10 19:32 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 19:31 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-10 19:31 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-10 19:31 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-10 19:31 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-10 18:12 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 18:12 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 18:12 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 18:12 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 18:12 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 18:12 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 18:12 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 18:12 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 18:12 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 18:12 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 18:12 - 2014-10-13 03:43 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-10 18:12 - 2014-10-13 03:43 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-10 18:12 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-10 18:12 - 2014-10-13 03:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-10 18:11 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 18:11 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-10 18:11 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 18:11 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 18:11 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 18:11 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 18:11 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-10 18:11 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-10 18:11 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 18:11 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 18:11 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-10 18:11 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 18:11 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-10 18:11 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 18:11 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 18:11 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 18:11 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 18:11 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 18:11 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-10 18:11 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 18:11 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 18:11 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-10 18:11 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-10 18:11 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 18:11 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 18:11 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 18:11 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 18:11 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 18:11 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 18:11 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 18:11 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-06 12:51 - 2014-12-06 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-06 12:49 - 2014-12-06 12:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-06 12:49 - 2014-12-06 12:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-06 11:59 - 2014-12-06 11:59 - 00000000 ____D () C:\Users\Pk\AppData\Roaming\.technic
2014-12-03 15:31 - 2014-12-20 15:19 - 00000000 ____D () C:\Program Files (x86)\89399ccd-6ae8-4042-8f69-a6ac4bfe5ed8
2014-12-03 15:31 - 2014-12-20 15:19 - 00000000 ____D () C:\Program Files (x86)\3a61f36b-5e00-4615-847d-0d7a34dfcb15
2014-11-24 09:46 - 2014-11-24 09:46 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2021-10-21 14:36 - 2013-12-19 22:21 - 00000852 _____ () C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 08:34 - 2013-12-19 22:21 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2014-12-20 15:45 - 2014-10-07 20:18 - 01519558 _____ () C:\Windows\WindowsUpdate.log
2014-12-20 15:36 - 2013-12-20 06:42 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-12-20 15:36 - 2013-12-20 06:42 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-12-20 15:36 - 2013-11-27 10:55 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 15:34 - 2014-03-23 18:24 - 00000000 ____D () C:\Users\Pk\AppData\Local\CrashDumps
2014-12-20 15:33 - 2014-03-27 18:09 - 00000000 ___DO () C:\Users\Pk\SkyDrive
2014-12-20 15:33 - 2014-03-19 18:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-20 15:32 - 2014-03-20 19:50 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-20 15:31 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-20 15:30 - 2014-05-01 09:24 - 00000000 ___DC () C:\AdwCleaner
2014-12-20 15:30 - 2013-08-22 14:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-12-20 15:27 - 2014-03-19 18:19 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2902429972-443509965-4274997157-1001
2014-12-20 15:23 - 2014-06-21 18:06 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d7320aa4f21.job
2014-12-20 15:20 - 2014-03-19 18:09 - 00000000 ____D () C:\Users\Pk
2014-12-20 15:19 - 2014-05-11 17:26 - 00000000 ____D () C:\Program Files (x86)\AMX Mod X
2014-12-20 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-20 13:59 - 2014-10-20 16:32 - 00000000 ____D () C:\Users\Pk\AppData\Roaming\.minecraft
2014-12-20 12:49 - 2014-08-13 16:00 - 00000000 ____D () C:\Users\Pk\AppData\Local\LogMeIn Hamachi
2014-12-19 20:50 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-19 18:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-19 18:39 - 2014-03-19 18:09 - 00000000 ____D () C:\Users\Pk\AppData\Local\Pokki
2014-12-19 18:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-19 16:27 - 2013-11-27 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-12-19 16:27 - 2013-11-27 11:20 - 00000000 ____D () C:\ProgramData\Acer
2014-12-19 16:27 - 2013-11-27 11:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-12-19 16:27 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-19 16:27 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-12-19 15:51 - 2014-05-13 18:22 - 00000000 ____D () C:\Users\Pk\AppData\Roaming\uTorrent
2014-12-16 16:13 - 2014-03-19 18:12 - 00000000 ____D () C:\Users\Pk\AppData\Local\clear.fi
2014-12-12 11:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-12 11:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-12 11:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 19:14 - 2014-03-22 19:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 19:05 - 2014-03-22 19:35 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 18:33 - 2014-03-19 18:37 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 22:10 - 2014-11-14 22:54 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 22:10 - 2014-11-14 22:54 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-21 07:14 - 2013-11-27 10:40 - 00000000 ___HD () C:\OEM
Files to move or delete:
====================
C:\Users\Pk\jagex_cl_runescape_LIVE.dat
C:\Users\Pk\random.dat
Some content of TEMP:
====================
C:\Users\Pk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqrfbsd.dll
C:\Users\Pk\AppData\Local\Temp\h_keixo5.dll
C:\Users\Pk\AppData\Local\Temp\Quarantine.exe
C:\Users\Pk\AppData\Local\Temp\ShopperProJSINJFull.exe
C:\Users\Pk\AppData\Local\Temp\sqlite3.dll
C:\Users\Pk\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Pk\AppData\Local\Temp\System.Data.SQLitef8540cf9-92f7-4c52-9842-74687b7729a5.dll
C:\Users\Pk\AppData\Local\Temp\tu17p84.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-16 21:02
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Pk at 2014-12-20 15:57:00
Running from C:\Users\Pk\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2001.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2013.0 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.03.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8101 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Air Control Simulator (x32 Version: 3.0.2.59 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMX Mod X Installer 1.8.2 (HKLM-x32\...\AMX Mod X Installer) (Version: 1.8.2 - AMX Mod X Dev Team)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.03.2001.0 - Acer Incorporated)
AssaultCube v1.2.0.2 (HKLM-x32\...\AssaultCube) (Version: 1.2.0.2 - )
Battlefield Heroes (Pk) (HKU\S-1-5-21-2902429972-443509965-4274997157-1001\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2902429972-443509965-4274997157-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Elsword (HKLM-x32\...\Elsword_de_is1) (Version: - )
ETDWare PS/2-X64 11.6.28.201_WHQL (HKLM\...\Elantech) (Version: 11.6.28.201 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GameTracker Lite (HKLM-x32\...\GameTracker Lite) (Version: - ClanServers Hosting LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3349 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MinecraftAlpha (HKLM-x32\...\MinecraftAlpha) (Version: - )
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MTA:SA v1.3.5 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.5 - Multi Theft Auto)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OPERATION7 (HKLM-x32\...\OPERATION7) (Version: - )
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.27041 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Spielkanäle (x32 Version: 9.2.0.11 - WildTangent, Inc.) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-2902429972-443509965-4274997157-1001\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Unity Web Player (HKU\S-1-5-21-2902429972-443509965-4274997157-1001\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
WildTangent Games App (x32 Version: 4.0.11.14 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
Wizard101(DE) (HKU\S-1-5-21-2902429972-443509965-4274997157-1001\...\Wizard101(DE)_is1) (Version: - Gameforge 4D GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2902429972-443509965-4274997157-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Pk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902429972-443509965-4274997157-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902429972-443509965-4274997157-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902429972-443509965-4274997157-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902429972-443509965-4274997157-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902429972-443509965-4274997157-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902429972-443509965-4274997157-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902429972-443509965-4274997157-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2902429972-443509965-4274997157-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pk\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
16-10-2014 10:11:02 Windows Update
19-10-2014 18:50:34 Windows Update
14-11-2014 14:45:02 Windows Modules Installer
19-11-2014 16:38:15 Windows Update
27-11-2014 18:26:00 Windows Update
06-12-2014 12:47:12 Windows Update
11-12-2014 19:00:42 Windows Update
19-12-2014 16:21:30 Revo Uninstaller's restore point - abDocs
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {14FA1028-9F98-4956-946D-4B13E30B19BE} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-02] (Acer Incorporate)
Task: {1F7C0A08-85F8-45B8-B900-26F0E7DF6C9D} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-11-19] (Acer)
Task: {2F950441-C496-43B9-A51A-D42CC33CB522} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {3416F7D6-66CB-4824-B085-073F95DE385D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {59B4F9A5-81FA-4E32-8831-5E56E223D3B2} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {991AD5E5-DFB6-48E0-83AF-1AE8142A87A2} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8d7320aa4f21 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)
Task: {AB7C8488-2452-423D-AF3A-FEB988CE38B8} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-09-12] (Acer Incorporated)
Task: {B32DAFAB-564B-43C1-8F47-460696108ACA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
Task: {CDEC366F-05C1-4BA5-873E-36A4EECA4EAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)
Task: {D5A8973B-2E07-4A3D-B8E2-40979811DF1B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {EF16EDD9-5973-4020-90F4-1BCEFC4E1198} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {F02E1173-F1F4-4D95-8274-BFBAC23B21CA} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2902429972-443509965-4274997157-1001
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d7320aa4f21.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-05-24 21:03 - 2014-05-25 13:06 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-11-20 13:06 - 2014-11-20 13:06 - 00090368 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-11-20 13:06 - 2014-11-20 13:06 - 00089856 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-11-21 07:16 - 2014-11-21 07:16 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-11-17 10:57 - 2014-11-17 10:57 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-09-16 09:15 - 2014-09-16 09:15 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-09-16 09:16 - 2014-09-16 09:16 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-09-16 09:16 - 2014-09-16 09:16 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-09-16 09:16 - 2014-09-16 09:16 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2014-11-17 10:53 - 2014-11-17 10:53 - 00279296 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-11-20 13:06 - 2014-11-20 13:06 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2014-12-20 13:28 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Pk\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-20 15:33 - 2014-12-20 15:33 - 00043008 _____ () c:\users\pk\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqrfbsd.dll
2014-12-20 13:28 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Pk\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-12-20 13:28 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Pk\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-12-20 13:28 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Pk\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-12-20 13:28 - 2014-10-22 01:22 - 00118784 _____ () C:\Users\Pk\AppData\Roaming\Dropbox\bin\plugins\accessible\qtaccessiblewidgets.dll
2013-12-19 22:46 - 2013-07-30 18:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2014-12-13 12:25 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-13 12:25 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-13 12:25 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-13 12:25 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-13 12:25 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\ouali_000\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Pk\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Pk\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Pk\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Pk\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Pk\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Pk\AppData\Roaming:NT2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2902429972-443509965-4274997157-1001\...\StartupApproved\Run: => "CyberGhost"
========================= Accounts: ==========================
Administrator (S-1-5-21-2902429972-443509965-4274997157-500 - Administrator - Disabled)
Gast (S-1-5-21-2902429972-443509965-4274997157-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2902429972-443509965-4274997157-1007 - Limited - Enabled)
ouali_000 (S-1-5-21-2902429972-443509965-4274997157-1002 - Limited - Enabled) => C:\Users\ouali_000
Pk (S-1-5-21-2902429972-443509965-4274997157-1001 - Administrator - Enabled) => C:\Users\Pk
==================== Faulty Device Manager Devices =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-12-08 21:36:08.302
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-08 21:36:07.613
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-08 21:36:06.978
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-08 21:35:34.466
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-08 21:35:33.682
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-07 12:11:02.863
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-07 12:11:02.289
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-07 12:11:01.623
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-07 12:10:59.278
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-07 12:10:57.982
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU N3520 @ 2.16GHz
Percentage of memory in use: 42%
Total physical RAM: 3979.34 MB
Available physical RAM: 2301.97 MB
Total Pagefile: 8331.34 MB
Available Pagefile: 6268.24 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.19 GB) (Free:350.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 811F8FD7)
Partition: GPT Partition Type.
==================== End Of Log ============================ |