firefox, texte im internet grün unterstrichen und öffnen popups

happyoki · 05.02.2014, 19:52

also seit einigen tagen habe ich das problem wenn ich im internet bin das wörter im text oder auch in browsergames grün unterstrichen sind, fahr ich mit der maus drüber erscheint ein kleines werbebild, klick ich drauf komm ich auf eine externe seite. youtube ist so gut wie unmöglich zu hören da dort jetzt alles rumspinnt, habe schon einige virenprogramme runtergelden mit null erfolg

PS. bin jetzt nicht gerade der beste mit umgang "PC" ^^ also bitte anfängerfreundlich antworten, hoffe das mir einer helfen kann

schrauber · 05.02.2014, 20:33

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

happyoki · 05.02.2014, 20:53

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Happy (administrator) on HAPPY-PC on 05-02-2014 20:50:32
Running from C:\Users\Happy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(IGN Entertainment Inc.) C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3795376130-1755610981-1941546793-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\S-1-5-21-3795376130-1755610981-1941546793-1001\...\Run: [Comrade.exe] - C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe [36864 2007-06-29] (IGN Entertainment Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [241984 2011-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [203072 2011-10-16] (NVIDIA Corporation)
Startup: C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_14457426.lnk
ShortcutTarget: _uninst_14457426.lnk -> C:\Users\Happy\AppData\Local\Temp\_uninst_14457426.bat ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {5B4B9A86-71D5-4DFA-86B2-A9A3FB51431C} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=4a4ed3b478b04a4fbb2dc1de28dac300&tu=10G90006g1B000v&sku=&tstsId=&ver=&&r=567
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571
FF Homepage: hxxp://mysearch.avg.com?cid={B58DE404-8533-42F6-9680-99DC016E356A}&mid=733637a0ae5447d3949e0d47e77ad1fa-b5c1f8d0a8681e6349342f4f0be42f1e820d8610&lang=en&ds=es011&coid=avgtbdises&cmpid=&pr=sa&d=&v=&pid=safeguard&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @ei.Allin1Convert_8h.com/Plugin - C:\Program Files (x86)\Allin1Convert_8hEI\Installr\1.bin\NP8hEISB.dll (Allin1Convert)
FF Plugin-x32: @ei.UtilityChest_49.com/Plugin - C:\Program Files (x86)\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\searchplugins\search.xml.old
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Notificatoin - C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\Extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1} [2013-12-31]
FF Extension: AntiGameOrigin - C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\Extensions\antigameorigin@antigame.de.xpi [2013-11-15]
FF Extension: Greasemonkey - C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

Chrome: 
=======
CHR Extension: (Docs) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]
CHR Extension: (Google Drive) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]
CHR Extension: (Google Search) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]
CHR Extension: (Notificatoin) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm [2013-12-31]
CHR Extension: (Gmail) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]
CHR HKCU\...\Chrome\Extension: [hmhfbmpdiffkamakhdbcgojfnbnlcenm] - C:\ProgramData\Microsoft\Windows\DRM\Server\notificatoin_1.0.0.crx [2013-11-28]
CHR HKLM-x32\...\Chrome\Extension: [hmhfbmpdiffkamakhdbcgojfnbnlcenm] - C:\ProgramData\Microsoft\Windows\DRM\Server\notificatoin_1.0.0.crx [2013-11-28]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-05-25] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-09-24] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\RpcAgentSrv.exe [72344 2008-11-25] (SiSoftware)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-14] (TuneUp Software)
S2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R0 14457426; C:\Windows\System32\DRIVERS\14457426.sys [460888 2014-02-04] (Kaspersky Lab ZAO)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2014-01-08] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-08-28] (TuneUp Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-05 20:50 - 2014-02-05 20:50 - 00016286 _____ () C:\Users\Happy\Downloads\FRST.txt
2014-02-05 19:22 - 2014-02-05 19:22 - 02347384 _____ (ESET) C:\Users\Happy\Downloads\esetsmartinstaller_enu.exe
2014-02-05 18:45 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\Happy\Downloads\FRST-OlderVersion
2014-02-05 18:30 - 2014-02-05 18:30 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Avira
2014-02-05 18:26 - 2014-02-05 18:26 - 00002042 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-02-05 18:26 - 2014-02-05 18:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-05 18:26 - 2013-12-18 09:32 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-02-05 18:26 - 2013-12-18 09:32 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-02-05 18:26 - 2013-12-18 09:32 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-02-05 18:12 - 2014-02-05 18:15 - 130658432 _____ () C:\Users\Happy\Downloads\avira_free_antivirus_de.exe
2014-02-05 17:44 - 2014-02-05 17:44 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-05 17:20 - 2014-02-05 19:35 - 00000000 ___DC () C:\AdwCleaner
2014-02-05 17:19 - 2014-02-05 17:20 - 01166132 _____ () C:\Users\Happy\Downloads\adwcleaner.exe
2014-02-05 17:16 - 2014-02-05 20:50 - 00000000 ___DC () C:\FRST
2014-02-05 17:15 - 2014-02-05 18:45 - 02082304 ____C (Farbar) C:\Users\Happy\Downloads\FRST64.exe
2014-02-05 14:37 - 2014-02-05 14:37 - 00005723 _____ () C:\Users\Happy\Documents\bericht.txt
2014-02-05 14:16 - 2014-02-05 14:16 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(2).exe
2014-02-05 10:39 - 2014-02-05 10:43 - 243681088 _____ () C:\Users\Happy\Downloads\kav14.0.0.4651abDE_5154.exe
2014-02-05 10:36 - 2014-02-05 10:36 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(1).exe
2014-02-05 01:33 - 2014-02-05 01:34 - 397688988 _____ () C:\Users\Happy\Documents\Image.nrg
2014-02-05 00:20 - 2014-02-05 00:20 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de.exe
2014-02-04 23:03 - 2014-02-04 23:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-04 23:02 - 2014-02-04 21:36 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\14457426.sys
2014-02-04 22:59 - 2014-02-04 23:02 - 134002232 _____ () C:\Users\Happy\Downloads\setup_11.0.1.1245.x01_2014_02_04_21_37.exe
2014-02-04 21:29 - 2014-02-05 10:59 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-02-04 21:24 - 2014-02-04 21:27 - 194045080 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-02-01 12:56 - 2014-02-05 19:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-01 12:54 - 2014-02-04 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-01 12:52 - 2014-02-01 12:54 - 90578216 _____ (AVAST Software) C:\Users\Happy\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-02-01 12:32 - 2014-02-01 12:53 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Nico Mak Computing
2014-02-01 12:29 - 2014-02-01 12:30 - 04892480 _____ (WinZip International LLC ) C:\Users\Happy\Downloads\wzmp_8.exe
2014-02-01 03:50 - 2014-02-01 04:22 - 00000000 ____D () C:\Users\Happy\AppData\Local\Microsoft Games
2014-02-01 03:33 - 2014-02-01 03:33 - 00000000 ____C () C:\autoexec.bat
2014-02-01 03:32 - 2014-02-01 03:32 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-02-01 03:29 - 2014-02-01 03:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Happy\Downloads\SpyHunter-Installer.exe
2014-01-22 00:20 - 2014-01-22 00:20 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-01-15 05:14 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 05:14 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 05:14 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 13:54 - 2014-01-14 13:54 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82(1).run
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Sun
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-14 13:53 - 2014-01-14 13:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-14 13:52 - 2014-01-14 13:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-14 13:50 - 2014-01-14 13:50 - 00915368 _____ (Oracle Corporation) C:\Users\Happy\Downloads\jxpiinstall.exe
2014-01-14 13:47 - 2014-01-14 13:48 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82.run
2014-01-14 08:54 - 2014-01-14 08:54 - 00000606 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Local\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\ProgramData\WarThunder
2014-01-14 08:53 - 2014-01-14 08:53 - 04250672 _____ (2013 Gaijin Entertainment Corporation ) C:\Users\Happy\Downloads\wt_launcher_1.0.1.302.exe
2014-01-11 12:33 - 2014-02-01 13:29 - 00003790 _____ () C:\Windows\System32\Tasks\DTReg
2014-01-10 23:48 - 2014-01-10 23:48 - 00000222 _____ () C:\Users\Happy\Desktop\Torchlight II.url
2014-01-08 23:37 - 2014-01-08 23:37 - 00003180 _____ () C:\Windows\System32\Tasks\{49C70FF1-7A2F-4987-9DDD-4D64F786E4FC}
2014-01-08 15:18 - 2014-01-08 16:02 - 00000000 ____D () C:\Users\Happy\AppData\Local\AVG SafeGuard toolbar
2014-01-08 15:18 - 2014-01-08 15:17 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-01-08 01:50 - 2014-01-08 01:50 - 00604819 _____ (Ryan Gregg ) C:\Users\Happy\Downloads\gcfscape185.exe
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Users\Happy\AppData\Local\Nem's Tools
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Program Files\Nem's Tools
2014-01-07 17:15 - 2014-01-31 21:24 - 00000000 ____D () C:\Users\Happy\AppData\Local\genienext
2014-01-07 17:15 - 2014-01-15 22:14 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\newnext.me
2014-01-07 17:15 - 2014-01-07 17:16 - 00000000 ____D () C:\Users\Happy\AppData\Local\Mobogenie
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\Documents\Mobogenie
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\AppData\Local\cache
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\.android
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 _____ () C:\Users\Happy\daemonprocess.txt
2014-01-07 17:14 - 2014-01-07 17:16 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-01-07 17:11 - 2014-01-07 17:11 - 10109935 _____ () C:\Users\Happy\Downloads\ProbeII_V10419.zip
2014-01-07 17:10 - 2014-01-07 17:10 - 00923784 _____ (CNET Download.com) C:\Users\Happy\Downloads\cbsidlm-cbsi145-ATK0110_ACPI_UTILITY-ORG_DE-147367.exe
2014-01-07 16:49 - 2014-01-07 16:58 - 14024704 _____ () C:\Users\Happy\AppData\Roaming\Sandra.mdb
2014-01-07 16:49 - 2014-01-07 16:49 - 00001186 _____ () C:\Users\Public\Desktop\SiSoftware Sandra Lite 2014.RTM.lnk
2014-01-07 16:48 - 2014-01-07 16:48 - 00000000 ____D () C:\Program Files\SiSoftware
2014-01-07 16:46 - 2014-01-07 16:47 - 67530368 _____ (SiSoftware ) C:\Users\Happy\Downloads\san2010b.exe
2014-01-07 14:26 - 2014-02-04 21:17 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-01-07 14:26 - 2014-01-08 15:18 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-01-07 14:25 - 2014-01-08 15:18 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-01-07 14:25 - 2014-01-07 14:25 - 00021712 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2014-01-07 14:25 - 2014-01-07 14:25 - 00001214 _____ () C:\Users\Public\Desktop\Find Drivers with BIOSAgentPlus.lnk
2014-01-07 14:23 - 2014-01-07 14:24 - 05511208 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Happy\Downloads\biosagentplus_setup_avg_40.exe
2014-01-07 14:03 - 2014-01-10 23:33 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-01-07 14:03 - 2014-01-07 14:03 - 00000983 _____ () C:\Users\UpdatusUser\Desktop\SpeedFan.lnk
2014-01-07 14:03 - 2014-01-07 14:03 - 00000983 _____ () C:\Users\Happy\Desktop\SpeedFan.lnk
2014-01-07 14:03 - 2014-01-07 14:03 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-01-07 14:02 - 2014-01-07 14:02 - 02143832 _____ () C:\Users\Happy\Downloads\instsf449(1).exe
2014-01-07 13:58 - 2014-01-07 14:03 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-01-07 13:58 - 2014-01-07 13:58 - 02143832 _____ () C:\Users\Happy\Downloads\instsf449.exe
2014-01-07 13:43 - 2014-01-07 13:43 - 00001078 _____ () C:\Users\UpdatusUser\Desktop\EVEREST Home Edition.lnk
2014-01-07 13:43 - 2014-01-07 13:43 - 00001078 _____ () C:\Users\Happy\Desktop\EVEREST Home Edition.lnk
2014-01-07 13:43 - 2014-01-07 13:43 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-01-07 13:41 - 2014-01-07 13:41 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Happy\Downloads\everesthome220.exe

==================== One Month Modified Files and Folders =======

2014-02-05 20:50 - 2014-02-05 20:50 - 00016286 _____ () C:\Users\Happy\Downloads\FRST.txt
2014-02-05 20:50 - 2014-02-05 17:16 - 00000000 ___DC () C:\FRST
2014-02-05 20:32 - 2013-02-23 09:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-05 19:35 - 2014-02-05 17:20 - 00000000 ___DC () C:\AdwCleaner
2014-02-05 19:35 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-05 19:35 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-05 19:31 - 2013-02-15 01:57 - 01601355 _____ () C:\Windows\WindowsUpdate.log
2014-02-05 19:28 - 2013-04-07 02:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-05 19:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-05 19:27 - 2009-07-14 05:51 - 00101682 _____ () C:\Windows\setupact.log
2014-02-05 19:22 - 2014-02-05 19:22 - 02347384 _____ (ESET) C:\Users\Happy\Downloads\esetsmartinstaller_enu.exe
2014-02-05 19:15 - 2014-02-01 12:56 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-05 18:45 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\Happy\Downloads\FRST-OlderVersion
2014-02-05 18:45 - 2014-02-05 17:15 - 02082304 ____C (Farbar) C:\Users\Happy\Downloads\FRST64.exe
2014-02-05 18:38 - 2013-02-17 16:15 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\CheckPoint
2014-02-05 18:38 - 2010-11-21 04:47 - 01309698 _____ () C:\Windows\PFRO.log
2014-02-05 18:30 - 2014-02-05 18:30 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Avira
2014-02-05 18:26 - 2014-02-05 18:26 - 00002042 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-02-05 18:26 - 2014-02-05 18:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-05 18:26 - 2013-02-18 21:09 - 00000000 ____D () C:\ProgramData\Avira
2014-02-05 18:22 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-05 18:15 - 2014-02-05 18:12 - 130658432 _____ () C:\Users\Happy\Downloads\avira_free_antivirus_de.exe
2014-02-05 17:44 - 2014-02-05 17:44 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-05 17:21 - 2013-02-16 16:13 - 00001076 _____ () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-02-05 17:20 - 2014-02-05 17:19 - 01166132 _____ () C:\Users\Happy\Downloads\adwcleaner.exe
2014-02-05 14:37 - 2014-02-05 14:37 - 00005723 _____ () C:\Users\Happy\Documents\bericht.txt
2014-02-05 14:16 - 2014-02-05 14:16 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(2).exe
2014-02-05 12:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-05 12:32 - 2013-02-23 09:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 12:32 - 2013-02-23 09:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 12:32 - 2011-10-11 13:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 11:11 - 2013-02-17 16:17 - 00000000 ____D () C:\Users\Happy\AppData\Local\CrashDumps
2014-02-05 11:04 - 2013-09-19 02:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-05 10:59 - 2014-02-04 21:29 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-02-05 10:43 - 2014-02-05 10:39 - 243681088 _____ () C:\Users\Happy\Downloads\kav14.0.0.4651abDE_5154.exe
2014-02-05 10:36 - 2014-02-05 10:36 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(1).exe
2014-02-05 01:34 - 2014-02-05 01:33 - 397688988 _____ () C:\Users\Happy\Documents\Image.nrg
2014-02-05 01:34 - 2013-05-13 11:43 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Nero
2014-02-05 00:20 - 2014-02-05 00:20 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de.exe
2014-02-04 23:03 - 2014-02-04 23:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-04 23:03 - 2013-02-15 22:05 - 00000000 ___RD () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-04 23:02 - 2014-02-04 22:59 - 134002232 _____ () C:\Users\Happy\Downloads\setup_11.0.1.1245.x01_2014_02_04_21_37.exe
2014-02-04 22:49 - 2014-02-01 12:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-04 22:46 - 2013-02-19 14:45 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Skype
2014-02-04 21:36 - 2014-02-04 23:02 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\14457426.sys
2014-02-04 21:27 - 2014-02-04 21:24 - 194045080 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-02-04 21:17 - 2014-01-07 14:26 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-02-01 13:29 - 2014-01-11 12:33 - 00003790 _____ () C:\Windows\System32\Tasks\DTReg
2014-02-01 13:29 - 2013-02-16 16:11 - 00000306 __RSH () C:\Users\Happy\ntuser.pol
2014-02-01 13:29 - 2013-02-15 22:03 - 00000000 ____D () C:\Users\Happy
2014-02-01 12:56 - 2013-12-31 02:48 - 00000000 ____D () C:\Users\Happy\AppData\Local\Google
2014-02-01 12:54 - 2014-02-01 12:52 - 90578216 _____ (AVAST Software) C:\Users\Happy\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-02-01 12:53 - 2014-02-01 12:32 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Nico Mak Computing
2014-02-01 12:30 - 2014-02-01 12:29 - 04892480 _____ (WinZip International LLC ) C:\Users\Happy\Downloads\wzmp_8.exe
2014-02-01 04:22 - 2014-02-01 03:50 - 00000000 ____D () C:\Users\Happy\AppData\Local\Microsoft Games
2014-02-01 03:57 - 2013-04-29 19:58 - 00000633 _____ () C:\Users\Public\Desktop\Medieval II Total War Teutonic.lnk
2014-02-01 03:57 - 2013-04-29 19:51 - 00000633 _____ () C:\Users\Public\Desktop\Medieval II Total War Crusades.lnk
2014-02-01 03:57 - 2013-04-29 19:47 - 00000643 _____ () C:\Users\Public\Desktop\Medieval II Total War Britannia.lnk
2014-02-01 03:57 - 2013-04-29 19:43 - 00000633 _____ () C:\Users\Public\Desktop\Medieval II Total War Americas.lnk
2014-02-01 03:57 - 2013-04-29 19:24 - 00000580 _____ () C:\Users\Public\Desktop\Medieval II Total War.lnk
2014-02-01 03:33 - 2014-02-01 03:33 - 00000000 ____C () C:\autoexec.bat
2014-02-01 03:32 - 2014-02-01 03:32 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-02-01 03:29 - 2014-02-01 03:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Happy\Downloads\SpyHunter-Installer.exe
2014-01-31 21:24 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\AppData\Local\genienext
2014-01-29 21:07 - 2013-02-25 16:51 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\TS3Client
2014-01-29 18:13 - 2013-11-17 18:16 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\.minecraft
2014-01-29 03:07 - 2013-02-15 10:49 - 00709936 _____ () C:\Windows\system32\perfh007.dat
2014-01-29 03:07 - 2013-02-15 10:49 - 00154082 _____ () C:\Windows\system32\perfc007.dat
2014-01-29 03:07 - 2009-07-14 06:13 - 01670150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-29 03:06 - 2013-09-24 13:18 - 01615936 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-22 00:20 - 2014-01-22 00:20 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-01-22 00:20 - 2013-02-16 17:03 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-01-16 15:47 - 2011-10-11 13:20 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-16 12:03 - 2009-07-14 05:45 - 00277720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 09:59 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-16 03:01 - 2013-02-18 20:51 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 22:14 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\newnext.me
2014-01-14 13:54 - 2014-01-14 13:54 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82(1).run
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Sun
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-14 13:52 - 2014-01-14 13:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-14 13:52 - 2014-01-14 13:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-14 13:50 - 2014-01-14 13:50 - 00915368 _____ (Oracle Corporation) C:\Users\Happy\Downloads\jxpiinstall.exe
2014-01-14 13:48 - 2014-01-14 13:47 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82.run
2014-01-14 13:46 - 2013-05-23 16:33 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-01-14 08:54 - 2014-01-14 08:54 - 00000606 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Local\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\ProgramData\WarThunder
2014-01-14 08:54 - 2013-05-06 22:44 - 00000000 ____D () C:\Users\Happy\Documents\My Games
2014-01-14 08:53 - 2014-01-14 08:53 - 04250672 _____ (2013 Gaijin Entertainment Corporation ) C:\Users\Happy\Downloads\wt_launcher_1.0.1.302.exe
2014-01-10 23:48 - 2014-01-10 23:48 - 00000222 _____ () C:\Users\Happy\Desktop\Torchlight II.url
2014-01-10 23:48 - 2013-05-07 12:31 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-10 23:33 - 2014-01-07 14:03 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-01-08 23:37 - 2014-01-08 23:37 - 00003180 _____ () C:\Windows\System32\Tasks\{49C70FF1-7A2F-4987-9DDD-4D64F786E4FC}
2014-01-08 16:02 - 2014-01-08 15:18 - 00000000 ____D () C:\Users\Happy\AppData\Local\AVG SafeGuard toolbar
2014-01-08 15:18 - 2014-01-07 14:26 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-01-08 15:18 - 2014-01-07 14:25 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-01-08 15:18 - 2013-12-11 13:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-08 15:17 - 2014-01-08 15:18 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-01-08 02:13 - 2013-11-01 21:42 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\SoftGrid Client
2014-01-08 01:50 - 2014-01-08 01:50 - 00604819 _____ (Ryan Gregg ) C:\Users\Happy\Downloads\gcfscape185.exe
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Users\Happy\AppData\Local\Nem's Tools
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Program Files\Nem's Tools
2014-01-07 17:16 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\AppData\Local\Mobogenie
2014-01-07 17:16 - 2014-01-07 17:14 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\Documents\Mobogenie
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\AppData\Local\cache
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\.android
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 _____ () C:\Users\Happy\daemonprocess.txt
2014-01-07 17:11 - 2014-01-07 17:11 - 10109935 _____ () C:\Users\Happy\Downloads\ProbeII_V10419.zip
2014-01-07 17:10 - 2014-01-07 17:10 - 00923784 _____ (CNET Download.com) C:\Users\Happy\Downloads\cbsidlm-cbsi145-ATK0110_ACPI_UTILITY-ORG_DE-147367.exe
2014-01-07 16:58 - 2014-01-07 16:49 - 14024704 _____ () C:\Users\Happy\AppData\Roaming\Sandra.mdb
2014-01-07 16:49 - 2014-01-07 16:49 - 00001186 _____ () C:\Users\Public\Desktop\SiSoftware Sandra Lite 2014.RTM.lnk
2014-01-07 16:48 - 2014-01-07 16:48 - 00000000 ____D () C:\Program Files\SiSoftware
2014-01-07 16:47 - 2014-01-07 16:46 - 67530368 _____ (SiSoftware ) C:\Users\Happy\Downloads\san2010b.exe
2014-01-07 14:25 - 2014-01-07 14:25 - 00021712 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2014-01-07 14:25 - 2014-01-07 14:25 - 00001214 _____ () C:\Users\Public\Desktop\Find Drivers with BIOSAgentPlus.lnk
2014-01-07 14:24 - 2014-01-07 14:23 - 05511208 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Happy\Downloads\biosagentplus_setup_avg_40.exe
2014-01-07 14:03 - 2014-01-07 14:03 - 00000983 _____ () C:\Users\UpdatusUser\Desktop\SpeedFan.lnk
2014-01-07 14:03 - 2014-01-07 14:03 - 00000983 _____ () C:\Users\Happy\Desktop\SpeedFan.lnk
2014-01-07 14:03 - 2014-01-07 14:03 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-01-07 14:03 - 2014-01-07 13:58 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-01-07 14:02 - 2014-01-07 14:02 - 02143832 _____ () C:\Users\Happy\Downloads\instsf449(1).exe
2014-01-07 13:58 - 2014-01-07 13:58 - 02143832 _____ () C:\Users\Happy\Downloads\instsf449.exe
2014-01-07 13:43 - 2014-01-07 13:43 - 00001078 _____ () C:\Users\UpdatusUser\Desktop\EVEREST Home Edition.lnk
2014-01-07 13:43 - 2014-01-07 13:43 - 00001078 _____ () C:\Users\Happy\Desktop\EVEREST Home Edition.lnk
2014-01-07 13:43 - 2014-01-07 13:43 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-01-07 13:41 - 2014-01-07 13:41 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Happy\Downloads\everesthome220.exe

Files to move or delete:
====================
c:\windows\syswow64\nvinit.dll
C:\Users\Happy\AppData\Roaming\skype.ini


Some content of TEMP:
====================
C:\Users\Happy\AppData\Local\Temp\avgnt.exe
C:\Users\Happy\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\Happy\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-05 12:41

==================== End Of Log ============================

--- --- ---

nunja, irgendwie kann ich das nicht auf den desktop speichern da ich das programm nur vom download aus starten

schrauber · 06.02.2014, 14:38

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

happyoki · 06.02.2014, 19:07

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.06.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Happy :: HAPPY-PC [Administrator]

Schutz: Aktiviert

06.02.2014 17:52:31
mbam-log-2014-02-06 (17-52-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 420861
Laufzeit: 1 Stunde(n), 13 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKCU\SOFTWARE\Google\Chrome\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 16
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0 (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\icons (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\includes (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango-ui (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1 (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\icons (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\includes (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango-ui (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.10.0 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 92
C:\Users\Happy\Downloads\winrar.exe (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\806bf85.msi (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Microsoft\Windows\DRM\Server\notificatoin_1.0.0.crx (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\b.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\background.html (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\extension_info.json (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\f.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\id.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\jquery.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\manifest.json (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\p.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\readme.txt (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\icons\button.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\icons\icon100.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\icons\icon128.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\icons\icon16.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\icons\icon32.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\icons\icon48.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\includes\content.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\backgroundscript_engine.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\base.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\browser.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\console.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\i18n.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\initialize.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\invoke_async.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\io.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\kango.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\lang.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\legacy.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\message_target.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\message_target_module.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\messaging.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\storage.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\timer.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\userscript_client.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\userscript_engine.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\utils.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango\xhr.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango-ui\browser_button.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango-ui\context_menu.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango-ui\kango_api.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango-ui\notifications.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango-ui\options.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango-ui\remote_popup_host.html (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango-ui\remote_popup_host.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_0\kango-ui\ui_base.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\b.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\background.html (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\extension_info.json (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\f.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\jquery.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\manifest.json (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\p.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\readme.txt (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\icons\button.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\icons\icon100.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\icons\icon128.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\icons\icon16.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\icons\icon32.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\icons\icon48.png (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\includes\content.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\backgroundscript_engine.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\base.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\browser.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\console.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\i18n.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\initialize.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\invoke_async.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\io.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\kango.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\lang.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\legacy.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\message_target.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\message_target_module.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\messaging.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\storage.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\timer.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\userscript_client.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\userscript_engine.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\utils.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango\xhr.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango-ui\browser_button.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango-ui\context_menu.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango-ui\kango_api.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango-ui\notifications.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango-ui\options.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango-ui\remote_popup_host.html (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango-ui\remote_popup_host.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhfbmpdiffkamakhdbcgojfnbnlcenm\1.0.0_1\kango-ui\ui_base.js (PUP.Optional.Kango.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Happy\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.018 - Bericht erstellt am 06/02/2014 um 19:12:36
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Happy - HAPPY-PC
# Gestartet von : C:\Users\Happy\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v27.0 (de)

[ Datei : C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17582 octets] - [05/02/2014 17:20:08]
AdwCleaner[R10].txt - [2012 octets] - [05/02/2014 19:31:33]
AdwCleaner[R11].txt - [2073 octets] - [05/02/2014 19:35:09]
AdwCleaner[R12].txt - [2134 octets] - [06/02/2014 19:11:56]
AdwCleaner[R1].txt - [1269 octets] - [05/02/2014 17:31:37]
AdwCleaner[R2].txt - [1265 octets] - [05/02/2014 17:36:59]
AdwCleaner[R3].txt - [1385 octets] - [05/02/2014 17:42:26]
AdwCleaner[R4].txt - [1511 octets] - [05/02/2014 18:37:33]
AdwCleaner[R5].txt - [1484 octets] - [05/02/2014 18:41:39]
AdwCleaner[R6].txt - [1604 octets] - [05/02/2014 18:46:37]
AdwCleaner[R7].txt - [1724 octets] - [05/02/2014 19:13:38]
AdwCleaner[R8].txt - [1771 octets] - [05/02/2014 19:15:57]
AdwCleaner[R9].txt - [1891 octets] - [05/02/2014 19:23:07]
AdwCleaner[S0].txt - [16211 octets] - [05/02/2014 17:21:32]
AdwCleaner[S1].txt - [1336 octets] - [05/02/2014 17:32:07]
AdwCleaner[S2].txt - [1332 octets] - [05/02/2014 17:38:04]
AdwCleaner[S3].txt - [1574 octets] - [05/02/2014 18:38:02]
AdwCleaner[S4].txt - [1545 octets] - [05/02/2014 18:42:21]
AdwCleaner[S5].txt - [1665 octets] - [05/02/2014 18:47:29]
AdwCleaner[S6].txt - [1832 octets] - [05/02/2014 19:16:44]
AdwCleaner[S7].txt - [1952 octets] - [05/02/2014 19:27:01]
AdwCleaner[S8].txt - [2055 octets] - [06/02/2014 19:12:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [2115 octets] ##########

--- --- ---JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by Happy on 06.02.2014 at 19:17:27,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3795376130-1755610981-1941546793-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\allin1convert_8hinstaller.start
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\allin1convert_8hinstaller.start.1



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Happy\appdata\locallow\allin1convert_8hei"
Successfully deleted: [Folder] "C:\Program Files (x86)\allin1convert_8hei"
Successfully deleted: [Folder] "C:\Program Files (x86)\secretsauce"
Successfully deleted: [Empty Folder] C:\Users\Happy\appdata\local\{A2B06F5B-ACB5-4E94-ABA2-68A9E11E0761}
Successfully deleted: [Empty Folder] C:\Users\Happy\appdata\local\{D8BB6D7A-34B7-460C-B0EF-5C64694A22FB}



~~~ FireFox

Successfully deleted the following from C:\Users\Happy\AppData\Roaming\mozilla\firefox\profiles\bn61w0ho.default-1361456871571\prefs.js

user_pref("avg.install.userHPSettings", "hxxp://mysearch.avg.com?cid={B58DE404-8533-42F6-9680-99DC016E356A}&mid=733637a0ae5447d3949e0d47e77ad1fa-b5c1f8d0a8681e6349342f4f0be42f
user_pref("browser.startup.homepage", "hxxp://mysearch.avg.com?cid={B58DE404-8533-42F6-9680-99DC016E356A}&mid=733637a0ae5447d3949e0d47e77ad1fa-b5c1f8d0a8681e6349342f4f0be42f1e
Emptied folder: C:\Users\Happy\AppData\Roaming\mozilla\firefox\profiles\bn61w0ho.default-1361456871571\minidumps [153 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.02.2014 at 19:28:45,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Happy (administrator) on HAPPY-PC on 06-02-2014 19:29:49
Running from C:\Users\Happy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(IGN Entertainment Inc.) C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3795376130-1755610981-1941546793-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\S-1-5-21-3795376130-1755610981-1941546793-1001\...\Run: [Comrade.exe] - C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe [36864 2007-06-29] (IGN Entertainment Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [241984 2011-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [203072 2011-10-16] (NVIDIA Corporation)
Startup: C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_14457426.lnk
ShortcutTarget: _uninst_14457426.lnk -> C:\Users\Happy\AppData\Local\Temp\_uninst_14457426.bat ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {5B4B9A86-71D5-4DFA-86B2-A9A3FB51431C} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=4a4ed3b478b04a4fbb2dc1de28dac300&tu=10G90006g1B000v&sku=&tstsId=&ver=&&r=567
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @ei.Allin1Convert_8h.com/Plugin - C:\Program Files (x86)\Allin1Convert_8hEI\Installr\1.bin\NP8hEISB.dll No File
FF Plugin-x32: @ei.UtilityChest_49.com/Plugin - C:\Program Files (x86)\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\searchplugins\search.xml.old
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Notificatoin - C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\Extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1} [2013-12-31]
FF Extension: AntiGameOrigin - C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\Extensions\antigameorigin@antigame.de.xpi [2013-11-15]
FF Extension: Greasemonkey - C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

Chrome: 
=======
CHR Extension: (Docs) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]
CHR Extension: (Google Drive) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]
CHR Extension: (Google Search) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]
CHR Extension: (Gmail) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-05-25] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-09-24] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\RpcAgentSrv.exe [72344 2008-11-25] (SiSoftware)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-14] (TuneUp Software)
S2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R0 14457426; C:\Windows\System32\DRIVERS\14457426.sys [460888 2014-02-04] (Kaspersky Lab ZAO)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2014-01-08] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-08-28] (TuneUp Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-06 19:28 - 2014-02-06 19:28 - 00002113 _____ () C:\Users\Happy\Desktop\JRT.txt
2014-02-06 19:17 - 2014-02-06 19:17 - 00000000 ____D () C:\Windows\ERUNT
2014-02-06 19:16 - 2014-02-06 19:16 - 01037530 _____ (Thisisu) C:\Users\Happy\Downloads\JRT.exe
2014-02-06 17:31 - 2014-02-06 17:31 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Malwarebytes
2014-02-06 17:30 - 2014-02-06 17:30 - 00001085 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-06 17:30 - 2014-02-06 17:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-06 17:30 - 2014-02-06 17:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-06 17:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-06 17:29 - 2014-02-06 17:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Happy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-06 15:04 - 2014-02-06 15:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 20:50 - 2014-02-06 19:29 - 00016144 _____ () C:\Users\Happy\Downloads\FRST.txt
2014-02-05 19:22 - 2014-02-05 19:22 - 02347384 _____ (ESET) C:\Users\Happy\Downloads\esetsmartinstaller_enu.exe
2014-02-05 18:45 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\Happy\Downloads\FRST-OlderVersion
2014-02-05 18:30 - 2014-02-05 18:30 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Avira
2014-02-05 18:26 - 2014-02-05 18:26 - 00002042 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-02-05 18:26 - 2014-02-05 18:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-05 18:26 - 2013-12-18 09:32 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-02-05 18:26 - 2013-12-18 09:32 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-02-05 18:26 - 2013-12-18 09:32 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-02-05 18:12 - 2014-02-05 18:15 - 130658432 _____ () C:\Users\Happy\Downloads\avira_free_antivirus_de.exe
2014-02-05 17:44 - 2014-02-05 17:44 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-05 17:20 - 2014-02-06 19:12 - 00000000 ___DC () C:\AdwCleaner
2014-02-05 17:19 - 2014-02-05 17:20 - 01166132 _____ () C:\Users\Happy\Downloads\adwcleaner.exe
2014-02-05 17:16 - 2014-02-06 19:29 - 00000000 ___DC () C:\FRST
2014-02-05 17:15 - 2014-02-05 18:45 - 02082304 ____C (Farbar) C:\Users\Happy\Downloads\FRST64.exe
2014-02-05 14:37 - 2014-02-05 14:37 - 00005723 _____ () C:\Users\Happy\Documents\bericht.txt
2014-02-05 14:16 - 2014-02-05 14:16 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(2).exe
2014-02-05 10:39 - 2014-02-05 10:43 - 243681088 _____ () C:\Users\Happy\Downloads\kav14.0.0.4651abDE_5154.exe
2014-02-05 10:36 - 2014-02-05 10:36 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(1).exe
2014-02-05 01:33 - 2014-02-05 01:34 - 397688988 _____ () C:\Users\Happy\Documents\Image.nrg
2014-02-05 00:20 - 2014-02-05 00:20 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de.exe
2014-02-04 23:03 - 2014-02-04 23:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-04 23:02 - 2014-02-04 21:36 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\14457426.sys
2014-02-04 22:59 - 2014-02-04 23:02 - 134002232 _____ () C:\Users\Happy\Downloads\setup_11.0.1.1245.x01_2014_02_04_21_37.exe
2014-02-04 21:29 - 2014-02-05 10:59 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-02-04 21:24 - 2014-02-04 21:27 - 194045080 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-02-01 12:56 - 2014-02-05 19:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-01 12:54 - 2014-02-04 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-01 12:52 - 2014-02-01 12:54 - 90578216 _____ (AVAST Software) C:\Users\Happy\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-02-01 12:32 - 2014-02-01 12:53 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Nico Mak Computing
2014-02-01 12:29 - 2014-02-01 12:30 - 04892480 _____ (WinZip International LLC ) C:\Users\Happy\Downloads\wzmp_8.exe
2014-02-01 03:50 - 2014-02-01 04:22 - 00000000 ____D () C:\Users\Happy\AppData\Local\Microsoft Games
2014-02-01 03:33 - 2014-02-01 03:33 - 00000000 ____C () C:\autoexec.bat
2014-02-01 03:32 - 2014-02-01 03:32 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-02-01 03:29 - 2014-02-01 03:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Happy\Downloads\SpyHunter-Installer.exe
2014-01-22 00:20 - 2014-01-22 00:20 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-01-15 05:14 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 05:14 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 05:14 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 13:54 - 2014-01-14 13:54 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82(1).run
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Sun
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-14 13:53 - 2014-01-14 13:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-14 13:52 - 2014-01-14 13:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-14 13:50 - 2014-01-14 13:50 - 00915368 _____ (Oracle Corporation) C:\Users\Happy\Downloads\jxpiinstall.exe
2014-01-14 13:47 - 2014-01-14 13:48 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82.run
2014-01-14 08:54 - 2014-01-14 08:54 - 00000606 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Local\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\ProgramData\WarThunder
2014-01-14 08:53 - 2014-01-14 08:53 - 04250672 _____ (2013 Gaijin Entertainment Corporation ) C:\Users\Happy\Downloads\wt_launcher_1.0.1.302.exe
2014-01-11 12:33 - 2014-02-01 13:29 - 00003790 _____ () C:\Windows\System32\Tasks\DTReg
2014-01-10 23:48 - 2014-01-10 23:48 - 00000222 _____ () C:\Users\Happy\Desktop\Torchlight II.url
2014-01-08 23:37 - 2014-01-08 23:37 - 00003180 _____ () C:\Windows\System32\Tasks\{49C70FF1-7A2F-4987-9DDD-4D64F786E4FC}
2014-01-08 15:18 - 2014-01-08 16:02 - 00000000 ____D () C:\Users\Happy\AppData\Local\AVG SafeGuard toolbar
2014-01-08 15:18 - 2014-01-08 15:17 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-01-08 01:50 - 2014-01-08 01:50 - 00604819 _____ (Ryan Gregg ) C:\Users\Happy\Downloads\gcfscape185.exe
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Users\Happy\AppData\Local\Nem's Tools
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Program Files\Nem's Tools
2014-01-07 17:15 - 2014-01-31 21:24 - 00000000 ____D () C:\Users\Happy\AppData\Local\genienext
2014-01-07 17:15 - 2014-01-07 17:16 - 00000000 ____D () C:\Users\Happy\AppData\Local\Mobogenie
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\Documents\Mobogenie
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\AppData\Local\cache
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\.android
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 _____ () C:\Users\Happy\daemonprocess.txt
2014-01-07 17:14 - 2014-01-07 17:16 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-01-07 17:11 - 2014-01-07 17:11 - 10109935 _____ () C:\Users\Happy\Downloads\ProbeII_V10419.zip
2014-01-07 17:10 - 2014-01-07 17:10 - 00923784 _____ (CNET Download.com) C:\Users\Happy\Downloads\cbsidlm-cbsi145-ATK0110_ACPI_UTILITY-ORG_DE-147367.exe
2014-01-07 16:49 - 2014-01-07 16:58 - 14024704 _____ () C:\Users\Happy\AppData\Roaming\Sandra.mdb
2014-01-07 16:49 - 2014-01-07 16:49 - 00001186 _____ () C:\Users\Public\Desktop\SiSoftware Sandra Lite 2014.RTM.lnk
2014-01-07 16:48 - 2014-01-07 16:48 - 00000000 ____D () C:\Program Files\SiSoftware
2014-01-07 16:46 - 2014-01-07 16:47 - 67530368 _____ (SiSoftware ) C:\Users\Happy\Downloads\san2010b.exe
2014-01-07 14:26 - 2014-02-04 21:17 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-01-07 14:26 - 2014-01-08 15:18 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-01-07 14:25 - 2014-01-08 15:18 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-01-07 14:25 - 2014-01-07 14:25 - 00021712 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2014-01-07 14:25 - 2014-01-07 14:25 - 00001214 _____ () C:\Users\Public\Desktop\Find Drivers with BIOSAgentPlus.lnk
2014-01-07 14:23 - 2014-01-07 14:24 - 05511208 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Happy\Downloads\biosagentplus_setup_avg_40.exe
2014-01-07 14:03 - 2014-01-10 23:33 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-01-07 14:03 - 2014-01-07 14:03 - 00000983 _____ () C:\Users\UpdatusUser\Desktop\SpeedFan.lnk
2014-01-07 14:03 - 2014-01-07 14:03 - 00000983 _____ () C:\Users\Happy\Desktop\SpeedFan.lnk
2014-01-07 14:03 - 2014-01-07 14:03 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-01-07 14:02 - 2014-01-07 14:02 - 02143832 _____ () C:\Users\Happy\Downloads\instsf449(1).exe
2014-01-07 13:58 - 2014-01-07 14:03 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-01-07 13:58 - 2014-01-07 13:58 - 02143832 _____ () C:\Users\Happy\Downloads\instsf449.exe
2014-01-07 13:43 - 2014-01-07 13:43 - 00001078 _____ () C:\Users\UpdatusUser\Desktop\EVEREST Home Edition.lnk
2014-01-07 13:43 - 2014-01-07 13:43 - 00001078 _____ () C:\Users\Happy\Desktop\EVEREST Home Edition.lnk
2014-01-07 13:43 - 2014-01-07 13:43 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-01-07 13:41 - 2014-01-07 13:41 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Happy\Downloads\everesthome220.exe

==================== One Month Modified Files and Folders =======

2014-02-06 19:30 - 2014-02-05 20:50 - 00016144 _____ () C:\Users\Happy\Downloads\FRST.txt
2014-02-06 19:29 - 2014-02-05 17:16 - 00000000 ___DC () C:\FRST
2014-02-06 19:28 - 2014-02-06 19:28 - 00002113 _____ () C:\Users\Happy\Desktop\JRT.txt
2014-02-06 19:21 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 19:21 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 19:17 - 2014-02-06 19:17 - 00000000 ____D () C:\Windows\ERUNT
2014-02-06 19:16 - 2014-02-06 19:16 - 01037530 _____ (Thisisu) C:\Users\Happy\Downloads\JRT.exe
2014-02-06 19:16 - 2013-04-07 02:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-06 19:13 - 2013-02-21 12:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 19:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 19:13 - 2009-07-14 05:51 - 00101794 _____ () C:\Windows\setupact.log
2014-02-06 19:12 - 2014-02-05 17:20 - 00000000 ___DC () C:\AdwCleaner
2014-02-06 19:12 - 2013-02-15 01:57 - 01626405 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 19:08 - 2010-11-21 04:47 - 01351280 _____ () C:\Windows\PFRO.log
2014-02-06 18:32 - 2013-02-23 09:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 17:31 - 2014-02-06 17:31 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Malwarebytes
2014-02-06 17:30 - 2014-02-06 17:30 - 00001085 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-06 17:30 - 2014-02-06 17:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-06 17:30 - 2014-02-06 17:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-06 17:29 - 2014-02-06 17:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Happy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-06 15:04 - 2014-02-06 15:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 19:22 - 2014-02-05 19:22 - 02347384 _____ (ESET) C:\Users\Happy\Downloads\esetsmartinstaller_enu.exe
2014-02-05 19:15 - 2014-02-01 12:56 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-05 18:45 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\Happy\Downloads\FRST-OlderVersion
2014-02-05 18:45 - 2014-02-05 17:15 - 02082304 ____C (Farbar) C:\Users\Happy\Downloads\FRST64.exe
2014-02-05 18:38 - 2013-02-17 16:15 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\CheckPoint
2014-02-05 18:30 - 2014-02-05 18:30 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Avira
2014-02-05 18:26 - 2014-02-05 18:26 - 00002042 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-02-05 18:26 - 2014-02-05 18:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-05 18:26 - 2013-02-18 21:09 - 00000000 ____D () C:\ProgramData\Avira
2014-02-05 18:22 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-05 18:15 - 2014-02-05 18:12 - 130658432 _____ () C:\Users\Happy\Downloads\avira_free_antivirus_de.exe
2014-02-05 17:44 - 2014-02-05 17:44 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-05 17:21 - 2013-02-16 16:13 - 00001076 _____ () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-02-05 17:20 - 2014-02-05 17:19 - 01166132 _____ () C:\Users\Happy\Downloads\adwcleaner.exe
2014-02-05 14:37 - 2014-02-05 14:37 - 00005723 _____ () C:\Users\Happy\Documents\bericht.txt
2014-02-05 14:16 - 2014-02-05 14:16 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(2).exe
2014-02-05 12:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-05 12:32 - 2013-02-23 09:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 12:32 - 2013-02-23 09:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 12:32 - 2011-10-11 13:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 11:11 - 2013-02-17 16:17 - 00000000 ____D () C:\Users\Happy\AppData\Local\CrashDumps
2014-02-05 11:04 - 2013-09-19 02:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-05 10:59 - 2014-02-04 21:29 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-02-05 10:43 - 2014-02-05 10:39 - 243681088 _____ () C:\Users\Happy\Downloads\kav14.0.0.4651abDE_5154.exe
2014-02-05 10:36 - 2014-02-05 10:36 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(1).exe
2014-02-05 01:34 - 2014-02-05 01:33 - 397688988 _____ () C:\Users\Happy\Documents\Image.nrg
2014-02-05 01:34 - 2013-05-13 11:43 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Nero
2014-02-05 00:20 - 2014-02-05 00:20 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de.exe
2014-02-04 23:03 - 2014-02-04 23:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-04 23:03 - 2013-02-15 22:05 - 00000000 ___RD () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-04 23:02 - 2014-02-04 22:59 - 134002232 _____ () C:\Users\Happy\Downloads\setup_11.0.1.1245.x01_2014_02_04_21_37.exe
2014-02-04 22:49 - 2014-02-01 12:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-04 22:46 - 2013-02-19 14:45 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Skype
2014-02-04 21:36 - 2014-02-04 23:02 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\14457426.sys
2014-02-04 21:27 - 2014-02-04 21:24 - 194045080 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-02-04 21:17 - 2014-01-07 14:26 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-02-01 13:29 - 2014-01-11 12:33 - 00003790 _____ () C:\Windows\System32\Tasks\DTReg
2014-02-01 13:29 - 2013-02-16 16:11 - 00000306 __RSH () C:\Users\Happy\ntuser.pol
2014-02-01 13:29 - 2013-02-15 22:03 - 00000000 ____D () C:\Users\Happy
2014-02-01 12:56 - 2013-12-31 02:48 - 00000000 ____D () C:\Users\Happy\AppData\Local\Google
2014-02-01 12:54 - 2014-02-01 12:52 - 90578216 _____ (AVAST Software) C:\Users\Happy\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-02-01 12:53 - 2014-02-01 12:32 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Nico Mak Computing
2014-02-01 12:30 - 2014-02-01 12:29 - 04892480 _____ (WinZip International LLC ) C:\Users\Happy\Downloads\wzmp_8.exe
2014-02-01 04:22 - 2014-02-01 03:50 - 00000000 ____D () C:\Users\Happy\AppData\Local\Microsoft Games
2014-02-01 03:57 - 2013-04-29 19:58 - 00000633 _____ () C:\Users\Public\Desktop\Medieval II Total War Teutonic.lnk
2014-02-01 03:57 - 2013-04-29 19:51 - 00000633 _____ () C:\Users\Public\Desktop\Medieval II Total War Crusades.lnk
2014-02-01 03:57 - 2013-04-29 19:47 - 00000643 _____ () C:\Users\Public\Desktop\Medieval II Total War Britannia.lnk
2014-02-01 03:57 - 2013-04-29 19:43 - 00000633 _____ () C:\Users\Public\Desktop\Medieval II Total War Americas.lnk
2014-02-01 03:57 - 2013-04-29 19:24 - 00000580 _____ () C:\Users\Public\Desktop\Medieval II Total War.lnk
2014-02-01 03:33 - 2014-02-01 03:33 - 00000000 ____C () C:\autoexec.bat
2014-02-01 03:32 - 2014-02-01 03:32 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-02-01 03:29 - 2014-02-01 03:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Happy\Downloads\SpyHunter-Installer.exe
2014-01-31 21:24 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\AppData\Local\genienext
2014-01-29 21:07 - 2013-02-25 16:51 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\TS3Client
2014-01-29 18:13 - 2013-11-17 18:16 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\.minecraft
2014-01-29 03:07 - 2013-02-15 10:49 - 00709936 _____ () C:\Windows\system32\perfh007.dat
2014-01-29 03:07 - 2013-02-15 10:49 - 00154082 _____ () C:\Windows\system32\perfc007.dat
2014-01-29 03:07 - 2009-07-14 06:13 - 01670150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-29 03:06 - 2013-09-24 13:18 - 01615936 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-22 00:20 - 2014-01-22 00:20 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-01-22 00:20 - 2013-02-16 17:03 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-01-16 15:47 - 2011-10-11 13:20 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-16 12:03 - 2009-07-14 05:45 - 00277720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 09:59 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-16 03:01 - 2013-02-18 20:51 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 13:54 - 2014-01-14 13:54 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82(1).run
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Sun
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-14 13:52 - 2014-01-14 13:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-14 13:52 - 2014-01-14 13:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-14 13:50 - 2014-01-14 13:50 - 00915368 _____ (Oracle Corporation) C:\Users\Happy\Downloads\jxpiinstall.exe
2014-01-14 13:48 - 2014-01-14 13:47 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82.run
2014-01-14 13:46 - 2013-05-23 16:33 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-01-14 08:54 - 2014-01-14 08:54 - 00000606 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Local\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\ProgramData\WarThunder
2014-01-14 08:54 - 2013-05-06 22:44 - 00000000 ____D () C:\Users\Happy\Documents\My Games
2014-01-14 08:53 - 2014-01-14 08:53 - 04250672 _____ (2013 Gaijin Entertainment Corporation ) C:\Users\Happy\Downloads\wt_launcher_1.0.1.302.exe
2014-01-10 23:48 - 2014-01-10 23:48 - 00000222 _____ () C:\Users\Happy\Desktop\Torchlight II.url
2014-01-10 23:48 - 2013-05-07 12:31 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-10 23:33 - 2014-01-07 14:03 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-01-08 23:37 - 2014-01-08 23:37 - 00003180 _____ () C:\Windows\System32\Tasks\{49C70FF1-7A2F-4987-9DDD-4D64F786E4FC}
2014-01-08 16:02 - 2014-01-08 15:18 - 00000000 ____D () C:\Users\Happy\AppData\Local\AVG SafeGuard toolbar
2014-01-08 15:18 - 2014-01-07 14:26 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-01-08 15:18 - 2014-01-07 14:25 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-01-08 15:17 - 2014-01-08 15:18 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-01-08 02:13 - 2013-11-01 21:42 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\SoftGrid Client
2014-01-08 01:50 - 2014-01-08 01:50 - 00604819 _____ (Ryan Gregg ) C:\Users\Happy\Downloads\gcfscape185.exe
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Users\Happy\AppData\Local\Nem's Tools
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Program Files\Nem's Tools
2014-01-07 17:16 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\AppData\Local\Mobogenie
2014-01-07 17:16 - 2014-01-07 17:14 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\Documents\Mobogenie
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\AppData\Local\cache
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\.android
2014-01-07 17:15 - 2014-01-07 17:15 - 00000000 _____ () C:\Users\Happy\daemonprocess.txt
2014-01-07 17:11 - 2014-01-07 17:11 - 10109935 _____ () C:\Users\Happy\Downloads\ProbeII_V10419.zip
2014-01-07 17:10 - 2014-01-07 17:10 - 00923784 _____ (CNET Download.com) C:\Users\Happy\Downloads\cbsidlm-cbsi145-ATK0110_ACPI_UTILITY-ORG_DE-147367.exe
2014-01-07 16:58 - 2014-01-07 16:49 - 14024704 _____ () C:\Users\Happy\AppData\Roaming\Sandra.mdb
2014-01-07 16:49 - 2014-01-07 16:49 - 00001186 _____ () C:\Users\Public\Desktop\SiSoftware Sandra Lite 2014.RTM.lnk
2014-01-07 16:48 - 2014-01-07 16:48 - 00000000 ____D () C:\Program Files\SiSoftware
2014-01-07 16:47 - 2014-01-07 16:46 - 67530368 _____ (SiSoftware ) C:\Users\Happy\Downloads\san2010b.exe
2014-01-07 14:25 - 2014-01-07 14:25 - 00021712 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2014-01-07 14:25 - 2014-01-07 14:25 - 00001214 _____ () C:\Users\Public\Desktop\Find Drivers with BIOSAgentPlus.lnk
2014-01-07 14:24 - 2014-01-07 14:23 - 05511208 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Happy\Downloads\biosagentplus_setup_avg_40.exe
2014-01-07 14:03 - 2014-01-07 14:03 - 00000983 _____ () C:\Users\UpdatusUser\Desktop\SpeedFan.lnk
2014-01-07 14:03 - 2014-01-07 14:03 - 00000983 _____ () C:\Users\Happy\Desktop\SpeedFan.lnk
2014-01-07 14:03 - 2014-01-07 14:03 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-01-07 14:03 - 2014-01-07 13:58 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-01-07 14:02 - 2014-01-07 14:02 - 02143832 _____ () C:\Users\Happy\Downloads\instsf449(1).exe
2014-01-07 13:58 - 2014-01-07 13:58 - 02143832 _____ () C:\Users\Happy\Downloads\instsf449.exe
2014-01-07 13:43 - 2014-01-07 13:43 - 00001078 _____ () C:\Users\UpdatusUser\Desktop\EVEREST Home Edition.lnk
2014-01-07 13:43 - 2014-01-07 13:43 - 00001078 _____ () C:\Users\Happy\Desktop\EVEREST Home Edition.lnk
2014-01-07 13:43 - 2014-01-07 13:43 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-01-07 13:41 - 2014-01-07 13:41 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Happy\Downloads\everesthome220.exe

Files to move or delete:
====================
c:\windows\syswow64\nvinit.dll
C:\Users\Happy\AppData\Roaming\skype.ini


Some content of TEMP:
====================
C:\Users\Happy\AppData\Local\Temp\avgnt.exe
C:\Users\Happy\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\Happy\AppData\Local\Temp\Quarantine.exe
C:\Users\Happy\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-05 12:41

==================== End Of Log ============================

--- --- ---

problem ist weiterhin da

schrauber · 07.02.2014, 17:04

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

happyoki · 07.02.2014, 18:31

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=67fa9a9d04778d4196f3de92d1a8f2a0
# engine=16985
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-07 05:27:38
# local_time=2014-02-07 06:27:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 21354 4442083 17733 0
# compatibility_mode=5893 16776574 100 94 174966 143423908 0 0
# scanned=36532
# found=2
# cleaned=0
# scan_time=4128
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=6391F475328183373BB2BED2E5704E5088FF5C8A ft=1 fh=3d6e0b0b2f0f489a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir"

also bei securitycheck kommt immer der gleiche text..... unsupported operating system, aborting now, wenn das kleine schwarze fenster da auf ist, hab auch als administrator ausgeführt
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Happy (administrator) on HAPPY-PC on 07-02-2014 19:18:31
Running from C:\Users\Happy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(IGN Entertainment Inc.) C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Users\Happy\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3795376130-1755610981-1941546793-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\S-1-5-21-3795376130-1755610981-1941546793-1001\...\Run: [Comrade.exe] - C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe [36864 2007-06-29] (IGN Entertainment Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [241984 2011-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [203072 2011-10-16] (NVIDIA Corporation)
Startup: C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_14457426.lnk
ShortcutTarget: _uninst_14457426.lnk -> C:\Users\Happy\AppData\Local\Temp\_uninst_14457426.bat ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {5B4B9A86-71D5-4DFA-86B2-A9A3FB51431C} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=4a4ed3b478b04a4fbb2dc1de28dac300&tu=10G90006g1B000v&sku=&tstsId=&ver=&&r=567
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @ei.Allin1Convert_8h.com/Plugin - C:\Program Files (x86)\Allin1Convert_8hEI\Installr\1.bin\NP8hEISB.dll No File
FF Plugin-x32: @ei.UtilityChest_49.com/Plugin - C:\Program Files (x86)\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\searchplugins\search.xml.old
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Notificatoin - C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\Extensions\{941E9C01-F8E0-493E-B814-E693BC99A1A1} [2013-12-31]
FF Extension: AntiGameOrigin - C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\Extensions\antigameorigin@antigame.de.xpi [2013-11-15]
FF Extension: Greasemonkey - C:\Users\Happy\AppData\Roaming\Mozilla\Firefox\Profiles\bn61w0ho.default-1361456871571\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

Chrome: 
=======
CHR Extension: (Docs) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-01]
CHR Extension: (Google Drive) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-01]
CHR Extension: (Google Search) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-01]
CHR Extension: (Gmail) - C:\Users\Happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-01]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-05-25] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-09-24] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\RpcAgentSrv.exe [72344 2008-11-25] (SiSoftware)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-14] (TuneUp Software)
S2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R0 14457426; C:\Windows\System32\DRIVERS\14457426.sys [460888 2014-02-04] (Kaspersky Lab ZAO)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2014-01-08] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-08-28] (TuneUp Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-07 18:38 - 2014-02-07 18:38 - 00987425 _____ () C:\Users\Happy\Desktop\SecurityCheck.exe
2014-02-07 18:31 - 2014-02-07 18:31 - 00987425 _____ () C:\Users\Happy\Downloads\SecurityCheck.exe
2014-02-07 17:15 - 2014-02-07 17:16 - 02347384 _____ (ESET) C:\Users\Happy\Downloads\esetsmartinstaller_enu(1).exe
2014-02-06 19:28 - 2014-02-06 19:28 - 00002113 _____ () C:\Users\Happy\Desktop\JRT.txt
2014-02-06 19:17 - 2014-02-06 19:17 - 00000000 ____D () C:\Windows\ERUNT
2014-02-06 19:16 - 2014-02-06 19:16 - 01037530 _____ (Thisisu) C:\Users\Happy\Downloads\JRT.exe
2014-02-06 17:31 - 2014-02-06 17:31 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Malwarebytes
2014-02-06 17:30 - 2014-02-06 17:30 - 00001085 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-06 17:30 - 2014-02-06 17:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-06 17:30 - 2014-02-06 17:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-06 17:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-06 17:29 - 2014-02-06 17:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Happy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-06 15:04 - 2014-02-06 15:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 20:50 - 2014-02-07 19:18 - 00016299 _____ () C:\Users\Happy\Downloads\FRST.txt
2014-02-05 19:22 - 2014-02-05 19:22 - 02347384 _____ (ESET) C:\Users\Happy\Downloads\esetsmartinstaller_enu.exe
2014-02-05 18:45 - 2014-02-07 19:18 - 00000000 ____D () C:\Users\Happy\Downloads\FRST-OlderVersion
2014-02-05 18:30 - 2014-02-05 18:30 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Avira
2014-02-05 18:26 - 2014-02-05 18:26 - 00002042 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-02-05 18:26 - 2014-02-05 18:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-05 18:26 - 2013-12-18 09:32 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-02-05 18:26 - 2013-12-18 09:32 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-02-05 18:26 - 2013-12-18 09:32 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-02-05 18:12 - 2014-02-05 18:15 - 130658432 _____ () C:\Users\Happy\Downloads\avira_free_antivirus_de.exe
2014-02-05 17:44 - 2014-02-05 17:44 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-05 17:20 - 2014-02-06 19:12 - 00000000 ___DC () C:\AdwCleaner
2014-02-05 17:19 - 2014-02-05 17:20 - 01166132 _____ () C:\Users\Happy\Downloads\adwcleaner.exe
2014-02-05 17:16 - 2014-02-07 19:18 - 00000000 ___DC () C:\FRST
2014-02-05 17:15 - 2014-02-07 19:18 - 02079744 ____C (Farbar) C:\Users\Happy\Downloads\FRST64.exe
2014-02-05 14:37 - 2014-02-05 14:37 - 00005723 _____ () C:\Users\Happy\Documents\bericht.txt
2014-02-05 14:16 - 2014-02-05 14:16 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(2).exe
2014-02-05 10:39 - 2014-02-05 10:43 - 243681088 _____ () C:\Users\Happy\Downloads\kav14.0.0.4651abDE_5154.exe
2014-02-05 10:36 - 2014-02-05 10:36 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(1).exe
2014-02-05 01:33 - 2014-02-05 01:34 - 397688988 _____ () C:\Users\Happy\Documents\Image.nrg
2014-02-05 00:20 - 2014-02-05 00:20 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de.exe
2014-02-04 23:03 - 2014-02-04 23:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-04 23:02 - 2014-02-04 21:36 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\14457426.sys
2014-02-04 22:59 - 2014-02-04 23:02 - 134002232 _____ () C:\Users\Happy\Downloads\setup_11.0.1.1245.x01_2014_02_04_21_37.exe
2014-02-04 21:29 - 2014-02-05 10:59 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-02-04 21:24 - 2014-02-04 21:27 - 194045080 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-02-01 12:56 - 2014-02-05 19:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-01 12:54 - 2014-02-04 22:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-01 12:52 - 2014-02-01 12:54 - 90578216 _____ (AVAST Software) C:\Users\Happy\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-02-01 12:32 - 2014-02-01 12:53 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Nico Mak Computing
2014-02-01 12:29 - 2014-02-01 12:30 - 04892480 _____ (WinZip International LLC ) C:\Users\Happy\Downloads\wzmp_8.exe
2014-02-01 03:50 - 2014-02-01 04:22 - 00000000 ____D () C:\Users\Happy\AppData\Local\Microsoft Games
2014-02-01 03:33 - 2014-02-01 03:33 - 00000000 ____C () C:\autoexec.bat
2014-02-01 03:32 - 2014-02-01 03:32 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-02-01 03:29 - 2014-02-01 03:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Happy\Downloads\SpyHunter-Installer.exe
2014-01-22 00:20 - 2014-01-22 00:20 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-01-15 05:14 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 05:14 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 05:14 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 05:14 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 13:54 - 2014-01-14 13:54 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82(1).run
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Sun
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-14 13:53 - 2014-01-14 13:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-14 13:52 - 2014-01-14 13:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-14 13:50 - 2014-01-14 13:50 - 00915368 _____ (Oracle Corporation) C:\Users\Happy\Downloads\jxpiinstall.exe
2014-01-14 13:47 - 2014-01-14 13:48 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82.run
2014-01-14 08:54 - 2014-01-14 08:54 - 00000606 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Local\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\ProgramData\WarThunder
2014-01-14 08:53 - 2014-01-14 08:53 - 04250672 _____ (2013 Gaijin Entertainment Corporation ) C:\Users\Happy\Downloads\wt_launcher_1.0.1.302.exe
2014-01-11 12:33 - 2014-02-01 13:29 - 00003790 _____ () C:\Windows\System32\Tasks\DTReg
2014-01-10 23:48 - 2014-01-10 23:48 - 00000222 _____ () C:\Users\Happy\Desktop\Torchlight II.url
2014-01-08 23:37 - 2014-01-08 23:37 - 00003180 _____ () C:\Windows\System32\Tasks\{49C70FF1-7A2F-4987-9DDD-4D64F786E4FC}
2014-01-08 15:18 - 2014-01-08 16:02 - 00000000 ____D () C:\Users\Happy\AppData\Local\AVG SafeGuard toolbar
2014-01-08 15:18 - 2014-01-08 15:17 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-01-08 01:50 - 2014-01-08 01:50 - 00604819 _____ (Ryan Gregg ) C:\Users\Happy\Downloads\gcfscape185.exe
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Users\Happy\AppData\Local\Nem's Tools
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Program Files\Nem's Tools

==================== One Month Modified Files and Folders =======

2014-02-07 19:18 - 2014-02-05 20:50 - 00016299 _____ () C:\Users\Happy\Downloads\FRST.txt
2014-02-07 19:18 - 2014-02-05 18:45 - 00000000 ____D () C:\Users\Happy\Downloads\FRST-OlderVersion
2014-02-07 19:18 - 2014-02-05 17:16 - 00000000 ___DC () C:\FRST
2014-02-07 19:18 - 2014-02-05 17:15 - 02079744 ____C (Farbar) C:\Users\Happy\Downloads\FRST64.exe
2014-02-07 19:12 - 2013-02-19 14:45 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Skype
2014-02-07 18:38 - 2014-02-07 18:38 - 00987425 _____ () C:\Users\Happy\Desktop\SecurityCheck.exe
2014-02-07 18:32 - 2013-02-23 09:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-07 18:31 - 2014-02-07 18:31 - 00987425 _____ () C:\Users\Happy\Downloads\SecurityCheck.exe
2014-02-07 17:16 - 2014-02-07 17:15 - 02347384 _____ (ESET) C:\Users\Happy\Downloads\esetsmartinstaller_enu(1).exe
2014-02-07 14:13 - 2013-02-15 01:57 - 01637257 _____ () C:\Windows\WindowsUpdate.log
2014-02-07 08:12 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-07 08:12 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 22:04 - 2009-07-14 05:51 - 00101906 _____ () C:\Windows\setupact.log
2014-02-06 19:28 - 2014-02-06 19:28 - 00002113 _____ () C:\Users\Happy\Desktop\JRT.txt
2014-02-06 19:17 - 2014-02-06 19:17 - 00000000 ____D () C:\Windows\ERUNT
2014-02-06 19:16 - 2014-02-06 19:16 - 01037530 _____ (Thisisu) C:\Users\Happy\Downloads\JRT.exe
2014-02-06 19:16 - 2013-04-07 02:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-06 19:13 - 2013-02-21 12:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 19:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 19:12 - 2014-02-05 17:20 - 00000000 ___DC () C:\AdwCleaner
2014-02-06 19:08 - 2010-11-21 04:47 - 01351280 _____ () C:\Windows\PFRO.log
2014-02-06 17:31 - 2014-02-06 17:31 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Malwarebytes
2014-02-06 17:30 - 2014-02-06 17:30 - 00001085 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-06 17:30 - 2014-02-06 17:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-06 17:30 - 2014-02-06 17:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-06 17:29 - 2014-02-06 17:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Happy\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-06 15:04 - 2014-02-06 15:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 19:22 - 2014-02-05 19:22 - 02347384 _____ (ESET) C:\Users\Happy\Downloads\esetsmartinstaller_enu.exe
2014-02-05 19:15 - 2014-02-01 12:56 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-05 18:38 - 2013-02-17 16:15 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\CheckPoint
2014-02-05 18:30 - 2014-02-05 18:30 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Avira
2014-02-05 18:26 - 2014-02-05 18:26 - 00002042 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-02-05 18:26 - 2014-02-05 18:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-05 18:26 - 2013-02-18 21:09 - 00000000 ____D () C:\ProgramData\Avira
2014-02-05 18:22 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-05 18:15 - 2014-02-05 18:12 - 130658432 _____ () C:\Users\Happy\Downloads\avira_free_antivirus_de.exe
2014-02-05 17:44 - 2014-02-05 17:44 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-05 17:21 - 2013-02-16 16:13 - 00001076 _____ () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-02-05 17:20 - 2014-02-05 17:19 - 01166132 _____ () C:\Users\Happy\Downloads\adwcleaner.exe
2014-02-05 14:37 - 2014-02-05 14:37 - 00005723 _____ () C:\Users\Happy\Documents\bericht.txt
2014-02-05 14:16 - 2014-02-05 14:16 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(2).exe
2014-02-05 12:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-05 12:32 - 2013-02-23 09:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 12:32 - 2013-02-23 09:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 12:32 - 2011-10-11 13:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 11:11 - 2013-02-17 16:17 - 00000000 ____D () C:\Users\Happy\AppData\Local\CrashDumps
2014-02-05 11:04 - 2013-09-19 02:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-05 10:59 - 2014-02-04 21:29 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-02-05 10:43 - 2014-02-05 10:39 - 243681088 _____ () C:\Users\Happy\Downloads\kav14.0.0.4651abDE_5154.exe
2014-02-05 10:36 - 2014-02-05 10:36 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de(1).exe
2014-02-05 01:34 - 2014-02-05 01:33 - 397688988 _____ () C:\Users\Happy\Documents\Image.nrg
2014-02-05 01:34 - 2013-05-13 11:43 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Nero
2014-02-05 00:20 - 2014-02-05 00:20 - 00179984 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de.exe
2014-02-04 23:03 - 2014-02-04 23:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-04 23:03 - 2013-02-15 22:05 - 00000000 ___RD () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-04 23:02 - 2014-02-04 22:59 - 134002232 _____ () C:\Users\Happy\Downloads\setup_11.0.1.1245.x01_2014_02_04_21_37.exe
2014-02-04 22:49 - 2014-02-01 12:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-04 21:36 - 2014-02-04 23:02 - 00460888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\14457426.sys
2014-02-04 21:27 - 2014-02-04 21:24 - 194045080 _____ (Kaspersky Lab) C:\Users\Happy\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-02-04 21:17 - 2014-01-07 14:26 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-02-01 13:29 - 2014-01-11 12:33 - 00003790 _____ () C:\Windows\System32\Tasks\DTReg
2014-02-01 13:29 - 2013-02-16 16:11 - 00000306 __RSH () C:\Users\Happy\ntuser.pol
2014-02-01 13:29 - 2013-02-15 22:03 - 00000000 ____D () C:\Users\Happy
2014-02-01 12:56 - 2013-12-31 02:48 - 00000000 ____D () C:\Users\Happy\AppData\Local\Google
2014-02-01 12:54 - 2014-02-01 12:52 - 90578216 _____ (AVAST Software) C:\Users\Happy\Downloads\avast_free_antivirus_setup_9.0.2013.exe
2014-02-01 12:53 - 2014-02-01 12:32 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Nico Mak Computing
2014-02-01 12:30 - 2014-02-01 12:29 - 04892480 _____ (WinZip International LLC ) C:\Users\Happy\Downloads\wzmp_8.exe
2014-02-01 04:22 - 2014-02-01 03:50 - 00000000 ____D () C:\Users\Happy\AppData\Local\Microsoft Games
2014-02-01 03:57 - 2013-04-29 19:58 - 00000633 _____ () C:\Users\Public\Desktop\Medieval II Total War Teutonic.lnk
2014-02-01 03:57 - 2013-04-29 19:51 - 00000633 _____ () C:\Users\Public\Desktop\Medieval II Total War Crusades.lnk
2014-02-01 03:57 - 2013-04-29 19:47 - 00000643 _____ () C:\Users\Public\Desktop\Medieval II Total War Britannia.lnk
2014-02-01 03:57 - 2013-04-29 19:43 - 00000633 _____ () C:\Users\Public\Desktop\Medieval II Total War Americas.lnk
2014-02-01 03:57 - 2013-04-29 19:24 - 00000580 _____ () C:\Users\Public\Desktop\Medieval II Total War.lnk
2014-02-01 03:33 - 2014-02-01 03:33 - 00000000 ____C () C:\autoexec.bat
2014-02-01 03:32 - 2014-02-01 03:32 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-02-01 03:29 - 2014-02-01 03:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Happy\Downloads\SpyHunter-Installer.exe
2014-01-31 21:24 - 2014-01-07 17:15 - 00000000 ____D () C:\Users\Happy\AppData\Local\genienext
2014-01-29 21:07 - 2013-02-25 16:51 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\TS3Client
2014-01-29 18:13 - 2013-11-17 18:16 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\.minecraft
2014-01-29 03:07 - 2013-02-15 10:49 - 00709936 _____ () C:\Windows\system32\perfh007.dat
2014-01-29 03:07 - 2013-02-15 10:49 - 00154082 _____ () C:\Windows\system32\perfc007.dat
2014-01-29 03:07 - 2009-07-14 06:13 - 01670150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-29 03:06 - 2013-09-24 13:18 - 01615936 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-22 00:20 - 2014-01-22 00:20 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-01-22 00:20 - 2013-02-16 17:03 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-01-16 15:47 - 2011-10-11 13:20 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-16 12:03 - 2009-07-14 05:45 - 00277720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 09:59 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-16 03:01 - 2013-02-18 20:51 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 13:54 - 2014-01-14 13:54 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82(1).run
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Sun
2014-01-14 13:53 - 2014-01-14 13:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-14 13:52 - 2014-01-14 13:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-14 13:52 - 2014-01-14 13:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-14 13:52 - 2014-01-14 13:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-14 13:50 - 2014-01-14 13:50 - 00915368 _____ (Oracle Corporation) C:\Users\Happy\Downloads\jxpiinstall.exe
2014-01-14 13:48 - 2014-01-14 13:47 - 48835303 _____ () C:\Users\Happy\Downloads\NVIDIA-Linux-x86_64-319.82.run
2014-01-14 13:46 - 2013-05-23 16:33 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-01-14 08:54 - 2014-01-14 08:54 - 00000606 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\Users\Happy\AppData\Local\WarThunder
2014-01-14 08:54 - 2014-01-14 08:54 - 00000000 ____D () C:\ProgramData\WarThunder
2014-01-14 08:54 - 2013-05-06 22:44 - 00000000 ____D () C:\Users\Happy\Documents\My Games
2014-01-14 08:53 - 2014-01-14 08:53 - 04250672 _____ (2013 Gaijin Entertainment Corporation ) C:\Users\Happy\Downloads\wt_launcher_1.0.1.302.exe
2014-01-10 23:48 - 2014-01-10 23:48 - 00000222 _____ () C:\Users\Happy\Desktop\Torchlight II.url
2014-01-10 23:48 - 2013-05-07 12:31 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-10 23:33 - 2014-01-07 14:03 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-01-08 23:37 - 2014-01-08 23:37 - 00003180 _____ () C:\Windows\System32\Tasks\{49C70FF1-7A2F-4987-9DDD-4D64F786E4FC}
2014-01-08 16:02 - 2014-01-08 15:18 - 00000000 ____D () C:\Users\Happy\AppData\Local\AVG SafeGuard toolbar
2014-01-08 15:18 - 2014-01-07 14:26 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-01-08 15:18 - 2014-01-07 14:25 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-01-08 15:17 - 2014-01-08 15:18 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-01-08 02:13 - 2013-11-01 21:42 - 00000000 ____D () C:\Users\Happy\AppData\Roaming\SoftGrid Client
2014-01-08 01:50 - 2014-01-08 01:50 - 00604819 _____ (Ryan Gregg ) C:\Users\Happy\Downloads\gcfscape185.exe
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Users\Happy\AppData\Local\Nem's Tools
2014-01-08 01:50 - 2014-01-08 01:50 - 00000000 ____D () C:\Program Files\Nem's Tools

Files to move or delete:
====================
c:\windows\syswow64\nvinit.dll
C:\Users\Happy\AppData\Roaming\skype.ini


Some content of TEMP:
====================
C:\Users\Happy\AppData\Local\Temp\avgnt.exe
C:\Users\Happy\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\Happy\AppData\Local\Temp\Quarantine.exe
C:\Users\Happy\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-05 12:41

==================== End Of Log ============================

--- --- ---

der rotz ist auch immer noch drauf, ich könnte verzweifeln^^

schrauber · 08.02.2014, 13:27

Firefox komplett deinstallieren, keine Daten behalten, dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Startup: C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_14457426.lnk
ShortcutTarget: _uninst_14457426.lnk -> C:\Users\Happy\AppData\Local\Temp\_uninst_14457426.bat ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group
c:\windows\syswow64\nvinit.dll
C:\Users\Happy\AppData\Roaming\skype.ini

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

happyoki · 09.02.2014, 01:16

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2014
Ran by Happy at 2014-02-09 01:14:50 Run:5
Running from C:\Users\Happy\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Startup: C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_14457426.lnk
ShortcutTarget: _uninst_14457426.lnk -> C:\Users\Happy\AppData\Local\Temp\_uninst_14457426.bat ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group
c:\windows\syswow64\nvinit.dll
C:\Users\Happy\AppData\Roaming\skype.ini
*****************

C:\Users\Happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_14457426.lnk => Moved successfully.
C:\Users\Happy\AppData\Local\Temp\_uninst_14457426.bat => Moved successfully.
esgiguard => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
c:\windows\syswow64\nvinit.dll => Moved successfully.
C:\Users\Happy\AppData\Roaming\skype.ini => Moved successfully.

==== End of Fixlog ====

also bis jetzt sieht es gut aus, denke mal ich sollte nach dem deinstallieren firefox neu installieren, oder ?

schrauber · 09.02.2014, 17:14

klar

happyoki · 09.02.2014, 18:50

also es ist wieder alles top und vielen vielen dank das hat auch eine spende verdient

aber eine sache hätte ich da noch, was war das nun da ja semtliche virenprogramme laufen hatte und keiner zeigte mir was, nur deine programme hatten erst was endeckt und am ende auch das problem gelöst

schrauber · 10.02.2014, 16:20

Jede Menge Adware

09.02.2014, 17:14	#10
schrauber /// the machine /// TB-Ausbilder	firefox, texte im internet grün unterstrichen und öffnen popups klar __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

10.02.2014, 16:20	#12
schrauber /// the machine /// TB-Ausbilder	firefox, texte im internet grün unterstrichen und öffnen popups Jede Menge Adware __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

firefox, texte im internet grün unterstrichen und öffnen popups

Plagegeister aller Art und deren Bekämpfung: firefox, texte im internet grün unterstrichen und öffnen popups