Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
PUP Optional Virus auf Windows 8

PUP Optional Virus auf Windows 8


Log-Analyse und Auswertung: PUP Optional Virus auf Windows 8

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 03.04.2014, 13:01   #1
Hutgebirge
 
PUP Optional Virus auf Windows 8 - Standard

PUP Optional Virus auf Windows 8


Hallo liebes Trojaner-Board-Team,
beim letzten Systemscan wurde mir angezeigt, dass es mit einem PUP optional virus befallen ist und bevor ich selber alles mögliche probiere wollte ich mich an euch Profis wenden.
Ich hoffe ihr könnt mich hier durch- und den Virus "um die Ecke" bringen.
Vielen Dank für eure Hilfe und Mühe.

Hier ist der Log von Malewarebytes:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.04.03.02

Windows 8 x86 NTFS
Internet Explorer 10.0.9200.16843
Simon :: SIMON [administrator]

03.04.2014 12:18:36
MBAM-log-2014-04-03 (12-40-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203214
Time elapsed: 5 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma (PUP.Optional.QuickStart.A) -> No action taken.

Registry Values Detected: 1
HKCU\Software\Mozilla\Firefox\Extensions|{b75b9344-772d-4707-ae6e-02f3eea821bc} (PUP.Optional.ReMarkIt.A) -> Data: C:\Program Files\Re-markit-soft\157.xpi -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 41
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0 (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\userCode (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\icons (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\icons\actions (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\popupResource (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel (PUP.Optional.ReMarkit.A) -> No action taken.
C:\Program Files\Re-markit-soft (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0 (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\img (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\img\weather (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\js (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\en (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\es (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\es_419 (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\fr (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\fr-BE (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\fr-CA (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\fr-CH (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\fr-LU (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\it (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\it-CH (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\pl (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\pt_BR (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\ru (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\ru-MO (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\tr (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\vi (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\zh_CN (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\zh_TW (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0 (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0 (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm (PUP.Optional.CrossRider.A) -> No action taken.

Files Detected: 146
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0.localstorage (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0.localstorage-journal (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0.localstorage (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0.localstorage-journal (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\background.html (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\chromeCoreFilesIndex.txt (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\crossriderManifest.json (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\manifest.json (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\popup.html (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\manifest.xml (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins.json (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\1.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\102.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\103.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\104.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\119.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\13.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\14.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\17.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\177.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\179.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\180.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\182.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\183.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\19.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\191.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\207.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\21.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\22.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\223.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\231.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\232.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\242.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\246.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\28.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\4.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\47.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\64.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\72.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\78.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\80.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\91.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\93.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\97.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\userCode\background.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\userCode\extension.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\icons\icon128.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\icons\icon16.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\icons\icon48.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\icons\actions\1.png (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\background.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\main.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\platformVersion.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\chrome.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\cookie.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\message.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\monitor.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\pageAction.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\pageActionBG.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\app_api.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\bg_app_api.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\consts.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\cookie_store.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\crossriderAPI.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\delegate.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\events.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\extensionDataStore.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\installer.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\logFile.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\logging.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\onBGDocumentLoad.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\reports.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\storageWrapper.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\updateManager.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\util.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\xhr.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\popupResource\newPopup.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\popupResource\popup.js (PUP.Optional.CrossRider.A) -> No action taken.
C:\Program Files\Re-markit-soft\157.crx (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\157.dat (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\157.xpi (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\a.db (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\b.db (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\Re-markit157.bin (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\Re-markit157.exe (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\Re-markit157.ini (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\Re-markit_wd.exe (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\ReMar.exe (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\Sqlite3.dll (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Program Files\Re-markit-soft\Uninstall.exe (PUP.Optional.ReMarkIt.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\background.html (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\index.html (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\manifest.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\style.css (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\img\default_logo.png (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\img\default_logo0.png (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\img\icon128.png (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\img\icon16.png (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\img\icon48.png (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\img\loading.gif (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\img\search.png (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\img\weather\0.png (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\js\background.js (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\js\ga.js (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\js\inject.js (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\js\jquery-base.js (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\js\jquery.autocomplete.js (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\js\js.js (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\js\xagainit.js (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\en\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\es\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\es_419\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\fr\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\fr-BE\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\fr-CA\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\fr-CH\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\fr-LU\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\it\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\it-CH\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\pl\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\pt_BR\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\ru\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\ru-MO\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\tr\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\vi\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\zh_CN\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.1_0\_locales\zh_TW\messages.json (PUP.Optional.QuickStart.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0\2 (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo\000005.ldb (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo\000009.log (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo\CURRENT (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo\LOCK (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo\LOG (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo\LOG.old (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo\MANIFEST-000007 (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0\3 (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000021.ldb (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000023.ldb (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000026.ldb (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000027.log (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\CURRENT (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOCK (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOG (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOG.old (PUP.Optional.CrossRider.A) -> No action taken.
C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\MANIFEST-000025 (PUP.Optional.CrossRider.A) -> No action taken.

(end)
FRST:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Simon (administrator) on SIMON on 03-04-2014 12:38:28
Running from C:\Users\Darell\Downloads
Microsoft Windows 8 Pro (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\LiveComm.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Darell\Downloads\Defogger.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC62E22434732CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,en-US;q=0.5,en;q=0.3
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Google Docs) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-14]
CHR Extension: (Google Drive) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-14]
CHR Extension: (YouTube) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-14]
CHR Extension: (Google-Suche) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-14]
CHR Extension: (Re-markit) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel [2014-03-17]
CHR Extension: (HQ-Video-Pro-1.9) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-03-17]
CHR Extension: (Google Wallet) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-14]
CHR Extension: (Quick Start) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-03-17]
CHR Extension: (Google Mail) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-14]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14480 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [135648 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [24576 2012-07-26] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-04-03] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-03 12:38 - 2014-04-03 12:38 - 00007235 _____ () C:\Users\Darell\Downloads\FRST.txt
2014-04-03 12:38 - 2014-04-03 12:38 - 00000000 ____D () C:\FRST
2014-04-03 12:37 - 2014-04-03 12:37 - 01145856 _____ (Farbar) C:\Users\Darell\Downloads\FRST.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00050477 _____ () C:\Users\Darell\Downloads\Defogger.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00000472 _____ () C:\Users\Darell\Downloads\defogger_disable.log
2014-04-03 12:36 - 2014-04-03 12:36 - 00000000 _____ () C:\Users\Darell\defogger_reenable
2014-04-03 12:09 - 2014-04-03 12:09 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-03-17 14:42 - 2014-04-01 14:49 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-17 14:42 - 2014-03-17 14:42 - 00001991 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Adobe
2014-03-17 14:41 - 2014-04-01 11:43 - 00000000 ____D () C:\Users\Darell\AppData\Local\Adobe
2014-03-17 13:13 - 2014-03-17 13:13 - 00001069 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-17 13:13 - 2013-04-04 15:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 13:06 - 2014-03-17 13:13 - 00000000 ____D () C:\AdwCleaner
2014-03-17 13:06 - 2014-03-17 13:06 - 01950720 _____ () C:\Users\Darell\Downloads\adwcleaner.exe
2014-03-17 13:05 - 2014-03-17 13:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Darell\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-17 12:31 - 2014-03-17 12:31 - 00000000 ____D () C:\Users\Darell\AppData\Local\Apps\2.0
2014-03-17 12:24 - 2014-03-17 12:24 - 00313824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 12:13 - 2014-03-17 12:16 - 00000160 _____ () C:\Users\Darell\AppData\Roaming\aps.uninstall.scan.results
2014-03-17 12:12 - 2014-03-17 12:11 - 00954776 _____ (AnyProtect.com) C:\Users\Darell\AppData\Local\nsuB3D7.tmp
2014-03-17 12:11 - 2014-03-17 12:11 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-03-17 12:11 - 2014-03-17 12:11 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-03-13 19:45 - 2007-05-31 20:30 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-03-13 19:45 - 2007-05-31 20:29 - 00018280 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_2.dll
2014-03-13 19:45 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-03-13 19:45 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-03-13 19:45 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-03-13 19:45 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-03-13 19:45 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-03-13 19:45 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-03-13 19:45 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-03-13 19:45 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-03-13 19:45 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-03-13 19:45 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-03-13 19:45 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-03-13 19:45 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-03-13 19:45 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-03-13 19:45 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-03-13 19:45 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-03-13 19:45 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-03-13 19:45 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-03-13 19:45 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-03-13 19:45 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-03-13 19:45 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-03-13 19:45 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-03-13 19:45 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-03-13 19:45 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-03-13 19:45 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-03-13 19:45 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-03-13 19:45 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-03-13 19:45 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-03-13 19:45 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-03-13 19:45 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-03-13 19:44 - 2014-03-13 19:45 - 00082275 _____ () C:\Windows\DirectX.log
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Einzelspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00000175 _____ () C:\Windows\DXError.log
2014-03-13 19:43 - 2014-03-17 19:36 - 00000000 ____D () C:\Users\Darell\Documents\Baby
2014-03-13 19:42 - 2014-03-13 19:42 - 00000319 _____ () C:\Windows\game.ini
2014-03-13 19:33 - 2014-03-13 19:33 - 00000000 ____D () C:\Program Files\Activision
2014-03-13 19:27 - 2014-03-13 19:42 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-13 19:27 - 2014-03-13 19:27 - 00002003 _____ () C:\Users\Public\Desktop\Brother Utilities.lnk
2014-03-13 19:27 - 2014-03-13 19:27 - 00000000 ____D () C:\Program Files\Brother
2014-03-13 19:27 - 2009-01-15 20:20 - 00003072 _____ (Brother Industries Ltd.) C:\Windows\system32\BrDctF2S.dll
2014-03-13 19:27 - 2008-06-17 16:33 - 00167936 _____ (brother) C:\Windows\system32\NSSearch.dll
2014-03-13 19:27 - 2007-12-13 23:16 - 00073728 _____ (Brother Industries Ltd.) C:\Windows\system32\BrDctF2.dll
2014-03-13 19:27 - 2007-12-13 23:16 - 00005632 _____ (Brother Industries Ltd.) C:\Windows\system32\BrDctF2L.dll
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\Downloads\mflpro
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\InstallShield
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\ProgramData\Brother
2014-03-13 19:23 - 2014-03-13 19:24 - 44735560 _____ (A.I.SOFT,INC.) C:\Users\Darell\Downloads\DCP-7045N-inst-win8-A1.EXE
2014-03-12 17:25 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 17:25 - 2013-12-07 07:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-12 17:25 - 2013-10-25 06:56 - 00030224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-12 17:25 - 2013-10-25 00:33 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-12 17:24 - 2014-02-23 08:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 00661504 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 17:24 - 2014-02-23 08:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 17:24 - 2014-02-23 08:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 17:24 - 2014-02-08 06:08 - 03387904 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 17:24 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-09 22:12 - 2014-03-09 22:19 - 00000000 ____D () C:\Users\Darell\Documents\ALG II

==================== One Month Modified Files and Folders =======

2014-04-03 12:38 - 2014-04-03 12:38 - 00007235 _____ () C:\Users\Darell\Downloads\FRST.txt
2014-04-03 12:38 - 2014-04-03 12:38 - 00000000 ____D () C:\FRST
2014-04-03 12:37 - 2014-04-03 12:37 - 01145856 _____ (Farbar) C:\Users\Darell\Downloads\FRST.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00050477 _____ () C:\Users\Darell\Downloads\Defogger.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00000472 _____ () C:\Users\Darell\Downloads\defogger_disable.log
2014-04-03 12:36 - 2014-04-03 12:36 - 00000000 _____ () C:\Users\Darell\defogger_reenable
2014-04-03 12:36 - 2014-02-14 21:36 - 00000000 ____D () C:\Users\Darell
2014-04-03 12:25 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-03 12:12 - 2014-02-14 22:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 12:09 - 2014-04-03 12:09 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-04-03 12:04 - 2014-02-14 21:36 - 01195922 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 12:00 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\system32\sru
2014-04-03 11:44 - 2014-02-14 22:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-01 22:54 - 2014-02-20 23:57 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\vlc
2014-04-01 14:51 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-01 14:49 - 2014-03-17 14:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-01 11:44 - 2014-02-14 22:48 - 00000000 ____D () C:\Users\Darell\Documents\UNI
2014-04-01 11:43 - 2014-03-17 14:41 - 00000000 ____D () C:\Users\Darell\AppData\Local\Adobe
2014-04-01 11:43 - 2014-02-14 21:37 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\Adobe
2014-04-01 09:42 - 2014-02-14 21:08 - 01654648 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-23 19:33 - 2014-02-16 19:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-23 19:32 - 2014-02-16 19:59 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-23 19:32 - 2012-07-26 06:17 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-17 19:36 - 2014-03-13 19:43 - 00000000 ____D () C:\Users\Darell\Documents\Baby
2014-03-17 14:42 - 2014-03-17 14:42 - 00001991 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Adobe
2014-03-17 14:36 - 2014-02-14 20:47 - 00112966 _____ () C:\Windows\PFRO.log
2014-03-17 14:36 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\IME
2014-03-17 14:36 - 2012-07-26 08:04 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-17 14:36 - 2012-07-26 06:17 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-17 14:30 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\rescache
2014-03-17 13:13 - 2014-03-17 13:13 - 00001069 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-17 13:13 - 2014-03-17 13:06 - 00000000 ____D () C:\AdwCleaner
2014-03-17 13:09 - 2014-02-14 22:03 - 00001238 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-17 13:06 - 2014-03-17 13:06 - 01950720 _____ () C:\Users\Darell\Downloads\adwcleaner.exe
2014-03-17 13:06 - 2014-03-17 13:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Darell\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-17 12:31 - 2014-03-17 12:31 - 00000000 ____D () C:\Users\Darell\AppData\Local\Apps\2.0
2014-03-17 12:24 - 2014-03-17 12:24 - 00313824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 12:16 - 2014-03-17 12:13 - 00000160 _____ () C:\Users\Darell\AppData\Roaming\aps.uninstall.scan.results
2014-03-17 12:11 - 2014-03-17 12:12 - 00954776 _____ (AnyProtect.com) C:\Users\Darell\AppData\Local\nsuB3D7.tmp
2014-03-17 12:11 - 2014-03-17 12:11 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-03-17 12:11 - 2014-03-17 12:11 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-03-17 12:11 - 2012-07-26 08:53 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ___RD () C:\Windows\ToastData
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-13 19:45 - 2014-03-13 19:44 - 00082275 _____ () C:\Windows\DirectX.log
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Einzelspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00000175 _____ () C:\Windows\DXError.log
2014-03-13 19:42 - 2014-03-13 19:42 - 00000319 _____ () C:\Windows\game.ini
2014-03-13 19:42 - 2014-03-13 19:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-13 19:33 - 2014-03-13 19:33 - 00000000 ____D () C:\Program Files\Activision
2014-03-13 19:30 - 2014-02-14 21:36 - 00000000 ____D () C:\Users\Darell\AppData\Local\VirtualStore
2014-03-13 19:27 - 2014-03-13 19:27 - 00002003 _____ () C:\Users\Public\Desktop\Brother Utilities.lnk
2014-03-13 19:27 - 2014-03-13 19:27 - 00000000 ____D () C:\Program Files\Brother
2014-03-13 19:27 - 2014-02-26 16:50 - 00000065 _____ () C:\Windows\system32\BD7045N.DAT
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\Downloads\mflpro
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\InstallShield
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\ProgramData\Brother
2014-03-13 19:24 - 2014-03-13 19:23 - 44735560 _____ (A.I.SOFT,INC.) C:\Users\Darell\Downloads\DCP-7045N-inst-win8-A1.EXE
2014-03-09 22:19 - 2014-03-09 22:12 - 00000000 ____D () C:\Users\Darell\Documents\ALG II
2014-03-05 00:52 - 2014-02-17 02:49 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-05 00:52 - 2014-02-17 02:49 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Darell\AppData\Local\Temp\avgnt.exe
C:\Users\Darell\AppData\Local\Temp\BackupSetup.exe
C:\Users\Darell\AppData\Local\Temp\Offercast_AVIRAV7_.exe
C:\Users\Darell\AppData\Local\Temp\ose00000.exe
C:\Users\Darell\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-28 18:52

==================== End Of Log ============================
Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Simon at 2014-04-03 12:38:48
Running from C:\Users\Darell\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

==================== Restore Points  =========================

13-03-2014 17:26:52 Installiert MFL-Pro Suite
23-03-2014 17:32:20 Windows Update
02-04-2014 14:45:29 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 06:17 - 2012-07-26 06:17 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1E84DCB8-8C84-4436-A108-209A65086823} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {545C008C-4471-44F8-AD15-96CB8BB2BB0C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {56F59500-C4D1-4720-859F-13B4998AA792} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {8349FCC6-3CB9-49E8-AD80-6991725A9B27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-14] (Google Inc.)
Task: {98138208-FAB6-4DCD-8BAF-8BB959879AC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-14] (Google Inc.)
Task: {99768757-32DC-4E02-BE1E-2FE4783695EE} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D3D41176-3DCA-4F40-9A93-A3458ADB2754} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {EF9592CE-7796-47A6-9CD5-8630640D45BB} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-14 22:11 - 2013-12-09 12:37 - 00394808 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2014-03-13 19:27 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2012-07-26 10:49 - 2012-07-26 10:46 - 00143216 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2014-03-13 19:27 - 2012-09-25 12:26 - 01163264 _____ () C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
2014-03-17 12:10 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
2014-04-03 12:36 - 2014-04-03 12:36 - 00050477 _____ () C:\Users\Darell\Downloads\Defogger.exe

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2014 11:44:57 AM) (Source: ESENT) (User: )
Description: taskhostex (5228) Versuch, Datei "C:\Users\Darell\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (04/03/2014 11:44:24 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/03 11:44:24.753]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5

Error: (04/02/2014 04:03:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Die App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (04/02/2014 00:58:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Die App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (04/02/2014 00:58:25 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/02 12:58:25.726]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5

Error: (04/02/2014 11:19:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Das Paket „winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (04/02/2014 11:19:16 AM) (Source: Application Hang) (User: )
Description: Programm WWAHost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d9c

Startzeit: 01cf4e5490dfb308

Endzeit: 4294967295

Anwendungspfad: C:\Windows\System32\WWAHost.exe

Berichts-ID: dc5e783a-ba47-11e3-afa6-0023548c8044

Vollständiger Name des fehlerhaften Pakets: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Windows.Store

Error: (04/02/2014 11:17:28 AM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 33.0.1750.154 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 230

Startzeit: 01cf4e4218dbd7ca

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\Google\Chrome\Application\chrome.exe

Berichts-ID: 9ba38fa8-ba47-11e3-afa6-0023548c8044

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/02/2014 11:17:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Das Paket „DefaultBrowser_NOPUBLISHERID“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (04/02/2014 09:49:59 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/02 09:49:59.249]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5


System errors:
=============
Error: (04/01/2014 08:07:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
%%1

Error: (03/27/2014 11:25:38 AM) (Source: DCOM) (User: Simon)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/27/2014 11:25:38 AM) (Source: DCOM) (User: Simon)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 03:33:39 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 01:10:16 PM) (Source: nvraid) (User: )
Description: 


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 3071.22 MB
Available physical RAM: 1662.96 MB
Total Pagefile: 4159.22 MB
Available Pagefile: 1652.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1847.89 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:583.19 GB) (Free:425.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:12.98 GB) (Free:1.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: (DVDVolume) (CDROM) (Total:7.57 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=583 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

==================== End Of Log ============================
GMER:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-03 12:54:39
Windows 6.2.9200  \Device\Harddisk0\DR0 -> \Device\0000002f WDC_WD64 rev.01.0 596,17GB
Running: Gmer-19357.exe; Driver: C:\Users\Darell\AppData\Local\Temp\agldypod.sys


---- System - GMER 2.1 ----

SSDT   907AEE87                                                                                                                ZwTerminateProcess
SSDT   907AEEFA                                                                                                                ZwSystemDebugControl
SSDT   907AEEF5                                                                                                                ZwSetSecurityObject
SSDT   907AEEEB                                                                                                                ZwSetContextThread
SSDT   907AEEF0                                                                                                                ZwRequestWaitReplyPort
SSDT   907AEEE6                                                                                                                ZwCreateSection

---- Kernel code sections - GMER 2.1 ----

.text  ntoskrnl.exe!ZwReplacePartitionUnit + 26B1                                                                              81753AB5 1 Byte  [06]
.text  ntoskrnl.exe!KiDispatchInterrupt + 66A                                                                                  8175839A 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
?      System32\drivers\busxbijj.sys                                                                                           Das System kann den angegebenen Pfad nicht finden. !
.text  C:\Windows\system32\DRIVERS\atikmdag.sys                                                                                section is writeable [0x92814000, 0x2BFDB0, 0xE8000020]

---- User code sections - GMER 2.1 ----

.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtUnmapViewOfSection + 5                           77D54B99 4 Bytes  [BA, 68, 07, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtUnmapViewOfSection + A                           77D54B9E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtTerminateProcess                                 77D54CC8 5 Bytes  JMP 00A0EAD6 C:\Program Files\Google\Chrome\Application\chrome.exe
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationThread + 5                         77D54FB1 4 Bytes  [BA, 28, 06, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationThread + A                         77D54FB6 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationFile + 5                           77D55029 4 Bytes  [BA, 28, 05, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtSetInformationFile + A                           77D5502E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryFullAttributesFile + A                      77D55846 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryAttributesFile + 5                          77D5591D 4 Bytes  [BA, A8, 04, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtQueryAttributesFile + A                          77D55922 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadTokenEx + A                            77D55A8A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadToken + 5                              77D55A99 4 Bytes  [BA, 68, 06, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThreadToken + A                              77D55A9E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThread + 5                                   77D55AAD 4 Bytes  [BA, 68, 05, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenThread + A                                   77D55AB2 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessTokenEx + 5                           77D55B25 4 Bytes  [BA, A8, 06, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessTokenEx + A                           77D55B2A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcessToken + A                             77D55B3E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcess + 5                                  77D55B4D 4 Bytes  [BA, A8, 05, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenProcess + A                                  77D55B52 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenFile + 5                                     77D55C29 4 Bytes  [BA, 68, 04, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtOpenFile + A                                     77D55C2E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtMapViewOfSection + 5                             77D55D05 4 Bytes  [BA, 28, 07, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtMapViewOfSection + A                             77D55D0A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtCreateFile + 5                                   77D565A9 4 Bytes  [BA, 28, 04, AD]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[940] ntdll.dll!NtCreateFile + A                                   77D565AE 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtUnmapViewOfSection + 5                          77D54B99 4 Bytes  [BA, 68, D7, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtUnmapViewOfSection + A                          77D54B9E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtTerminateProcess                                77D54CC8 5 Bytes  JMP 00A0EAD6 C:\Program Files\Google\Chrome\Application\chrome.exe
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtSetInformationThread + 5                        77D54FB1 4 Bytes  [BA, 28, D6, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtSetInformationThread + A                        77D54FB6 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtSetInformationFile + 5                          77D55029 4 Bytes  [BA, 28, D5, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtSetInformationFile + A                          77D5502E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtQueryFullAttributesFile + A                     77D55846 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtQueryAttributesFile + 5                         77D5591D 4 Bytes  [BA, A8, D4, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtQueryAttributesFile + A                         77D55922 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenThreadTokenEx + A                           77D55A8A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenThreadToken + 5                             77D55A99 4 Bytes  [BA, 68, D6, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenThreadToken + A                             77D55A9E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenThread + 5                                  77D55AAD 4 Bytes  [BA, 68, D5, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenThread + A                                  77D55AB2 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenProcessTokenEx + 5                          77D55B25 4 Bytes  [BA, A8, D6, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenProcessTokenEx + A                          77D55B2A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenProcessToken + A                            77D55B3E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenProcess + 5                                 77D55B4D 4 Bytes  [BA, A8, D5, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenProcess + A                                 77D55B52 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenFile + 5                                    77D55C29 4 Bytes  [BA, 68, D4, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtOpenFile + A                                    77D55C2E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtMapViewOfSection + 5                            77D55D05 4 Bytes  [BA, 28, D7, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtMapViewOfSection + A                            77D55D0A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtCreateFile + 5                                  77D565A9 4 Bytes  [BA, 28, D4, C3]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[3992] ntdll.dll!NtCreateFile + A                                  77D565AE 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtUnmapViewOfSection + 5                          77D54B99 4 Bytes  [BA, 68, E3, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtUnmapViewOfSection + A                          77D54B9E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtTerminateProcess                                77D54CC8 5 Bytes  JMP 00A0EAD6 C:\Program Files\Google\Chrome\Application\chrome.exe
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtSetInformationThread + 5                        77D54FB1 4 Bytes  [BA, 28, E2, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtSetInformationThread + A                        77D54FB6 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtSetInformationFile + 5                          77D55029 4 Bytes  [BA, 28, E1, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtSetInformationFile + A                          77D5502E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtQueryFullAttributesFile + A                     77D55846 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtQueryAttributesFile + 5                         77D5591D 4 Bytes  [BA, A8, E0, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtQueryAttributesFile + A                         77D55922 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenThreadTokenEx + A                           77D55A8A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenThreadToken + 5                             77D55A99 4 Bytes  [BA, 68, E2, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenThreadToken + A                             77D55A9E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenThread + 5                                  77D55AAD 4 Bytes  [BA, 68, E1, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenThread + A                                  77D55AB2 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenProcessTokenEx + 5                          77D55B25 4 Bytes  [BA, A8, E2, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenProcessTokenEx + A                          77D55B2A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenProcessToken + A                            77D55B3E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenProcess + 5                                 77D55B4D 4 Bytes  [BA, A8, E1, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenProcess + A                                 77D55B52 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenFile + 5                                    77D55C29 4 Bytes  [BA, 68, E0, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtOpenFile + A                                    77D55C2E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtMapViewOfSection + 5                            77D55D05 4 Bytes  [BA, 28, E3, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtMapViewOfSection + A                            77D55D0A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtCreateFile + 5                                  77D565A9 4 Bytes  [BA, 28, E0, E0]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[4008] ntdll.dll!NtCreateFile + A                                  77D565AE 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtUnmapViewOfSection + 5                          77D54B99 4 Bytes  [BA, 68, 2F, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtUnmapViewOfSection + A                          77D54B9E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtTerminateProcess                                77D54CC8 5 Bytes  JMP 00A0EAD6 C:\Program Files\Google\Chrome\Application\chrome.exe
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtSetInformationThread + 5                        77D54FB1 4 Bytes  [BA, 28, 2E, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtSetInformationThread + A                        77D54FB6 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtSetInformationFile + 5                          77D55029 4 Bytes  [BA, 28, 2D, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtSetInformationFile + A                          77D5502E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtQueryFullAttributesFile + A                     77D55846 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtQueryAttributesFile + 5                         77D5591D 4 Bytes  [BA, A8, 2C, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtQueryAttributesFile + A                         77D55922 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenThreadTokenEx + A                           77D55A8A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenThreadToken + 5                             77D55A99 4 Bytes  [BA, 68, 2E, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenThreadToken + A                             77D55A9E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenThread + 5                                  77D55AAD 4 Bytes  [BA, 68, 2D, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenThread + A                                  77D55AB2 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenProcessTokenEx + 5                          77D55B25 4 Bytes  [BA, A8, 2E, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenProcessTokenEx + A                          77D55B2A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenProcessToken + A                            77D55B3E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenProcess + 5                                 77D55B4D 4 Bytes  [BA, A8, 2D, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenProcess + A                                 77D55B52 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenFile + 5                                    77D55C29 4 Bytes  [BA, 68, 2C, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtOpenFile + A                                    77D55C2E 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtMapViewOfSection + 5                            77D55D05 4 Bytes  [BA, 28, 2F, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtMapViewOfSection + A                            77D55D0A 2 Bytes  [FF, E2] {JMP EDX}
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtCreateFile + 5                                  77D565A9 4 Bytes  [BA, 28, 2C, C6]
.text  C:\Program Files\Google\Chrome\Application\chrome.exe[7096] ntdll.dll!NtCreateFile + A                                  77D565AE 2 Bytes  [FF, E2] {JMP EDX}

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                       1014464720
Reg    HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{7B2E81BB-95A8-11E3-AF9B-806E6F6E6963}  13163605896

---- EOF - GMER 2.1 ----
und defogger/disable:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:36 on 03/04/2014 (Simon)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Hoffe ich habe alles richtig gemacht.
LG Hutgebirge

Alt 03.04.2014, 13:05   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PUP Optional Virus auf Windows 8 - Standard

PUP Optional Virus auf Windows 8


Hi,

Zitat:
==================== Installed Programs ======================

Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Du hast nur drei Programme installiert? Wohl eher ist bei der Erstellung des Logs was in die Hose gegangen. Oder hast du am Log selbst rumgefummelt?
__________________

__________________
Alt 03.04.2014, 14:48   #3
Hutgebirge
 
PUP Optional Virus auf Windows 8 - Standard

PUP Optional Virus auf Windows 8


Hiho Cosinus,
ich folgte euren Anweisungen in der "Checkliste", habe auch nichts an dem eigentlichen Log verändert, sondern alles direkt übernommen.
Habe FRST nochmal laufen lassen und es kommt wieder das gleiche heraus:

Additional scan:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Simon at 2014-04-03 15:45:02
Running from C:\Users\Darell\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

==================== Restore Points  =========================

13-03-2014 17:26:52 Installiert MFL-Pro Suite
23-03-2014 17:32:20 Windows Update
02-04-2014 14:45:29 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 06:17 - 2012-07-26 06:17 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1E84DCB8-8C84-4436-A108-209A65086823} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {545C008C-4471-44F8-AD15-96CB8BB2BB0C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {56F59500-C4D1-4720-859F-13B4998AA792} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {8349FCC6-3CB9-49E8-AD80-6991725A9B27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-14] (Google Inc.)
Task: {98138208-FAB6-4DCD-8BAF-8BB959879AC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-14] (Google Inc.)
Task: {99768757-32DC-4E02-BE1E-2FE4783695EE} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D3D41176-3DCA-4F40-9A93-A3458ADB2754} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {EF9592CE-7796-47A6-9CD5-8630640D45BB} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-14 22:11 - 2013-12-09 12:37 - 00394808 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2014-03-13 19:27 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2012-07-26 10:49 - 2012-07-26 10:46 - 00143216 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2014-03-13 19:27 - 2012-09-25 12:26 - 01163264 _____ () C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
2014-03-17 12:10 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: G:\
Description: USB SM Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFWpdFs
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: E:\
Description: USB SD Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFWpdFs
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: H:\
Description: USB MS Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFWpdFs
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: F:\
Description: USB CF Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFWpdFs
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2014 03:24:03 PM) (Source: Desktop Window Manager) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (04/03/2014 03:23:57 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/03 15:23:57.638]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5

Error: (04/03/2014 02:52:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Die App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (04/03/2014 01:48:10 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/03 13:48:10.654]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5

Error: (04/03/2014 11:44:57 AM) (Source: ESENT) (User: )
Description: taskhostex (5228) Versuch, Datei "C:\Users\Darell\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (04/03/2014 11:44:24 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/03 11:44:24.753]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5

Error: (04/02/2014 04:03:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Die App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (04/02/2014 00:58:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Die App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (04/02/2014 00:58:25 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/02 12:58:25.726]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5

Error: (04/02/2014 11:19:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Das Paket „winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy“ wurde beendet, da das Anhalten zu lange dauerte.


System errors:
=============
Error: (04/01/2014 08:07:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
%%1

Error: (03/27/2014 11:25:38 AM) (Source: DCOM) (User: Simon)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/27/2014 11:25:38 AM) (Source: DCOM) (User: Simon)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 03:33:39 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 01:10:16 PM) (Source: nvraid) (User: )
Description: 


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 52%
Total physical RAM: 3071.22 MB
Available physical RAM: 1450.82 MB
Total Pagefile: 4159.22 MB
Available Pagefile: 1513.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1920.73 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:583.19 GB) (Free:425.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:12.98 GB) (Free:1.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: (DVDVolume) (CDROM) (Total:7.57 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=583 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

==================== End Of Log ============================
FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Simon (administrator) on SIMON on 03-04-2014 15:44:29
Running from C:\Users\Darell\Downloads
Microsoft Windows 8 Pro (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC62E22434732CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,en-US;q=0.5,en;q=0.3
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Google Docs) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-14]
CHR Extension: (Google Drive) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-14]
CHR Extension: (YouTube) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-14]
CHR Extension: (Google-Suche) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-14]
CHR Extension: (Re-markit) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel [2014-03-17]
CHR Extension: (HQ-Video-Pro-1.9) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-03-17]
CHR Extension: (Google Wallet) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-14]
CHR Extension: (Quick Start) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-03-17]
CHR Extension: (Google Mail) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-14]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14480 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [135648 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [24576 2012-07-26] (Microsoft Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-04-03] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation)
U3 agldypod; \??\C:\Users\Darell\AppData\Local\Temp\agldypod.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-03 15:40 - 2014-04-03 15:40 - 00026256 _____ () C:\Users\Darell\Documents\FRST2.txt
2014-04-03 15:24 - 2014-04-03 15:24 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-04-03 12:54 - 2014-04-03 12:54 - 00019652 _____ () C:\Users\Darell\Documents\scan.log
2014-04-03 12:41 - 2014-04-03 12:41 - 00380416 _____ () C:\Users\Darell\Downloads\Gmer-19357.exe
2014-04-03 12:39 - 2014-04-03 12:39 - 00025405 _____ () C:\Users\Darell\Documents\FRST.txt
2014-04-03 12:39 - 2014-04-03 12:39 - 00010790 _____ () C:\Users\Darell\Documents\Addition.txt
2014-04-03 12:38 - 2014-04-03 15:44 - 00007138 _____ () C:\Users\Darell\Downloads\FRST.txt
2014-04-03 12:38 - 2014-04-03 15:44 - 00000000 ____D () C:\FRST
2014-04-03 12:38 - 2014-04-03 15:40 - 00011577 _____ () C:\Users\Darell\Downloads\Addition.txt
2014-04-03 12:37 - 2014-04-03 12:37 - 01145856 _____ (Farbar) C:\Users\Darell\Downloads\FRST.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00050477 _____ () C:\Users\Darell\Downloads\Defogger.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00000472 _____ () C:\Users\Darell\Downloads\defogger_disable.log
2014-04-03 12:36 - 2014-04-03 12:36 - 00000000 _____ () C:\Users\Darell\defogger_reenable
2014-03-17 14:42 - 2014-04-01 14:49 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-17 14:42 - 2014-03-17 14:42 - 00001991 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Adobe
2014-03-17 14:41 - 2014-04-01 11:43 - 00000000 ____D () C:\Users\Darell\AppData\Local\Adobe
2014-03-17 13:13 - 2014-03-17 13:13 - 00001069 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-17 13:13 - 2013-04-04 15:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 13:06 - 2014-03-17 13:13 - 00000000 ____D () C:\AdwCleaner
2014-03-17 13:06 - 2014-03-17 13:06 - 01950720 _____ () C:\Users\Darell\Downloads\adwcleaner.exe
2014-03-17 13:05 - 2014-03-17 13:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Darell\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-17 12:31 - 2014-03-17 12:31 - 00000000 ____D () C:\Users\Darell\AppData\Local\Apps\2.0
2014-03-17 12:24 - 2014-03-17 12:24 - 00313824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 12:13 - 2014-03-17 12:16 - 00000160 _____ () C:\Users\Darell\AppData\Roaming\aps.uninstall.scan.results
2014-03-17 12:12 - 2014-03-17 12:11 - 00954776 _____ (AnyProtect.com) C:\Users\Darell\AppData\Local\nsuB3D7.tmp
2014-03-17 12:11 - 2014-03-17 12:11 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-03-17 12:11 - 2014-03-17 12:11 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-03-13 19:45 - 2007-05-31 20:30 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-03-13 19:45 - 2007-05-31 20:29 - 00018280 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_2.dll
2014-03-13 19:45 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-03-13 19:45 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-03-13 19:45 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-03-13 19:45 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-03-13 19:45 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-03-13 19:45 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-03-13 19:45 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-03-13 19:45 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-03-13 19:45 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-03-13 19:45 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-03-13 19:45 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-03-13 19:45 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-03-13 19:45 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-03-13 19:45 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-03-13 19:45 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-03-13 19:45 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-03-13 19:45 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-03-13 19:45 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-03-13 19:45 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-03-13 19:45 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-03-13 19:45 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-03-13 19:45 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-03-13 19:45 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-03-13 19:45 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-03-13 19:45 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-03-13 19:45 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-03-13 19:45 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-03-13 19:45 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-03-13 19:45 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-03-13 19:44 - 2014-03-13 19:45 - 00082275 _____ () C:\Windows\DirectX.log
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Einzelspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00000175 _____ () C:\Windows\DXError.log
2014-03-13 19:43 - 2014-03-17 19:36 - 00000000 ____D () C:\Users\Darell\Documents\Baby
2014-03-13 19:42 - 2014-03-13 19:42 - 00000319 _____ () C:\Windows\game.ini
2014-03-13 19:33 - 2014-03-13 19:33 - 00000000 ____D () C:\Program Files\Activision
2014-03-13 19:27 - 2014-03-13 19:42 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-13 19:27 - 2014-03-13 19:27 - 00002003 _____ () C:\Users\Public\Desktop\Brother Utilities.lnk
2014-03-13 19:27 - 2014-03-13 19:27 - 00000000 ____D () C:\Program Files\Brother
2014-03-13 19:27 - 2009-01-15 20:20 - 00003072 _____ (Brother Industries Ltd.) C:\Windows\system32\BrDctF2S.dll
2014-03-13 19:27 - 2008-06-17 16:33 - 00167936 _____ (brother) C:\Windows\system32\NSSearch.dll
2014-03-13 19:27 - 2007-12-13 23:16 - 00073728 _____ (Brother Industries Ltd.) C:\Windows\system32\BrDctF2.dll
2014-03-13 19:27 - 2007-12-13 23:16 - 00005632 _____ (Brother Industries Ltd.) C:\Windows\system32\BrDctF2L.dll
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\Downloads\mflpro
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\InstallShield
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\ProgramData\Brother
2014-03-13 19:23 - 2014-03-13 19:24 - 44735560 _____ (A.I.SOFT,INC.) C:\Users\Darell\Downloads\DCP-7045N-inst-win8-A1.EXE
2014-03-12 17:25 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 17:25 - 2013-12-07 07:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-12 17:25 - 2013-10-25 06:56 - 00030224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-12 17:25 - 2013-10-25 00:33 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-12 17:24 - 2014-02-23 08:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 00661504 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 17:24 - 2014-02-23 08:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 17:24 - 2014-02-23 08:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 17:24 - 2014-02-08 06:08 - 03387904 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 17:24 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-09 22:12 - 2014-03-09 22:19 - 00000000 ____D () C:\Users\Darell\Documents\ALG II

==================== One Month Modified Files and Folders =======

2014-04-03 15:44 - 2014-04-03 12:38 - 00007138 _____ () C:\Users\Darell\Downloads\FRST.txt
2014-04-03 15:44 - 2014-04-03 12:38 - 00000000 ____D () C:\FRST
2014-04-03 15:40 - 2014-04-03 15:40 - 00026256 _____ () C:\Users\Darell\Documents\FRST2.txt
2014-04-03 15:40 - 2014-04-03 12:38 - 00011577 _____ () C:\Users\Darell\Downloads\Addition.txt
2014-04-03 15:24 - 2014-04-03 15:24 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-04-03 15:24 - 2014-02-14 22:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-03 15:12 - 2014-02-14 22:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 14:00 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\system32\sru
2014-04-03 12:54 - 2014-04-03 12:54 - 00019652 _____ () C:\Users\Darell\Documents\scan.log
2014-04-03 12:41 - 2014-04-03 12:41 - 00380416 _____ () C:\Users\Darell\Downloads\Gmer-19357.exe
2014-04-03 12:39 - 2014-04-03 12:39 - 00025405 _____ () C:\Users\Darell\Documents\FRST.txt
2014-04-03 12:39 - 2014-04-03 12:39 - 00010790 _____ () C:\Users\Darell\Documents\Addition.txt
2014-04-03 12:37 - 2014-04-03 12:37 - 01145856 _____ (Farbar) C:\Users\Darell\Downloads\FRST.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00050477 _____ () C:\Users\Darell\Downloads\Defogger.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00000472 _____ () C:\Users\Darell\Downloads\defogger_disable.log
2014-04-03 12:36 - 2014-04-03 12:36 - 00000000 _____ () C:\Users\Darell\defogger_reenable
2014-04-03 12:36 - 2014-02-14 21:36 - 00000000 ____D () C:\Users\Darell
2014-04-03 12:25 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-03 12:04 - 2014-02-14 21:36 - 01195922 _____ () C:\Windows\WindowsUpdate.log
2014-04-01 22:54 - 2014-02-20 23:57 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\vlc
2014-04-01 14:51 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-01 14:49 - 2014-03-17 14:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-01 11:44 - 2014-02-14 22:48 - 00000000 ____D () C:\Users\Darell\Documents\UNI
2014-04-01 11:43 - 2014-03-17 14:41 - 00000000 ____D () C:\Users\Darell\AppData\Local\Adobe
2014-04-01 11:43 - 2014-02-14 21:37 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\Adobe
2014-04-01 09:42 - 2014-02-14 21:08 - 01654648 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-23 19:33 - 2014-02-16 19:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-23 19:32 - 2014-02-16 19:59 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-23 19:32 - 2012-07-26 06:17 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-17 19:36 - 2014-03-13 19:43 - 00000000 ____D () C:\Users\Darell\Documents\Baby
2014-03-17 14:42 - 2014-03-17 14:42 - 00001991 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Adobe
2014-03-17 14:36 - 2014-02-14 20:47 - 00112966 _____ () C:\Windows\PFRO.log
2014-03-17 14:36 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\IME
2014-03-17 14:36 - 2012-07-26 08:04 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-17 14:36 - 2012-07-26 06:17 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-17 14:30 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\rescache
2014-03-17 13:13 - 2014-03-17 13:13 - 00001069 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-17 13:13 - 2014-03-17 13:06 - 00000000 ____D () C:\AdwCleaner
2014-03-17 13:09 - 2014-02-14 22:03 - 00001238 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-17 13:06 - 2014-03-17 13:06 - 01950720 _____ () C:\Users\Darell\Downloads\adwcleaner.exe
2014-03-17 13:06 - 2014-03-17 13:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Darell\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-17 12:31 - 2014-03-17 12:31 - 00000000 ____D () C:\Users\Darell\AppData\Local\Apps\2.0
2014-03-17 12:24 - 2014-03-17 12:24 - 00313824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 12:16 - 2014-03-17 12:13 - 00000160 _____ () C:\Users\Darell\AppData\Roaming\aps.uninstall.scan.results
2014-03-17 12:11 - 2014-03-17 12:12 - 00954776 _____ (AnyProtect.com) C:\Users\Darell\AppData\Local\nsuB3D7.tmp
2014-03-17 12:11 - 2014-03-17 12:11 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-03-17 12:11 - 2014-03-17 12:11 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-03-17 12:11 - 2012-07-26 08:53 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ___RD () C:\Windows\ToastData
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-13 19:45 - 2014-03-13 19:44 - 00082275 _____ () C:\Windows\DirectX.log
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Einzelspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00000175 _____ () C:\Windows\DXError.log
2014-03-13 19:42 - 2014-03-13 19:42 - 00000319 _____ () C:\Windows\game.ini
2014-03-13 19:42 - 2014-03-13 19:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-13 19:33 - 2014-03-13 19:33 - 00000000 ____D () C:\Program Files\Activision
2014-03-13 19:30 - 2014-02-14 21:36 - 00000000 ____D () C:\Users\Darell\AppData\Local\VirtualStore
2014-03-13 19:27 - 2014-03-13 19:27 - 00002003 _____ () C:\Users\Public\Desktop\Brother Utilities.lnk
2014-03-13 19:27 - 2014-03-13 19:27 - 00000000 ____D () C:\Program Files\Brother
2014-03-13 19:27 - 2014-02-26 16:50 - 00000065 _____ () C:\Windows\system32\BD7045N.DAT
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\Downloads\mflpro
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\InstallShield
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\ProgramData\Brother
2014-03-13 19:24 - 2014-03-13 19:23 - 44735560 _____ (A.I.SOFT,INC.) C:\Users\Darell\Downloads\DCP-7045N-inst-win8-A1.EXE
2014-03-09 22:19 - 2014-03-09 22:12 - 00000000 ____D () C:\Users\Darell\Documents\ALG II
2014-03-05 00:52 - 2014-02-17 02:49 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-05 00:52 - 2014-02-17 02:49 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Darell\AppData\Local\Temp\avgnt.exe
C:\Users\Darell\AppData\Local\Temp\BackupSetup.exe
C:\Users\Darell\AppData\Local\Temp\Offercast_AVIRAV7_.exe
C:\Users\Darell\AppData\Local\Temp\ose00000.exe
C:\Users\Darell\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-28 18:52

==================== End Of Log ============================
--- --- ---

--- --- ---


Und ja, ich habe mehr als 3 Programme auf meinem Rechner.
__________________
Alt 03.04.2014, 14:50   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PUP Optional Virus auf Windows 8 - Standard

PUP Optional Virus auf Windows 8


FRST bitte starten per Rechtsklick => als Admin ausführen
Und neue Logs machen. Mal sehen ob das ein Unterschied bringt, ich glaub es aber eher nicht.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.04.2014, 19:40   #5
Hutgebirge
 
PUP Optional Virus auf Windows 8 - Standard

PUP Optional Virus auf Windows 8


getan und hier ist das ergebnis:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Simon at 2014-04-03 17:41:19
Running from C:\Users\Darell\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

==================== Restore Points  =========================

13-03-2014 17:26:52 Installiert MFL-Pro Suite
23-03-2014 17:32:20 Windows Update
02-04-2014 14:45:29 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 06:17 - 2012-07-26 06:17 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1E84DCB8-8C84-4436-A108-209A65086823} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {545C008C-4471-44F8-AD15-96CB8BB2BB0C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {56F59500-C4D1-4720-859F-13B4998AA792} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {8349FCC6-3CB9-49E8-AD80-6991725A9B27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-14] (Google Inc.)
Task: {98138208-FAB6-4DCD-8BAF-8BB959879AC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-14] (Google Inc.)
Task: {99768757-32DC-4E02-BE1E-2FE4783695EE} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D3D41176-3DCA-4F40-9A93-A3458ADB2754} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {EF9592CE-7796-47A6-9CD5-8630640D45BB} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-14 22:11 - 2013-12-09 12:37 - 00394808 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2014-03-13 19:27 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2012-07-26 10:49 - 2012-07-26 10:46 - 00143216 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2014-03-13 19:27 - 2012-09-25 12:26 - 01163264 _____ () C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
2014-03-17 12:10 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-17 12:10 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: G:\
Description: USB SM Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFWpdFs
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: E:\
Description: USB SD Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFWpdFs
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: H:\
Description: USB MS Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFWpdFs
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: F:\
Description: USB CF Reader   
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFWpdFs
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2014 04:50:51 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/03 16:50:51.622]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5

Error: (04/03/2014 03:24:03 PM) (Source: Desktop Window Manager) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (04/03/2014 03:23:57 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/03 15:23:57.638]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5

Error: (04/03/2014 02:52:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Die App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (04/03/2014 01:48:10 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/03 13:48:10.654]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5

Error: (04/03/2014 11:44:57 AM) (Source: ESENT) (User: )
Description: taskhostex (5228) Versuch, Datei "C:\Users\Darell\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (04/03/2014 11:44:24 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/03 11:44:24.753]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5

Error: (04/02/2014 04:03:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Die App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (04/02/2014 00:58:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Simon)
Description: Die App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (04/02/2014 00:58:25 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2014/04/02 12:58:25.726]: [00001984]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5


System errors:
=============
Error: (04/01/2014 08:07:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
%%1

Error: (03/27/2014 11:25:38 AM) (Source: DCOM) (User: Simon)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/27/2014 11:25:38 AM) (Source: DCOM) (User: Simon)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (03/17/2014 03:33:39 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 02:36:29 PM) (Source: nvraid) (User: )
Description: 

Error: (03/17/2014 01:10:16 PM) (Source: nvraid) (User: )
Description: 


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 42%
Total physical RAM: 3071.22 MB
Available physical RAM: 1766.09 MB
Total Pagefile: 4159.22 MB
Available Pagefile: 1693.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.73 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:583.19 GB) (Free:425.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:12.98 GB) (Free:1.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: (DVDVolume) (CDROM) (Total:7.57 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=583 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Simon (administrator) on SIMON on 03-04-2014 17:40:56
Running from C:\Users\Darell\Downloads
Microsoft Windows 8 Pro (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC62E22434732CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,en-US;q=0.5,en;q=0.3
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Google Docs) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-14]
CHR Extension: (Google Drive) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-14]
CHR Extension: (YouTube) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-14]
CHR Extension: (Google-Suche) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-14]
CHR Extension: (Re-markit) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel [2014-03-17]
CHR Extension: (HQ-Video-Pro-1.9) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-03-17]
CHR Extension: (Google Wallet) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-14]
CHR Extension: (Quick Start) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-03-17]
CHR Extension: (Google Mail) - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-14]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Darell\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14480 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [135648 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [24576 2012-07-26] (Microsoft Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation)
U3 agldypod; \??\C:\Users\Darell\AppData\Local\Temp\agldypod.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-03 15:40 - 2014-04-03 15:40 - 00026256 _____ () C:\Users\Darell\Documents\FRST2.txt
2014-04-03 12:54 - 2014-04-03 12:54 - 00019652 _____ () C:\Users\Darell\Documents\scan.log
2014-04-03 12:41 - 2014-04-03 12:41 - 00380416 _____ () C:\Users\Darell\Downloads\Gmer-19357.exe
2014-04-03 12:39 - 2014-04-03 12:39 - 00025405 _____ () C:\Users\Darell\Documents\FRST.txt
2014-04-03 12:39 - 2014-04-03 12:39 - 00010790 _____ () C:\Users\Darell\Documents\Addition.txt
2014-04-03 12:38 - 2014-04-03 17:41 - 00006946 _____ () C:\Users\Darell\Downloads\FRST.txt
2014-04-03 12:38 - 2014-04-03 17:40 - 00000000 ____D () C:\FRST
2014-04-03 12:38 - 2014-04-03 15:56 - 00010656 _____ () C:\Users\Darell\Downloads\Addition.txt
2014-04-03 12:37 - 2014-04-03 12:37 - 01145856 _____ (Farbar) C:\Users\Darell\Downloads\FRST.exe
2014-04-03 12:36 - 2014-04-03 15:55 - 00000472 _____ () C:\Users\Darell\Downloads\defogger_disable.log
2014-04-03 12:36 - 2014-04-03 12:36 - 00050477 _____ () C:\Users\Darell\Downloads\Defogger.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00000000 _____ () C:\Users\Darell\defogger_reenable
2014-03-17 14:42 - 2014-04-01 14:49 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-17 14:42 - 2014-03-17 14:42 - 00001991 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Adobe
2014-03-17 14:41 - 2014-04-01 11:43 - 00000000 ____D () C:\Users\Darell\AppData\Local\Adobe
2014-03-17 13:13 - 2014-03-17 13:13 - 00001069 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-17 13:13 - 2013-04-04 15:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 13:06 - 2014-03-17 13:13 - 00000000 ____D () C:\AdwCleaner
2014-03-17 13:06 - 2014-03-17 13:06 - 01950720 _____ () C:\Users\Darell\Downloads\adwcleaner.exe
2014-03-17 13:05 - 2014-03-17 13:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Darell\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-17 12:31 - 2014-03-17 12:31 - 00000000 ____D () C:\Users\Darell\AppData\Local\Apps\2.0
2014-03-17 12:24 - 2014-03-17 12:24 - 00313824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 12:13 - 2014-03-17 12:16 - 00000160 _____ () C:\Users\Darell\AppData\Roaming\aps.uninstall.scan.results
2014-03-17 12:12 - 2014-03-17 12:11 - 00954776 _____ (AnyProtect.com) C:\Users\Darell\AppData\Local\nsuB3D7.tmp
2014-03-17 12:11 - 2014-03-17 12:11 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-03-17 12:11 - 2014-03-17 12:11 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-03-13 19:45 - 2007-05-31 20:30 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-03-13 19:45 - 2007-05-31 20:29 - 00018280 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_2.dll
2014-03-13 19:45 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-03-13 19:45 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-03-13 19:45 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-03-13 19:45 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-03-13 19:45 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-03-13 19:45 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-03-13 19:45 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-03-13 19:45 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-03-13 19:45 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-03-13 19:45 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-03-13 19:45 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-03-13 19:45 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-03-13 19:45 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-03-13 19:45 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-03-13 19:45 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-03-13 19:45 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-03-13 19:45 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-03-13 19:45 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-03-13 19:45 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-03-13 19:45 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-03-13 19:45 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-03-13 19:45 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-03-13 19:45 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-03-13 19:45 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-03-13 19:45 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-03-13 19:45 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-03-13 19:45 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-03-13 19:45 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-03-13 19:45 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-03-13 19:44 - 2014-03-13 19:45 - 00082275 _____ () C:\Windows\DirectX.log
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Einzelspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00000175 _____ () C:\Windows\DXError.log
2014-03-13 19:43 - 2014-03-17 19:36 - 00000000 ____D () C:\Users\Darell\Documents\Baby
2014-03-13 19:42 - 2014-03-13 19:42 - 00000319 _____ () C:\Windows\game.ini
2014-03-13 19:33 - 2014-03-13 19:33 - 00000000 ____D () C:\Program Files\Activision
2014-03-13 19:27 - 2014-03-13 19:42 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-13 19:27 - 2014-03-13 19:27 - 00002003 _____ () C:\Users\Public\Desktop\Brother Utilities.lnk
2014-03-13 19:27 - 2014-03-13 19:27 - 00000000 ____D () C:\Program Files\Brother
2014-03-13 19:27 - 2009-01-15 20:20 - 00003072 _____ (Brother Industries Ltd.) C:\Windows\system32\BrDctF2S.dll
2014-03-13 19:27 - 2008-06-17 16:33 - 00167936 _____ (brother) C:\Windows\system32\NSSearch.dll
2014-03-13 19:27 - 2007-12-13 23:16 - 00073728 _____ (Brother Industries Ltd.) C:\Windows\system32\BrDctF2.dll
2014-03-13 19:27 - 2007-12-13 23:16 - 00005632 _____ (Brother Industries Ltd.) C:\Windows\system32\BrDctF2L.dll
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\Downloads\mflpro
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\InstallShield
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\ProgramData\Brother
2014-03-13 19:23 - 2014-03-13 19:24 - 44735560 _____ (A.I.SOFT,INC.) C:\Users\Darell\Downloads\DCP-7045N-inst-win8-A1.EXE
2014-03-12 17:25 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 17:25 - 2013-12-07 07:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-12 17:25 - 2013-10-25 06:56 - 00030224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-12 17:25 - 2013-10-25 00:33 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-12 17:24 - 2014-02-23 08:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 00661504 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-12 17:24 - 2014-02-23 08:54 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 17:24 - 2014-02-23 08:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 17:24 - 2014-02-23 08:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 17:24 - 2014-02-23 08:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 17:24 - 2014-02-08 06:08 - 03387904 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 17:24 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-09 22:12 - 2014-03-09 22:19 - 00000000 ____D () C:\Users\Darell\Documents\ALG II

==================== One Month Modified Files and Folders =======

2014-04-03 17:41 - 2014-04-03 12:38 - 00006946 _____ () C:\Users\Darell\Downloads\FRST.txt
2014-04-03 17:40 - 2014-04-03 12:38 - 00000000 ____D () C:\FRST
2014-04-03 17:12 - 2014-02-14 22:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 17:04 - 2014-02-14 21:36 - 01226398 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 16:00 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\system32\sru
2014-04-03 15:56 - 2014-04-03 12:38 - 00010656 _____ () C:\Users\Darell\Downloads\Addition.txt
2014-04-03 15:55 - 2014-04-03 12:36 - 00000472 _____ () C:\Users\Darell\Downloads\defogger_disable.log
2014-04-03 15:40 - 2014-04-03 15:40 - 00026256 _____ () C:\Users\Darell\Documents\FRST2.txt
2014-04-03 15:24 - 2014-02-14 22:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-03 12:54 - 2014-04-03 12:54 - 00019652 _____ () C:\Users\Darell\Documents\scan.log
2014-04-03 12:41 - 2014-04-03 12:41 - 00380416 _____ () C:\Users\Darell\Downloads\Gmer-19357.exe
2014-04-03 12:39 - 2014-04-03 12:39 - 00025405 _____ () C:\Users\Darell\Documents\FRST.txt
2014-04-03 12:39 - 2014-04-03 12:39 - 00010790 _____ () C:\Users\Darell\Documents\Addition.txt
2014-04-03 12:37 - 2014-04-03 12:37 - 01145856 _____ (Farbar) C:\Users\Darell\Downloads\FRST.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00050477 _____ () C:\Users\Darell\Downloads\Defogger.exe
2014-04-03 12:36 - 2014-04-03 12:36 - 00000000 _____ () C:\Users\Darell\defogger_reenable
2014-04-03 12:36 - 2014-02-14 21:36 - 00000000 ____D () C:\Users\Darell
2014-04-03 12:25 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-01 22:54 - 2014-02-20 23:57 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\vlc
2014-04-01 14:51 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-01 14:49 - 2014-03-17 14:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-01 11:44 - 2014-02-14 22:48 - 00000000 ____D () C:\Users\Darell\Documents\UNI
2014-04-01 11:43 - 2014-03-17 14:41 - 00000000 ____D () C:\Users\Darell\AppData\Local\Adobe
2014-04-01 11:43 - 2014-02-14 21:37 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\Adobe
2014-04-01 09:42 - 2014-02-14 21:08 - 01654648 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-23 19:33 - 2014-02-16 19:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-23 19:32 - 2014-02-16 19:59 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-23 19:32 - 2012-07-26 06:17 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-17 19:36 - 2014-03-13 19:43 - 00000000 ____D () C:\Users\Darell\Documents\Baby
2014-03-17 14:42 - 2014-03-17 14:42 - 00001991 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-17 14:42 - 2014-03-17 14:42 - 00000000 ____D () C:\Program Files\Adobe
2014-03-17 14:36 - 2014-02-14 20:47 - 00112966 _____ () C:\Windows\PFRO.log
2014-03-17 14:36 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\IME
2014-03-17 14:36 - 2012-07-26 08:04 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-17 14:36 - 2012-07-26 06:17 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-17 14:30 - 2012-07-26 08:53 - 00000000 ____D () C:\Windows\rescache
2014-03-17 13:13 - 2014-03-17 13:13 - 00001069 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 13:13 - 2014-03-17 13:13 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-17 13:13 - 2014-03-17 13:06 - 00000000 ____D () C:\AdwCleaner
2014-03-17 13:09 - 2014-02-14 22:03 - 00001238 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-17 13:06 - 2014-03-17 13:06 - 01950720 _____ () C:\Users\Darell\Downloads\adwcleaner.exe
2014-03-17 13:06 - 2014-03-17 13:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Darell\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-17 12:31 - 2014-03-17 12:31 - 00000000 ____D () C:\Users\Darell\AppData\Local\Apps\2.0
2014-03-17 12:24 - 2014-03-17 12:24 - 00313824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 12:16 - 2014-03-17 12:13 - 00000160 _____ () C:\Users\Darell\AppData\Roaming\aps.uninstall.scan.results
2014-03-17 12:11 - 2014-03-17 12:12 - 00954776 _____ (AnyProtect.com) C:\Users\Darell\AppData\Local\nsuB3D7.tmp
2014-03-17 12:11 - 2014-03-17 12:11 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-03-17 12:11 - 2014-03-17 12:11 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-03-17 12:11 - 2012-07-26 08:53 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ___RD () C:\Windows\ToastData
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 00:10 - 2012-07-26 08:53 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-13 19:45 - 2014-03-13 19:44 - 00082275 _____ () C:\Windows\DirectX.log
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Mehrspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00001956 _____ () C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) - Einzelspieler.lnk
2014-03-13 19:44 - 2014-03-13 19:44 - 00000175 _____ () C:\Windows\DXError.log
2014-03-13 19:42 - 2014-03-13 19:42 - 00000319 _____ () C:\Windows\game.ini
2014-03-13 19:42 - 2014-03-13 19:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-13 19:33 - 2014-03-13 19:33 - 00000000 ____D () C:\Program Files\Activision
2014-03-13 19:30 - 2014-02-14 21:36 - 00000000 ____D () C:\Users\Darell\AppData\Local\VirtualStore
2014-03-13 19:27 - 2014-03-13 19:27 - 00002003 _____ () C:\Users\Public\Desktop\Brother Utilities.lnk
2014-03-13 19:27 - 2014-03-13 19:27 - 00000000 ____D () C:\Program Files\Brother
2014-03-13 19:27 - 2014-02-26 16:50 - 00000065 _____ () C:\Windows\system32\BD7045N.DAT
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\Downloads\mflpro
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\Users\Darell\AppData\Roaming\InstallShield
2014-03-13 19:26 - 2014-03-13 19:26 - 00000000 ____D () C:\ProgramData\Brother
2014-03-13 19:24 - 2014-03-13 19:23 - 44735560 _____ (A.I.SOFT,INC.) C:\Users\Darell\Downloads\DCP-7045N-inst-win8-A1.EXE
2014-03-09 22:19 - 2014-03-09 22:12 - 00000000 ____D () C:\Users\Darell\Documents\ALG II
2014-03-05 00:52 - 2014-02-17 02:49 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-05 00:52 - 2014-02-17 02:49 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Darell\AppData\Local\Temp\avgnt.exe
C:\Users\Darell\AppData\Local\Temp\BackupSetup.exe
C:\Users\Darell\AppData\Local\Temp\Offercast_AVIRAV7_.exe
C:\Users\Darell\AppData\Local\Temp\ose00000.exe
C:\Users\Darell\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-28 18:52

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Was ich noch erwähnen sollte, dass heute etwa zeitgleich mit der Entdeckung des PUP-virus lauter pop-ups aufgehen, wenn ich mit online bin.
Kurz im Verlauf von Google Chrome nachgeschaut und ich stoße auf folgende Namen der pop-ups:
rvzr-a.akamaihd.net
srv123.com
a.advertisernets.com
m2pub.adk2.com
s.m2pub.com

Systemsteuerung/ Programme deinstallieren findet auch nur 3 Programme.

Ebenso der Revo-uninstaller.


Alt 04.04.2014, 11:02   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PUP Optional Virus auf Windows 8 - Standard

PUP Optional Virus auf Windows 8


Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> PUP Optional Virus auf Windows 8

Alt 07.04.2014, 19:49   #7
Hutgebirge
 
PUP Optional Virus auf Windows 8 - Standard

PUP Optional Virus auf Windows 8


Hiho Cosinus,
mal eine Frage:
Ich habe das Programm Combifix gestartet, nachdem ich die Antiviren-programme deaktiviert habe. Nur bleibt Combifix immer hängen, oder dauert das einfach so ewig lange bis es mit dem Scan von infizierten Dateien fertig ist?
Soll ich noch etwas anderes beachten? Computer vom Internet trennen oder sowas?
Gruß H.

Alt 07.04.2014, 22:14   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PUP Optional Virus auf Windows 8 - Standard

PUP Optional Virus auf Windows 8


Rechner neu starten und ncohmal probieren....
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu PUP Optional Virus auf Windows 8
.dll, antivir, avira, defender, desktop, firefox, google, homepage, install.exe, installation, ntdll.dll, programm, pup optional, pup.optional.crossrider.a, pup.optional.quickstart.a, pup.optional.remarkit.a, rundll, security, services.exe, software, svchost.exe, vcredist, virus, windows, windowsapps, winlogon.exe


« Win7 PC-Check nach Virenfund | win7 64 bit friert regelmäßig - unregelmäßig ohne meldung ein »


Ähnliche Themen: PUP Optional Virus auf Windows 8


  1. GMER stürzt ab - MBAM erkennt PUP.Optional.Agent, PUP.Optional.IEBho.A, PUP.Optional.MyFreeze.A
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (13)
  2. WIN7: Fund PUP.Optional.DigitalSites.A, PUP.Optional.OpenCandy, PUP.Optional.Softonic.A, PUP.Optional.Updater.A. Weitere Vorgehensweise
    Log-Analyse und Auswertung - 08.10.2014 (11)
  3. Trojaner: PUP.Optional.CrossRider.A, PUP.Optional.MySearchDial.A, PUP.Optional.Babylon.A, PUP.Optional.BuenoSearch
    Plagegeister aller Art und deren Bekämpfung - 17.07.2014 (3)
  4. Windows 8 nachdem (PUP.Optional.SweetPage.A) behoben ist, Fund von PUP.Optional.IePluginServiceA
    Log-Analyse und Auswertung - 15.05.2014 (19)
  5. Security.Hijack, PUP.Optional.OpenCandy, PUP.Optional.Somoto, PUP.Optional.MoviesToolBar etc gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.04.2014 (1)
  6. Windows 7: PUP.Optional.Conduit.A und PUP.Optional.SearchProtect.A gefunden
    Log-Analyse und Auswertung - 21.03.2014 (7)
  7. PUP.Optional.DomalQ / PUP.Optional.BProtector / PUP.Optional.InstallMonetizer.A
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (9)
  8. Windows 8: Schädlingsbefall - PUP.Optional. DefaultTab.A und PUP.Optional.AlexaTB.A
    Log-Analyse und Auswertung - 15.01.2014 (14)
  9. Windows 8: Fund von TR/Dropper.gen, PUP.Optional.Iminent.A, PUP.Optional.BizzyBolt, PUP.Optional.DigitalSites.A
    Log-Analyse und Auswertung - 10.12.2013 (13)
  10. Windows 8.1 PUP.Optional.InstallCore.A + PUP.Optional.Chrome.A entdeckt
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (13)
  11. Windows 8: Virus PUP.Optional.OpenCandy
    Plagegeister aller Art und deren Bekämpfung - 17.10.2013 (3)
  12. Windows 7: Häufige Pop-Up Fenster und Virus-Fund: PUP.Optional.OfferMosquito.A
    Plagegeister aller Art und deren Bekämpfung - 21.09.2013 (33)
  13. Windows Vista: PUP.Optional.Tarma.A PUP.Optional.OpenCandy PUP.Optional.InstallCore.A
    Plagegeister aller Art und deren Bekämpfung - 11.09.2013 (13)
  14. 2x Windows Vista: PUP.Optional.Tarma.A PUP.Optional.OpenCandy PUP.Optional.InstallCore.A
    Mülltonne - 08.09.2013 (1)
  15. Windows 7, Malwarebytes findet 1 infizierte Datei: Trojan.PUP.Optional.FileScout.A, bei einen anderen Benutzer Pub.Optional.Open.Candy
    Log-Analyse und Auswertung - 30.08.2013 (32)
  16. PUP.Optional.BrowserDefender.A, PUP.Optional.Babylon.A, PUP.Optional.Delta
    Log-Analyse und Auswertung - 25.08.2013 (8)
  17. Windows 7 Ultimate 64bit: Malewarebytes findet PUP.Optional.Conduit.A/PUP.Optional.Softonic
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PUP Optional Virus auf Windows 8 - Hallo liebes Trojaner-Board-Team, beim letzten Systemscan wurde mir angezeigt, dass es mit einem PUP optional virus befallen ist und bevor ich selber alles mögliche probiere wollte ich mich an euch - PUP Optional Virus auf Windows 8...
Archiv
Du betrachtest: PUP Optional Virus auf Windows 8 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131