|
Log-Analyse und Auswertung: Viele Fehler mit Malwarebites Anti-Malware gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.07.2014, 19:42 | #1 |
| Viele Fehler mit Malwarebites Anti-Malware gefunden Hallo. Weil es bei einem Spiel, das ich spiele, immer wieder zu Störungen kam (nach einiger Zeit wurde die Maus langsamer, das Spiel "stockte"), hatte ich zuerst eine Systemwiederherstellung zu einem anderen Punkt, um das Spiel wieder auf die Leistung zu bringen, die es anfangs hatte. Anfangs half es, doch dann störte das Spiel wieder, darum suchte ich im Internet, und fand diese Seite. Habe den Malwarebites heruntergeladen und die Quarantäne wie beschrieben gesichert. Nun weiß ich nicht, wie diese Seite hier genau funktioniert, hoffe auf Hilfe bei meinem Problem, es wurden nämlich viele Quarantäne gefunden. Falls das unhöflich ist, bitte ich zu entschuldigen. |
14.07.2014, 19:43 | #2 |
/// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefunden Bitte das Log von Malwarebytes posten:
__________________Lesestoff MBAM-Funde posten: So gehts... Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden. Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.
Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
Hinweis: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst. Los geht's: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
14.07.2014, 19:57 | #3 |
| Viele Fehler mit Malwarebites Anti-Malware gefunden Hallo, Jürgen.
__________________Erfreut, dass du dir die Mühe machen möchtest. Ich habe wohl eine englische Version erwischt, habe bei "Anwendungsprotokolle" 2 Möglichkeiten zur Auswahl: "Scan Log" und "Protection Log" Welche soll ich auswählen? und: Das FRST lade ich gerade auch herunter, ist das richtig? Es wird ein Disclaimer of Warranty angezeigt, kann ich das bestätigen? |
14.07.2014, 20:00 | #4 |
/// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefunden Scan-Log bitte... Ja, genau. FRST brauchen wir auch... Ja bestätige...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
14.07.2014, 20:06 | #5 |
| Viele Fehler mit Malwarebites Anti-Malware gefundenCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 14.07.2014 Scan Time: 19:52:24 Logfile: Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.14.08 Rootkit Database: v2014.07.09.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: home Scan Type: Threat Scan Result: Completed Objects Scanned: 296844 Time Elapsed: 26 min, 9 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 20 PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [244c2877b1ca1d19bfe9ada5669c0cf4], PUP.Optional.SpeedDial.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}, Delete-on-Reboot, [38383b646d0ebc7a91d6a2b145bda060], PUP.Optional.SpeedDial.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}, Delete-on-Reboot, [38383b646d0ebc7a91d6a2b145bda060], PUP.Optional.SearchQu, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Delete-on-Reboot, [8fe1d0cfd8a3d85e1d33dd7c4ab8857b], PUP.Optional.SearchQu, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Delete-on-Reboot, [8fe1d0cfd8a3d85e1d33dd7c4ab8857b], PUP.Optional.SpeedTest.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}, Quarantined, [3b35742b23589a9ccac580d50df54ab6], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, Quarantined, [c5abcad53744ac8aad86eaa258aa3fc1], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, Quarantined, [2050900fbebd82b467cd1c702bd719e7], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [cfa1346b2b5054e2c206b3d808fa3dc3], PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj, Quarantined, [80f0edb242395bdba5025477e81a867a], PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj, Quarantined, [9bd5455a5e1d8ea8d6d2cefd5fa3f808], PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jljheddigenhleadfofeccneimcmlefp, Quarantined, [1f51bbe4cfac0630d4426d76f70bdd23], PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, Quarantined, [4e228f1094e7f5411297e2e9df2353ad], PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp, Quarantined, [0e62fea192e9ea4ca5056e5d4ab8a65a], PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, Quarantined, [c2ae247b4f2ca2949edb9a2269994cb4], PUP.Optional.PriceGong.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, Delete-on-Reboot, [343cb7e83744f54108d0429a3dc5e31d], PUP.Optional.RewardsArcade.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\RewardsArcade, Delete-on-Reboot, [1d53ced1b3c8261048ad22ac6999a45c], PUP.Optional.Spigot.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Quarantined, [e987554a7a015fd76740bf59c44034cc], PUP.Optional.Softonic.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [6f01d1ce8eedfa3c71fc23ae13efe917], PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, Quarantined, [0d631b84384369cdf723b34be81bfc04], Registry Values: 2 PUP.Optional.Iminent.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [cfa1346b2b5054e2c206b3d808fa3dc3], PUP.Optional.Iminent.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [72fe158a750649ed65632c5f45bd2bd5], Registry Data: 1 PUP.Optional.Spigot.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://de.search.yahoo.com/?type=402027&fr=spigot-yhp-ie, Good: (www.google.com), Bad: (hxxp://de.search.yahoo.com/?type=402027&fr=spigot-yhp-ie),Replaced,[1957851aa4d72b0bed3a880dd3317987] Folders: 36 PUP.Optional.Iminent.A, C:\Program Files (x86)\IMINENTTOOLBAR, Quarantined, [511f910e86f57cba090e237c48ba04fc], PUP.Optional.Iminent.A, C:\Users\home\AppData\Roaming\IMINENTTOOLBAR, Quarantined, [1c54851a15661323e701554b14eef40c], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\SPEEDTEST4354, Quarantined, [c5abfea17902d561a74ed8c832d09967], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\JLJHEDDIGENHLEADFOFECCNEIMCMLEFP, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\JLJHEDDIGENHLEADFOFECCNEIMCMLEFP\3.0.0.0, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\JLJHEDDIGENHLEADFOFECCNEIMCMLEFP\3.0.0.0_0, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\JLJHEDDIGENHLEADFOFECCNEIMCMLEFP\3.0.0.0_1, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\JLJHEDDIGENHLEADFOFECCNEIMCMLEFP\3.0.0.0_2, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_0, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_0\css, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_0\Img, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_1, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_1\css, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_1\Img, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_0, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_0\icons, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_0\scripts, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_1, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_1\icons, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_1\scripts, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_2, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_2\icons, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_2\scripts, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\PFNDAKLGOLLADNIICKLEHHANCNLGOCPP, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\PFNDAKLGOLLADNIICKLEHHANCNLGOCPP\1.0_0, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\PFNDAKLGOLLADNIICKLEHHANCNLGOCPP\1.0_1, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\HBCENNHACFAAGDOPIKCEGFCOBCADEOCJ, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\HBCENNHACFAAGDOPIKCEGFCOBCADEOCJ\1.1_0, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\HBCENNHACFAAGDOPIKCEGFCOBCADEOCJ\1.1_1, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.OfferMosquito.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito, Quarantined, [fc740f90b8c30630a5b3723c679b2bd5], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\EXTENSIONS\SPEEDTEST4354@BESTOFFERS, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\EXTENSIONS\SPEEDTEST4354@BESTOFFERS\chrome, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\EXTENSIONS\SPEEDTEST4354@BESTOFFERS\chrome\content, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\EXTENSIONS\SPEEDTEST4354@BESTOFFERS\chrome\skin, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], Files: 227 Trojan.BProtector, C:\Users\home\AppData\Roaming\speedtest4354\install_helper.exe, Quarantined, [c4ac98075a21ab8bc0fd6aff788c43bd], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_ashampoo-firewall.exe, Quarantined, [3a36326da5d6be781747200760a1c23e], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_driver-turbo (1).exe, Quarantined, [77f9722d1b604beb3826f334fa07fb05], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_driver-turbo.exe, Quarantined, [165a633cde9d82b47be373b4d8299a66], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_drivereasy (1).exe, Quarantined, [c1af5748a4d75cda0a54bb6cd0317a86], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_drivereasy.exe, Quarantined, [294709965724ab8b9bc30b1c16eb718f], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_driverscanner.exe, Quarantined, [b3bd455a611a74c2b3abd156fa0749b7], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_pc-fixer.exe, Quarantined, [4030128d5b200f27dc82f82fa25fa759], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_smart-driver-updater.exe, Quarantined, [1f51ccd3a4d7b1850d513fe8be43c937], PUP.Optional.Iminent.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\CHROME-EXTENSION_IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL_0.LOCALSTORAGE, Quarantined, [056b415efd7e41f548ac7556d230fd03], PUP.Optional.CrossRider.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpfeggemggokijeahnacacopejaabljl_0.localstorage, Quarantined, [df91c8d7b9c276c0cf25ab29a45e9769], PUP.Optional.Iminent.A, C:\Users\home\AppData\Roaming\IminentToolbar\sqlite3.dll, Quarantined, [1c54851a15661323e701554b14eef40c], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\speedtest4354\install_helper.exe, Quarantined, [c5abfea17902d561a74ed8c832d09967], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\speedtest4354\speedtest4354.crx, Quarantined, [c5abfea17902d561a74ed8c832d09967], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\speedtest4354\speedtest4354.xpi, Quarantined, [c5abfea17902d561a74ed8c832d09967], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\background.html, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\button.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\ci.bg.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\ci.browser.helper.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\ci.content.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\content.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon128.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon128.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon16.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon16.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon18.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon18.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon24.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon24.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon32.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon32.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon48.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon48.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon64.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon64.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\jquery-1.9.1.min.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\jquery.uuid.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\manifest.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\popup.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\rjs.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\settings.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\background.html, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\button.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\ci.bg.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\ci.browser.helper.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\ci.content.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\content.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon128.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon128.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon16.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon16.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon18.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon18.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon24.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon24.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon32.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon32.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon48.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon48.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon64.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon64.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\jquery-1.9.1.min.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\jquery.uuid.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\manifest.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\popup.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\rjs.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\settings.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\background.html, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\button.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\ci.bg.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\ci.browser.helper.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\ci.content.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\content.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon128.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon128.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon16.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon16.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon18.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon18.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon24.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon24.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon32.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon32.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon48.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon48.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon64.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon64.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\jquery-1.9.1.min.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\jquery.uuid.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\manifest.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\popup.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\rjs.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\settings.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\background.html, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\button.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\ci.bg.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\ci.browser.helper.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\ci.content.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\content.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon128.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon128.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon16.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon16.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon18.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon18.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon24.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon24.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon32.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon32.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon48.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon48.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon64.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon64.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\jquery-1.9.1.min.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\jquery.uuid.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\manifest.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\popup.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\rjs.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\settings.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\config.json, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-128.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-48.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\empty-favicon.ico, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\jquery.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\manifest.json, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\util.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css\newtab.css, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\no_thumb.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\search-icon.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\background.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\background.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\config.json, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\dea-128.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\dea-48.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\empty-favicon.ico, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\jquery.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\manifest.json, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\newtab.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\newtab.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\redirect.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\redirect.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\util.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\css\newtab.css, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\Img\no_thumb.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\Img\search-icon.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\background.html, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\config.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\manifest.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons\ss-128.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons\ss-48.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\background.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\loader_1036.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\utils.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\background.html, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\config.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\manifest.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\icons\ss-128.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\icons\ss-48.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\scripts\background.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\scripts\loader_1036.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\scripts\utils.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\background.html, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\config.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\manifest.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\icons\ss-128.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\icons\ss-48.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\scripts\background.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\scripts\loader_1036.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\scripts\utils.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-128.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-19.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-48.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\background.js, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\manifest.json, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-128.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-19.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-48.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\background.js, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\manifest.json, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\background.js, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-128.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-19.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-48.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\manifest.json, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\background.js, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\ebay-128.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\ebay-19.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\ebay-48.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\manifest.json, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.OfferMosquito.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito\ext_offermosquito.crx, Quarantined, [fc740f90b8c30630a5b3723c679b2bd5], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome.manifest, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\icon.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\install.rdf, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\background.html, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.xml, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\config.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\content.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.xul, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\jquery-1.9.1.min.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\options.xul, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\rjs.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\settings.json, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\subscriptloader.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\skin\framework.css, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], Physical Sectors: 0 (No malicious items detected) (end) |
14.07.2014, 20:10 | #6 |
/// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefunden Jup... Und jetzt noch die FRST-Logs...
__________________ --> Viele Fehler mit Malwarebites Anti-Malware gefunden |
14.07.2014, 20:21 | #7 |
| Viele Fehler mit Malwarebites Anti-Malware gefunden Okay, da sind jetzt 5 Teile mit 2 verschiedenen Namen. Ich stelle jetzt erst einmal diese beiden ein: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2014 01 Ran by home at 2014-07-14 21:04:21 Running from C:\Users\home\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe Acrobat 4.0 (HKLM-x32\...\Adobe Acrobat 4.0) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}) (Version: 1.3.17.05006 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.3.17.05006 - Alcor Micro Corp.) Hidden AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden AMD APP SDK Runtime (Version: 10.0.1124.2 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Atheros Communications Inc.) Avira (HKLM-x32\...\{142be4a8-895b-4ed9-b1ff-11c76357e3df}) (Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira) Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.235.19 - Broadcom Corporation) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0605.2309.39762 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM) F4500 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Free Driver Scout (HKLM-x32\...\{bf115462-3e26-4764-b423-0763bfe0f81d}) (Version: 1.0.0.0 - Covus Freemium) Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.2.50.1050 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit) iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Packard Bell) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 9 Essentials (HKLM-x32\...\{fdb6a376-effb-4e5d-9553-a941074539e3}) (Version: - Nero AG) Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden neroxml (x32 Version: 1.0.0 - Nero AG) Hidden Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden Opera Stable 22.0.1471.70 (HKLM-x32\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA) Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version: - ) Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.1.3 - WildTangent) Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell) Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems) Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Packard Bell) Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Packard Bell) Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3003 - Packard Bell) Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2010 - Packard Bell ) Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 2.0.3315 - CyberLink Corp.) Packard Bell Social Networks (x32 Version: 2.0.3315 - CyberLink Corp.) Hidden Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Packard Bell) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Spielkanäle (x32 Version: 3.1.0.10 - WildTangent, Inc.) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.19 - Synaptics Incorporated) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.) Video Web Camera (HKLM-x32\...\{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}) (Version: 0.5.37.3 - SuYin) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3004 - Packard Bell) WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4100 - Broadcom Corporation) WildTangent Games App (x32 Version: 4.0.11.9 - WildTangent) Hidden WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation) Wise Care 365 Version 2.92 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 3.1.6 - WiseCleaner.com, Inc.) XMedia Recode Version 3.1.6.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.6.9 - XMedia Recode) ==================== Restore Points ========================= 10-07-2014 08:33:57 Installed Network64 12-07-2014 15:27:06 Wiederherstellungsvorgang 12-07-2014 15:39:07 Windows Update 12-07-2014 15:48:12 Installed Network64 12-07-2014 21:43:04 Windows Update 13-07-2014 14:26:27 SuperEasy Registry Cleaner So, Jul 13, 14 16:26 13-07-2014 17:00:03 Windows-Sicherung ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {01D77159-F618-4D4B-9F50-4F24060FE2B1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation) Task: {0532769A-813A-478F-92B1-39078497FE50} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-05-28] (IObit) Task: {05438D7B-D0A3-4AE2-ACCC-F1D37717475F} - System32\Tasks\pcupdaterRunAtStartup => C:\Program Files (x86)\RadarSync\pcupdater.exe Task: {132C6E14-3AC5-401F-BA33-4040A6D133C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: {1B1E0608-ED39-459B-9562-FF9CB57EBE2C} - \Software Updater Ui No Task File <==== ATTENTION Task: {242F4329-09E3-43B2-AD0B-515993104AC6} - System32\Tasks\pcupdater_UPDATES => C:\Program Files (x86)\RadarSync\pcupdater.exe Task: {2EF14B34-DC5C-4401-B427-8347B99FEDA8} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-06-23] (WiseCleaner.COM) Task: {3458F13D-D0D4-460D-BB10-FC718075FCF8} - System32\Tasks\{3521F159-3C3A-4C55-A090-2932239A7518} => C:\Program Files (x86)\Safari\Safari.exe Task: {393837B2-B250-4E0C-AC0C-E1EDE8EF9D21} - \LaunchApp No Task File <==== ATTENTION Task: {523F93A2-056B-4EC9-B5C3-07AAF2D8E13E} - System32\Tasks\Opera scheduled Autoupdate 1387908115 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software) Task: {5870C32B-9A48-4284-9144-9D290E6F7A6F} - System32\Tasks\{62AC9355-B710-4204-A803-5BE7916D29C6} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.370&LastError=404 Task: {5A787A0F-1BE4-4AAE-B048-29324E4275CD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation) Task: {5BE40EAD-1E41-445C-B094-5CF70C581B63} - System32\Tasks\RunAsStdUser Task => C:\Users\home\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\ClickPotatoLiteSA.exe Task: {5EB38DC4-C18B-4189-AF1F-955578295707} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager\anvir.exe Task: {723BB7FE-2C58-432F-9255-E6603309F7E8} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe Task: {73947097-3245-4165-8A6E-8852B5F48962} - \Software Updater No Task File <==== ATTENTION Task: {742F9AF0-8049-48BD-8C19-D391728FA0AF} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: {82C6D843-ADD7-4746-AFC1-558AA63FD157} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2013-12-20] () Task: {886B801F-6A6D-4768-9A69-63AE75B40E86} - System32\Tasks\Driver Booster SkipUAC (home) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {9030B559-4BC1-421C-BC61-4350128085E2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2860422063-2389435366-3468819961-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {A45456EF-F8FF-4A8E-A755-757A1A279803} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2860422063-2389435366-3468819961-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {AA5E9187-406D-4DE5-A4AF-994278A0EE72} - System32\Tasks\{909ECD4C-6A7E-4DE1-9306-BB6C600BFC88} => C:\Program Files (x86)\MAESTIA\Maestia.exe Task: {BCECE060-EA16-47B0-BA65-C74D021600E5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {BE41766E-2E6A-4737-B2B4-4271FC723565} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08] (Adobe Systems Incorporated) Task: {C96ADF2F-35CA-4203-8CF9-DB7AB659A5F3} - System32\Tasks\{967D3E01-B133-4505-8FE5-2EC563C93FC9} => C:\Program Files (x86)\Safari\Safari.exe Task: {D4EB1761-6669-4526-8653-8015BAE1CFB5} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2013-07-26] (Veoh Networks) Task: {DC791843-C879-4095-8174-ACE5B00350AE} - System32\Tasks\{2179C77E-1426-448F-A267-6D96A855262F} => C:\Program Files (x86)\Safari\Safari.exe Task: {DF1EA855-F816-4A29-A046-F61356837280} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {E45D7F76-947B-46F2-81D7-9DEFFA266C01} - System32\Tasks\SuperEasy Registry Cleaner_DEFAULT => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe Task: {F1F435AC-80EB-4067-8A35-C4C7E0DD1BAD} - System32\Tasks\{0941A15C-C4D4-4389-B736-EC7364292AFE} => C:\Program Files (x86)\ZC2.10\zelda-w.exe Task: {F4B82946-19DA-4C56-86D9-59C769E39B7D} - System32\Tasks\SuperEasy Registry Cleaner_UPDATES => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe Task: {FA267388-F1F8-46DA-93A4-2C9E7C2EF93B} - System32\Tasks\{BF3FFC32-9EA9-4534-91ED-6EE4F3D10550} => C:\Program Files (x86)\Safari\Safari.exe Task: {FCD78680-0D70-4160-9DA3-B2CFEF32F8A0} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\Windows\Tasks\pcupdater_UPDATES.job => C:\Program Files (x86)\RadarSync\pcupdater.exe Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe ==================== Loaded Modules (whitelisted) ============= 2014-06-06 16:01 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-11-07 08:21 - 2013-11-07 08:21 - 00038128 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe 2011-01-13 11:04 - 2011-01-13 11:04 - 00030080 _____ () C:\Windows\snuvcdsm.exe 2014-06-20 05:43 - 2014-06-20 05:42 - 01396344 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-07-07 13:53 - 2014-07-07 13:53 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll 2014-07-07 13:52 - 2014-07-07 13:52 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll 2014-07-14 14:33 - 2014-07-07 13:53 - 00049744 _____ () C:\Users\home\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll 2014-06-20 05:43 - 2014-06-20 05:42 - 00957048 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\ffmpegsumo.dll 2014-05-28 10:09 - 2014-05-28 10:09 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\ProgramData\Temp:58D8F144 AlternateDataStreams: C:\ProgramData\Temp:C5831B98 AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 AlternateDataStreams: C:\Users\home\Downloads\Bestellbestätigung Ihr Einkauf bei allyouneed.com.eml:OECustomProperty AlternateDataStreams: C:\Users\home\Documents\Bestellbestätigung Ihr Einkauf bei allyouneed.com - Kopie.eml:OECustomProperty AlternateDataStreams: C:\Users\home\Documents\RE_Re_ RE_Re_ RE_Kundenkonto [T20130403053YS010Z18292853].eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service" ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: VeohPlugin => "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" MSCONFIG\startupreg: VideoWebCamera => "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/14/2014 07:19:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: opera.exe, Version: 22.0.1471.70, Zeitstempel: 0x539b907d Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften Prozesses: 0xf18 Startzeit der fehlerhaften Anwendung: 0xopera.exe0 Pfad der fehlerhaften Anwendung: opera.exe1 Pfad des fehlerhaften Moduls: opera.exe2 Berichtskennung: opera.exe3 Error: (07/14/2014 07:19:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: opera.exe, Version: 22.0.1471.70, Zeitstempel: 0x539b907d Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften Prozesses: 0x17ac Startzeit der fehlerhaften Anwendung: 0xopera.exe0 Pfad der fehlerhaften Anwendung: opera.exe1 Pfad des fehlerhaften Moduls: opera.exe2 Berichtskennung: opera.exe3 Error: (07/14/2014 07:18:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: opera.exe, Version: 22.0.1471.70, Zeitstempel: 0x539b907d Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften Prozesses: 0xbd8 Startzeit der fehlerhaften Anwendung: 0xopera.exe0 Pfad der fehlerhaften Anwendung: opera.exe1 Pfad des fehlerhaften Moduls: opera.exe2 Berichtskennung: opera.exe3 Error: (07/14/2014 07:18:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: opera.exe, Version: 22.0.1471.70, Zeitstempel: 0x539b907d Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften Prozesses: 0x172c Startzeit der fehlerhaften Anwendung: 0xopera.exe0 Pfad der fehlerhaften Anwendung: opera.exe1 Pfad des fehlerhaften Moduls: opera.exe2 Berichtskennung: opera.exe3 Error: (07/14/2014 04:59:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Cube.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10e4 Startzeit: 01cf9f7327475a60 Endzeit: 125 Anwendungspfad: C:\Program Files (x86)\Cube World\Cube.exe Berichts-ID: 6ef3212d-0b67-11e4-93b9-60eb69732031 Error: (07/14/2014 04:34:27 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Nur zur Information. (Stream product id=0x0066): Streaming Failed Error: (07/14/2014 04:33:57 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Nur zur Information. Too many failures while downloading ranges: 2 Error: (07/14/2014 04:33:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.17.31000, Zeitstempel: 0x53ba89f5 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000332b0 ID des fehlerhaften Prozesses: 0x1124 Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0 Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1 Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2 Berichtskennung: Avira.OE.Systray.exe3 Error: (07/14/2014 04:33:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: Avira.OE.Systray.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet. Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 77A332B0 Error: (07/14/2014 03:57:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: opera.exe, Version: 22.0.1471.70, Zeitstempel: 0x539b907d Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften Prozesses: 0xc58 Startzeit der fehlerhaften Anwendung: 0xopera.exe0 Pfad der fehlerhaften Anwendung: opera.exe1 Pfad des fehlerhaften Moduls: opera.exe2 Berichtskennung: opera.exe3 System errors: ============= Error: (07/14/2014 09:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (07/14/2014 08:01:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (07/14/2014 07:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (07/14/2014 06:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (07/14/2014 05:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (07/14/2014 04:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (07/14/2014 03:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (07/14/2014 02:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (07/14/2014 01:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error: (07/14/2014 00:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Microsoft Office Sessions: ========================= Error: (07/14/2014 07:19:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe22.0.1471.70539b907dntdll.dll6.1.7601.18247521ea8e7c0000374000ce753f1801cf9f87d322fe2dC:\Program Files (x86)\Opera\22.0.1471.70\opera.exeC:\Windows\SysWOW64\ntdll.dll1473a81c-0b7b-11e4-93b9-60eb69732031 Error: (07/14/2014 07:19:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe22.0.1471.70539b907dntdll.dll6.1.7601.18247521ea8e7c0000374000ce75317ac01cf9f87bf8c35d0C:\Program Files (x86)\Opera\22.0.1471.70\opera.exeC:\Windows\SysWOW64\ntdll.dll020b791d-0b7b-11e4-93b9-60eb69732031 Error: (07/14/2014 07:18:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe22.0.1471.70539b907dntdll.dll6.1.7601.18247521ea8e7c0000374000ce753bd801cf9f87a59e1acdC:\Program Files (x86)\Opera\22.0.1471.70\opera.exeC:\Windows\SysWOW64\ntdll.dlle7ed73c7-0b7a-11e4-93b9-60eb69732031 Error: (07/14/2014 07:18:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe22.0.1471.70539b907dntdll.dll6.1.7601.18247521ea8e7c0000374000ce753172c01cf9f719dd326a4C:\Program Files (x86)\Opera\22.0.1471.70\opera.exeC:\Windows\SysWOW64\ntdll.dlld2558b10-0b7a-11e4-93b9-60eb69732031 Error: (07/14/2014 04:59:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Cube.exe0.0.0.010e401cf9f7327475a60125C:\Program Files (x86)\Cube World\Cube.exe6ef3212d-0b67-11e4-93b9-60eb69732031 Error: (07/14/2014 04:34:27 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: (Stream product id=0x0066): Streaming Failed Error: (07/14/2014 04:33:57 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Too many failures while downloading ranges: 2 Error: (07/14/2014 04:33:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Avira.OE.Systray.exe1.1.17.3100053ba89f5ntdll.dll6.1.7601.18247521ea8e7c0000005000332b0112401cf9f708121d578C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\SysWOW64\ntdll.dlldf79273f-0b63-11e4-93b9-60eb69732031 Error: (07/14/2014 04:33:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: Avira.OE.Systray.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet. Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 77A332B0 Error: (07/14/2014 03:57:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: opera.exe22.0.1471.70539b907dntdll.dll6.1.7601.18247521ea8e7c0000374000ce753c5801cf9f603872d6afC:\Program Files (x86)\Opera\22.0.1471.70\opera.exeC:\Windows\SysWOW64\ntdll.dllccf05d08-0b5e-11e4-a7a8-60eb69732031 CodeIntegrity Errors: =================================== Date: 2014-05-26 02:29:14.874 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-25 20:55:00.926 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-25 16:46:34.484 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-25 06:36:14.842 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-23 04:55:18.675 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-22 23:59:57.456 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-22 08:35:42.270 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-22 08:28:51.358 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-17 18:46:18.701 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-05-16 09:38:52.216 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 57% Total physical RAM: 4028.5 MB Available physical RAM: 1694.55 MB Total Pagefile: 8055.17 MB Available Pagefile: 5091.45 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (Packard Bell) (Fixed) (Total:452.66 GB) (Free:393.69 GB) NTFS Drive d: (Die Siedler 2) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: DCD7F3C7) Partition 1: (Not Active) - (Size=13 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS) ==================== End Of Log ============================ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014 01 Ran by home (administrator) on HOME-PC on 14-07-2014 21:05:46 Running from C:\Users\home\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe () C:\Windows\snuvcdsm.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-05] (Alcor Micro Corp.) HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe [99712 2011-01-13] (Sonix Technology Co., Ltd.) HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [30080 2011-01-13] () HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-11-07] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2000-01-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2000-01-01] (Realtek Semiconductor) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [189520 2014-07-07] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe" "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware " [54072 2014-05-12] (Malwarebytes Corporation) HKU\.DEFAULT\...\Run: [Advanced SystemCare 6] => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto HKU\S-1-5-21-2860422063-2389435366-3468819961-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-2860422063-2389435366-3468819961-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\PowerReg Scheduler.exe () ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://connect.sat1.de/ https://apps.facebook.com/disneycitygirl/?fb_source=fbpage URLSearchHook: HKCU - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File URLSearchHook: HKCU - (No Name) - {f92a9fe4-2850-4198-b9d5-279880e49b16} - No File URLSearchHook: HKCU - (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No File URLSearchHook: HKCU - (No Name) - {79a2b609-bbc0-4d16-9925-70cb98a6490d} - No File URLSearchHook: HKCU - (No Name) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - No File SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {09A80918-F57F-459B-B8C1-7ACF8EFD1CE0} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=eb3bde43-c29a-41d9-8590-f0c93588585e&apn_sauid=5F75A01D-7072-41C4-A293-C5770049B12D SearchScopes: HKCU - {7BF94701-F358-40CC-85A3-75064A01A668} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus SearchScopes: HKCU - {B92109A9-A502-4D2C-AD6A-8F8998119011} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279411&CUI=UN23838228739036247&UM=2 SearchScopes: HKCU - {E5A360F7-318E-4788-8A2D-C3D4EA2EA529} URL = hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=4&cc= SearchScopes: HKCU - {F3DE2AEE-3CEF-4FDD-BE82-BDF2ED7D9E03} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms} SearchScopes: HKCU - {FC6BD45B-5DF0-43BC-893A-163E741BB32B} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=de&q={searchTerms}&gu=35713ac3a8f747c1b198b1b5e15d2d36&tu=10G9z00C11C01g0&sku=&tstsId=&ver=&&r=241 BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> No File BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No File Toolbar: HKCU - No Name - {79A2B609-BBC0-4D16-9925-70CB98A6490D} - No File Toolbar: HKCU - No Name - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - No File DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-07-09] FF HKCU\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (Magic Actions for YouTube™) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2013-12-24] CHR Extension: (Docs) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-31] CHR Extension: (Google Drive) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-31] CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-05-28] CHR Extension: (YouTube) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-31] CHR Extension: (Last updated at $time$ on $date$) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-22] CHR Extension: (Google Search) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-31] CHR Extension: (One Piece: Monkey D. Luffy (1920x1200)) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\egombopaikoeelblebkkilbmgpdofcio [2013-12-13] CHR Extension: (avast! Ad Blocker) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-12-13] CHR Extension: (appbario12) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi [2014-01-31] CHR Extension: (AdBlock) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-22] CHR Extension: (Skype Click to Call) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-26] CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-21] CHR Extension: (Google Wallet) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Click&Clean App) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2013-12-24] CHR Extension: (Gmail) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-31] CHR HKCU\...\Chrome\Extension: [ggamifejnddpoocdmadhjdbgaijnphdi] - C:\Users\home\AppData\Local\CRE\ggamifejnddpoocdmadhjdbgaijnphdi.crx [2013-07-24] CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\home\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19] CHR HKLM-x32\...\Chrome\Extension: [ggamifejnddpoocdmadhjdbgaijnphdi] - C:\Users\home\AppData\Local\CRE\ggamifejnddpoocdmadhjdbgaijnphdi.crx [2013-07-24] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-07] (Avira Operations GmbH & Co. KG) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation) S3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated) S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-05-28] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S4 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-29] (NewTech Infosystems, Inc.) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [38128 2013-11-07] () R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group) S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com) S3 AdobeFlashPlayerUpdateSvc; No ImagePath S3 McComponentHostService; No ImagePath ==================== Drivers (Whitelisted) ==================== R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG) S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2014-02-28] (Broadcom Corporation.) R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-15] (Lenovo) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation) U0 kqrrkg; C:\Windows\System32\drivers\kkhlq.sys [79064 2014-07-14] (Malwarebytes Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-05-28] (Qualcomm Atheros Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-14] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2011-01-13] () S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-06-20] () R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () S3 WiseHDInfo; C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-14 21:04 - 2014-07-14 21:05 - 00041804 _____ () C:\Users\home\Downloads\Addition.txt 2014-07-14 21:02 - 2014-07-14 21:06 - 00026008 _____ () C:\Users\home\Downloads\FRST.txt 2014-07-14 21:02 - 2014-07-14 21:05 - 00000000 ____D () C:\FRST 2014-07-14 20:57 - 2014-07-14 20:57 - 02086912 _____ (Farbar) C:\Users\home\Downloads\FRST64.exe 2014-07-14 20:22 - 2014-07-14 20:22 - 00057429 _____ () C:\Users\home\Desktop\mbam.txt 2014-07-14 20:21 - 2014-07-14 20:21 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\kkhlq.sys 2014-07-14 19:50 - 2014-07-14 20:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-14 19:49 - 2014-07-14 19:49 - 00001094 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-14 19:49 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-14 19:49 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-14 19:49 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-14 19:48 - 2014-07-14 19:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\home\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-14 16:10 - 2014-07-14 16:10 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (3).exe 2014-07-14 16:10 - 2014-07-14 16:10 - 00001023 _____ () C:\Users\Public\Desktop\Cube World.lnk 2014-07-14 16:10 - 2014-07-14 16:10 - 00000000 ____D () C:\ProgramData\Picroma 2014-07-14 16:10 - 2014-07-14 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cube World 2014-07-14 14:54 - 2014-07-14 14:54 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (2).exe 2014-07-14 14:35 - 2014-07-14 17:35 - 00013018 _____ () C:\Windows\WindowsUpdate.log 2014-07-14 14:34 - 2014-07-14 14:34 - 00114952 _____ () C:\Users\home\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-14 14:32 - 2014-07-14 16:31 - 00000112 _____ () C:\Windows\setupact.log 2014-07-14 14:32 - 2014-07-14 14:32 - 00000666 _____ () C:\Windows\PFRO.log 2014-07-14 14:32 - 2014-07-14 14:32 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-14 10:45 - 2014-07-14 10:45 - 01448809 _____ (DOSBox Team) C:\Users\home\Downloads\DOSBox0.74-win32-installer (1).exe 2014-07-13 16:35 - 2014-07-13 16:35 - 00000000 ____D () C:\Users\home\AppData\Roaming\Eusing 2014-07-13 16:33 - 2014-07-13 16:33 - 00000000 ____D () C:\Users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2014-07-13 16:33 - 2014-07-13 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2014-07-13 16:32 - 2014-07-13 16:32 - 00982988 _____ () C:\Users\home\Downloads\EFRC35Setup.exe 2014-07-13 16:23 - 2014-07-14 15:01 - 00000320 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job 2014-07-13 16:23 - 2014-07-14 14:32 - 00000328 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job 2014-07-13 16:23 - 2014-07-13 16:23 - 00003182 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner 2014-07-13 16:23 - 2014-07-13 16:23 - 00003066 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_UPDATES 2014-07-13 16:23 - 2014-07-13 16:23 - 00002910 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_DEFAULT 2014-07-13 16:15 - 2014-07-13 16:15 - 04786016 _____ (SuperEasy Software GmbH & Co. KG ) C:\Users\home\Downloads\supereasy_registry_cleaner_1.0.0_7987.exe 2014-07-12 23:45 - 2014-07-12 23:45 - 00000045 _____ () C:\Windows\SysWOW64\Configurations.plist.signed 2014-07-12 20:18 - 2014-07-12 20:18 - 00000000 ____D () C:\Users\home\AppData\Roaming\Avira 2014-07-12 20:16 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-07-12 20:16 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-07-12 20:16 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-07-12 20:15 - 2014-07-12 20:32 - 70560360 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Basic_Win_enu_140_175 (1).exe 2014-07-12 20:14 - 2014-07-12 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-07-12 20:14 - 2014-07-12 20:16 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-07-12 20:14 - 2014-07-12 20:14 - 00001117 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-07-12 20:13 - 2014-07-12 20:13 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\home\Downloads\avira_de_av___ws2.exe 2014-07-12 18:08 - 2014-07-09 18:42 - 00218021 ____N () C:\Windows\hpoins46.dat.temp 2014-07-12 18:08 - 2010-01-30 15:21 - 00000532 ____N () C:\Windows\hpomdl46.dat.temp 2014-07-09 20:22 - 2014-07-12 11:20 - 00000000 ____D () C:\Users\home\Documents\1 Bills 2014 2014-07-09 19:14 - 2014-07-09 19:14 - 00000000 ____D () C:\Users\home\AppData\Local\Adobe 2014-07-09 19:13 - 2014-07-09 19:13 - 00000000 ____D () C:\Users\home\Documents\Eigene Scans 2014-07-09 19:12 - 2014-07-09 19:12 - 00000000 ____D () C:\Users\home\AppData\Local\HP 2014-07-09 19:11 - 2014-07-09 19:11 - 00000000 ____D () C:\ProgramData\HPSSUPPLY 2014-07-09 18:43 - 2014-07-09 19:12 - 00000000 ____D () C:\Users\home\AppData\Roaming\HP 2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\ProgramData\WEBREG 2014-07-09 18:37 - 2014-07-12 20:50 - 00000000 ____D () C:\Program Files (x86)\Yahoo! 2014-07-09 18:37 - 2014-07-12 17:50 - 00000000 ____D () C:\Users\home\AppData\Roaming\HpUpdate 2014-07-09 18:37 - 2014-07-09 18:37 - 00000000 ____D () C:\Users\home\AppData\Roaming\Yahoo! 2014-07-09 18:35 - 2014-07-09 18:35 - 00001335 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk 2014-07-09 18:35 - 2014-07-09 18:35 - 00001329 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk 2014-07-09 18:35 - 2014-07-09 18:35 - 00000000 ____D () C:\ProgramData\HP Product Assistant 2014-07-09 18:33 - 2014-07-09 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-07-09 18:32 - 2009-04-16 12:47 - 00136704 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l70w.dll 2014-07-09 18:30 - 2014-07-09 18:37 - 00000000 ____D () C:\Program Files (x86)\HP 2014-07-09 18:29 - 2014-07-09 18:42 - 00218021 ____N () C:\Windows\hpoins46.dat 2014-07-09 18:29 - 2010-01-30 15:21 - 00000532 ____N () C:\Windows\hpomdl46.dat 2014-07-09 18:29 - 2009-04-16 13:53 - 00642360 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll 2014-07-09 18:29 - 2009-04-01 08:21 - 00881664 _____ (Hewlett-Packard) C:\Windows\system32\hposwia_d02d.dll 2014-07-09 18:29 - 2009-04-01 08:21 - 00749056 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpost_d02d.dll 2014-07-09 18:29 - 2009-04-01 08:21 - 00516096 _____ (Hewlett-Packard Co.) C:\Windows\system32\hposc_d02a.dll 2014-07-09 18:29 - 2008-10-29 02:27 - 00551424 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll 2014-07-09 18:26 - 2014-07-09 18:27 - 161214848 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Full_Win_deu_140_175.exe 2014-07-09 17:46 - 2014-07-09 18:02 - 70560360 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Basic_Win_enu_140_175.exe 2014-07-09 17:31 - 2014-07-09 18:04 - 00000000 ____D () C:\Program Files\HP 2014-07-09 17:29 - 2014-07-12 18:09 - 00002300 _____ () C:\ProgramData\hpzinstall.log 2014-07-09 17:28 - 2014-07-09 18:42 - 00000000 ____D () C:\ProgramData\HP 2014-07-09 13:15 - 2014-07-09 13:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_nnfwdk64_01009.Wdf 2014-07-09 13:15 - 2014-07-09 13:15 - 00000000 _____ () C:\extensions.sqlite 2014-07-09 13:08 - 2014-07-12 17:31 - 00000000 ____D () C:\Program Files (x86)\NetRatingsNetSight 2014-07-09 13:08 - 2014-07-09 13:13 - 00000890 _____ () C:\nsinst.log 2014-07-09 12:56 - 2014-07-09 12:57 - 02756976 _____ (The Nielsen Company) C:\Users\home\Downloads\netsight_setup_6.1.0.27_MP_Production_mid51023797558_p.exe 2014-07-09 08:14 - 2014-07-09 08:14 - 00003116 _____ () C:\Windows\System32\Tasks\{D2504801-BBA0-4B9F-8CDB-00D13388E8DA} 2014-07-09 08:13 - 2014-07-09 08:13 - 00000000 ____D () C:\Users\home\AppData\Local\CrashRpt 2014-07-09 08:12 - 2014-07-09 08:12 - 00000000 ____D () C:\Users\home\AppData\Roaming\Digital Support 2014-07-09 08:12 - 2014-07-09 08:12 - 00000000 ____D () C:\Users\home\AppData\Local\conduit 2014-07-09 00:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 00:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 00:11 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 00:10 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 00:10 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 00:10 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 00:10 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 00:10 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 00:09 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 00:09 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 00:09 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 00:09 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 00:09 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 00:09 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 00:09 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 00:09 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 00:09 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 00:09 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 00:09 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 00:09 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 00:09 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 00:09 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 00:09 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 00:09 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 00:09 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 00:09 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 00:09 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 00:09 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 00:09 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 00:09 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 00:09 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 00:09 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 00:09 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 00:09 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 00:09 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 00:09 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 00:09 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 00:09 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 00:09 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 00:09 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 00:09 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 00:09 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 00:09 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 00:09 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 00:09 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 00:09 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 00:09 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 00:09 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 00:09 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 00:09 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 00:09 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 00:09 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 00:09 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 00:09 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 00:09 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 00:09 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 00:09 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 00:09 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 00:09 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 00:09 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 00:09 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 00:09 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 00:09 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 00:09 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 00:09 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 00:09 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 00:09 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-08 23:13 - 2014-07-08 23:13 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-07-08 23:01 - 2014-07-08 23:01 - 00875472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110.dll 2014-07-08 22:59 - 2014-07-08 23:00 - 05344984 _____ (Dll-Files.com ) C:\Users\home\Downloads\dffsetup-msvcr110.exe 2014-07-06 11:14 - 2014-07-06 11:14 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-07-06 11:13 - 2014-07-06 11:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-07-06 11:13 - 2014-07-06 11:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-07-06 09:59 - 2014-07-06 09:59 - 00000017 _____ () C:\Users\home\AppData\Local\resmon.resmoncfg 2014-07-06 08:03 - 2014-07-06 08:05 - 00000022 _____ () C:\Users\home\Downloads\ASUS_DR_PCE_AC66_6309526_Win7.zip 2014-07-06 08:02 - 2014-07-06 08:02 - 00000000 ____D () C:\Users\home\AppData\Local\DriverToolkit 2014-07-06 07:43 - 2014-07-06 07:44 - 124637134 _____ (Realtek Semiconductor Corp.) C:\Users\home\Downloads\64bit_Win7_Win8_Win81_R274.exe 2014-07-03 22:27 - 2014-07-03 00:53 - 00148759 _____ () C:\Users\home\Documents\Bestellbestätigung Ihr Einkauf bei allyouneed.com - Kopie.eml 2014-07-03 22:25 - 2014-07-03 22:25 - 00148759 _____ () C:\Users\home\Downloads\Bestellbestätigung Ihr Einkauf bei allyouneed.com.eml 2014-07-03 00:54 - 2014-07-03 00:56 - 00000000 ____D () C:\Users\home\Documents\Outlook-Dateien 2014-06-26 20:29 - 2014-06-26 20:29 - 00000000 ____D () C:\Users\home\AppData\Roaming\SuperEasy 2014-06-23 15:31 - 2014-07-08 23:06 - 00000000 ____D () C:\Users\home\AppData\Roaming\WiseUpdate 2014-06-21 23:25 - 2014-06-21 23:36 - 00000000 ____D () C:\Users\home\AppData\Local\LogMeIn Hamachi 2014-06-21 23:25 - 2014-06-21 23:25 - 00000000 ____D () C:\Users\home\AppData\Local\LogMeIn 2014-06-21 23:25 - 2014-06-21 23:25 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-06-21 23:19 - 2014-06-21 23:20 - 08224768 _____ () C:\Users\home\Downloads\Hamachi_2.2.0.193.msi 2014-06-20 06:03 - 2014-06-20 06:03 - 00000000 ____D () C:\ProgramData\ATI 2014-06-20 05:59 - 2014-06-20 05:59 - 00000024 _____ () C:\Users\home\AppData\Roaming\temp.ini 2014-06-20 05:51 - 2014-06-20 05:51 - 00000000 ____D () C:\Users\home\AppData\Roaming\library_dir 2014-06-20 05:50 - 2014-06-20 05:50 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2014-06-20 05:49 - 2014-06-20 05:49 - 00056272 _____ () C:\Windows\SysWOW64\CCCInstall_201406200549477004.log 2014-06-20 05:49 - 2014-06-20 05:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-06-20 05:38 - 2014-04-18 04:23 - 00231424 _____ () C:\Windows\system32\clinfo.exe 2014-06-20 05:38 - 2014-04-18 04:22 - 28685824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2014-06-20 05:38 - 2014-04-18 04:22 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll 2014-06-20 05:38 - 2014-04-18 04:22 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll 2014-06-20 05:38 - 2014-04-18 04:22 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll 2014-06-20 05:38 - 2014-04-18 04:22 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll 2014-06-20 05:38 - 2014-04-18 04:19 - 24107520 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2014-06-20 05:38 - 2014-04-18 04:17 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-06-20 05:38 - 2014-04-18 04:17 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-06-20 05:38 - 2014-04-18 04:13 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll 2014-06-20 05:38 - 2014-04-18 04:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll 2014-06-20 05:38 - 2014-04-18 04:12 - 05442048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll 2014-06-20 05:38 - 2014-04-18 03:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll 2014-06-20 05:38 - 2014-04-18 03:46 - 00580816 _____ () C:\Windows\SysWOW64\atiapfxx.blb 2014-06-20 05:38 - 2014-04-18 03:45 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll 2014-06-20 05:38 - 2014-04-18 03:45 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll 2014-06-20 05:38 - 2014-04-18 03:33 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll 2014-06-20 05:38 - 2014-04-18 03:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll 2014-06-20 05:38 - 2014-04-18 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2014-06-20 05:38 - 2014-04-18 03:21 - 00806912 _____ (AMD) C:\Windows\system32\coinst_14.100.dll 2014-06-20 05:38 - 2014-04-18 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2014-06-20 05:38 - 2014-04-10 19:58 - 00082128 _____ () C:\Windows\system32\ativce02.dat 2014-06-20 05:38 - 2014-04-01 00:06 - 00234804 _____ () C:\Windows\system32\ativvaxy_cik.dat 2014-06-20 05:38 - 2014-04-01 00:04 - 00233008 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat 2014-06-20 05:38 - 2014-02-06 17:45 - 00134192 _____ () C:\Windows\system32\ativce03.dat 2014-06-20 05:38 - 2014-01-16 19:00 - 00273712 _____ () C:\Windows\system32\ativvaxy_vi_nd.dat 2014-06-20 05:38 - 2014-01-16 18:59 - 00275124 _____ () C:\Windows\system32\ativvaxy_vi.dat 2014-06-20 05:38 - 2010-04-21 01:35 - 00450560 _____ (AMD) C:\Windows\system32\atieclxx.exe 2014-06-20 05:38 - 2010-04-21 01:34 - 00202752 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2014-06-20 05:38 - 2010-04-21 00:40 - 00330752 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2014-06-20 05:20 - 2014-06-20 05:20 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\home\Downloads\SlimDrivers-setup_32705 (3).exe 2014-06-20 05:12 - 2014-06-20 05:12 - 02938144 _____ (LionSea Software co., ltd ) C:\Users\home\Downloads\setup.exe 2014-06-20 01:10 - 2014-07-14 16:10 - 00000000 ____D () C:\Program Files (x86)\Cube World 2014-06-20 01:09 - 2014-06-20 01:10 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3.exe 2014-06-20 01:09 - 2014-06-20 01:10 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (1).exe 2014-06-17 10:12 - 2014-06-17 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 ==================== One Month Modified Files and Folders ======= 2014-07-14 21:06 - 2014-07-14 21:02 - 00026008 _____ () C:\Users\home\Downloads\FRST.txt 2014-07-14 21:06 - 2012-03-08 10:23 - 00000000 ____D () C:\Users\home\AppData\Roaming\Skype 2014-07-14 21:05 - 2014-07-14 21:04 - 00041804 _____ () C:\Users\home\Downloads\Addition.txt 2014-07-14 21:05 - 2014-07-14 21:02 - 00000000 ____D () C:\FRST 2014-07-14 21:01 - 2012-04-01 08:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-14 20:57 - 2014-07-14 20:57 - 02086912 _____ (Farbar) C:\Users\home\Downloads\FRST64.exe 2014-07-14 20:37 - 2014-07-14 19:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-14 20:22 - 2014-07-14 20:22 - 00057429 _____ () C:\Users\home\Desktop\mbam.txt 2014-07-14 20:21 - 2014-07-14 20:21 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\kkhlq.sys 2014-07-14 20:21 - 2009-07-14 06:45 - 00000000 ____D () C:\Windows\Setup 2014-07-14 19:49 - 2014-07-14 19:49 - 00001094 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-14 19:49 - 2013-12-13 04:37 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-14 19:48 - 2014-07-14 19:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\home\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-14 19:37 - 2014-05-25 06:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grandia II 2014-07-14 19:37 - 2014-05-25 06:03 - 00000000 ____D () C:\Program Files (x86)\Grandia2 2014-07-14 19:20 - 2011-08-22 17:10 - 00000000 ____D () C:\Users\home\AppData\Local\CrashDumps 2014-07-14 17:35 - 2014-07-14 14:35 - 00013018 _____ () C:\Windows\WindowsUpdate.log 2014-07-14 16:44 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-14 16:44 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-14 16:33 - 2013-12-25 02:42 - 00000000 ____D () C:\Users\home\AppData\Roaming\Wise Care 365 2014-07-14 16:31 - 2014-07-14 14:32 - 00000112 _____ () C:\Windows\setupact.log 2014-07-14 16:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-14 16:10 - 2014-07-14 16:10 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (3).exe 2014-07-14 16:10 - 2014-07-14 16:10 - 00001023 _____ () C:\Users\Public\Desktop\Cube World.lnk 2014-07-14 16:10 - 2014-07-14 16:10 - 00000000 ____D () C:\ProgramData\Picroma 2014-07-14 16:10 - 2014-07-14 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cube World 2014-07-14 16:10 - 2014-06-20 01:10 - 00000000 ____D () C:\Program Files (x86)\Cube World 2014-07-14 15:01 - 2014-07-13 16:23 - 00000320 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job 2014-07-14 14:54 - 2014-07-14 14:54 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (2).exe 2014-07-14 14:34 - 2014-07-14 14:34 - 00114952 _____ () C:\Users\home\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-14 14:32 - 2014-07-14 14:32 - 00000666 _____ () C:\Windows\PFRO.log 2014-07-14 14:32 - 2014-07-14 14:32 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-14 14:32 - 2014-07-13 16:23 - 00000328 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job 2014-07-14 12:00 - 2014-01-28 09:26 - 00114952 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT 2014-07-14 10:46 - 2014-06-05 22:42 - 00001894 _____ () C:\Users\Public\Desktop\DOSBox 0.74.lnk 2014-07-14 10:45 - 2014-07-14 10:45 - 01448809 _____ (DOSBox Team) C:\Users\home\Downloads\DOSBox0.74-win32-installer (1).exe 2014-07-14 10:33 - 2014-02-15 00:34 - 00000404 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job 2014-07-13 16:35 - 2014-07-13 16:35 - 00000000 ____D () C:\Users\home\AppData\Roaming\Eusing 2014-07-13 16:33 - 2014-07-13 16:33 - 00000000 ____D () C:\Users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2014-07-13 16:33 - 2014-07-13 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2014-07-13 16:32 - 2014-07-13 16:32 - 00982988 _____ () C:\Users\home\Downloads\EFRC35Setup.exe 2014-07-13 16:30 - 2013-12-27 17:18 - 00114952 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2014-07-13 16:23 - 2014-07-13 16:23 - 00003182 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner 2014-07-13 16:23 - 2014-07-13 16:23 - 00003066 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_UPDATES 2014-07-13 16:23 - 2014-07-13 16:23 - 00002910 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_DEFAULT 2014-07-13 16:15 - 2014-07-13 16:15 - 04786016 _____ (SuperEasy Software GmbH & Co. KG ) C:\Users\home\Downloads\supereasy_registry_cleaner_1.0.0_7987.exe 2014-07-12 23:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-12 23:45 - 2014-07-12 23:45 - 00000045 _____ () C:\Windows\SysWOW64\Configurations.plist.signed 2014-07-12 22:55 - 2011-08-22 20:03 - 00711802 _____ () C:\Windows\system32\perfh007.dat 2014-07-12 22:55 - 2011-08-22 20:03 - 00155446 _____ () C:\Windows\system32\perfc007.dat 2014-07-12 22:55 - 2009-07-14 07:13 - 01655258 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-12 20:50 - 2014-07-09 18:37 - 00000000 ____D () C:\Program Files (x86)\Yahoo! 2014-07-12 20:32 - 2014-07-12 20:15 - 70560360 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Basic_Win_enu_140_175 (1).exe 2014-07-12 20:18 - 2014-07-12 20:18 - 00000000 ____D () C:\Users\home\AppData\Roaming\Avira 2014-07-12 20:17 - 2014-07-12 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-07-12 20:16 - 2014-07-12 20:14 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-07-12 20:16 - 2012-11-03 04:22 - 00000000 ____D () C:\ProgramData\Avira 2014-07-12 20:14 - 2014-07-12 20:14 - 00001117 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-07-12 20:14 - 2013-12-24 12:44 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-12 20:13 - 2014-07-12 20:13 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\home\Downloads\avira_de_av___ws2.exe 2014-07-12 18:09 - 2014-07-09 17:29 - 00002300 _____ () C:\ProgramData\hpzinstall.log 2014-07-12 17:50 - 2014-07-09 18:37 - 00000000 ____D () C:\Users\home\AppData\Roaming\HpUpdate 2014-07-12 17:50 - 2014-06-06 16:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-07-12 17:34 - 2011-08-22 10:57 - 00000000 ____D () C:\Users\home 2014-07-12 17:33 - 2014-02-14 04:30 - 00000000 ____D () C:\Users\home\AppData\Roaming\ProductData 2014-07-12 17:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-12 17:31 - 2014-07-09 13:08 - 00000000 ____D () C:\Program Files (x86)\NetRatingsNetSight 2014-07-12 11:20 - 2014-07-09 20:22 - 00000000 ____D () C:\Users\home\Documents\1 Bills 2014 2014-07-10 03:57 - 2009-07-14 06:45 - 00443784 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 20:55 - 2011-08-22 11:59 - 00000000 ____D () C:\Users\home\AppData\Roaming\Adobe 2014-07-09 19:14 - 2014-07-09 19:14 - 00000000 ____D () C:\Users\home\AppData\Local\Adobe 2014-07-09 19:13 - 2014-07-09 19:13 - 00000000 ____D () C:\Users\home\Documents\Eigene Scans 2014-07-09 19:12 - 2014-07-09 19:12 - 00000000 ____D () C:\Users\home\AppData\Local\HP 2014-07-09 19:12 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\home\AppData\Roaming\HP 2014-07-09 19:11 - 2014-07-09 19:11 - 00000000 ____D () C:\ProgramData\HPSSUPPLY 2014-07-09 18:53 - 2012-04-01 08:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 18:53 - 2012-04-01 08:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 18:53 - 2011-08-25 19:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\ProgramData\WEBREG 2014-07-09 18:42 - 2014-07-12 18:08 - 00218021 ____N () C:\Windows\hpoins46.dat.temp 2014-07-09 18:42 - 2014-07-09 18:29 - 00218021 ____N () C:\Windows\hpoins46.dat 2014-07-09 18:42 - 2014-07-09 17:28 - 00000000 ____D () C:\ProgramData\HP 2014-07-09 18:42 - 2009-07-14 04:34 - 00000438 _____ () C:\Windows\win.ini 2014-07-09 18:37 - 2014-07-09 18:37 - 00000000 ____D () C:\Users\home\AppData\Roaming\Yahoo! 2014-07-09 18:37 - 2014-07-09 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-07-09 18:37 - 2014-07-09 18:30 - 00000000 ____D () C:\Program Files (x86)\HP 2014-07-09 18:35 - 2014-07-09 18:35 - 00001335 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk 2014-07-09 18:35 - 2014-07-09 18:35 - 00001329 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk 2014-07-09 18:35 - 2014-07-09 18:35 - 00000000 ____D () C:\ProgramData\HP Product Assistant 2014-07-09 18:27 - 2014-07-09 18:26 - 161214848 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Full_Win_deu_140_175.exe 2014-07-09 18:04 - 2014-07-09 17:31 - 00000000 ____D () C:\Program Files\HP 2014-07-09 18:02 - 2014-07-09 17:46 - 70560360 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Basic_Win_enu_140_175.exe 2014-07-09 13:15 - 2014-07-09 13:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_nnfwdk64_01009.Wdf 2014-07-09 13:15 - 2014-07-09 13:15 - 00000000 _____ () C:\extensions.sqlite 2014-07-09 13:15 - 2014-06-07 23:39 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-09 13:13 - 2014-07-09 13:08 - 00000890 _____ () C:\nsinst.log 2014-07-09 12:57 - 2014-07-09 12:56 - 02756976 _____ (The Nielsen Company) C:\Users\home\Downloads\netsight_setup_6.1.0.27_MP_Production_mid51023797558_p.exe 2014-07-09 08:17 - 2014-05-07 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-09 08:17 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-09 08:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-09 08:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-09 08:14 - 2014-07-09 08:14 - 00003116 _____ () C:\Windows\System32\Tasks\{D2504801-BBA0-4B9F-8CDB-00D13388E8DA} 2014-07-09 08:13 - 2014-07-09 08:13 - 00000000 ____D () C:\Users\home\AppData\Local\CrashRpt 2014-07-09 08:12 - 2014-07-09 08:12 - 00000000 ____D () C:\Users\home\AppData\Roaming\Digital Support 2014-07-09 08:12 - 2014-07-09 08:12 - 00000000 ____D () C:\Users\home\AppData\Local\conduit 2014-07-09 08:11 - 2014-02-26 09:11 - 00000272 _____ () C:\Windows\Tasks\pcupdater_UPDATES.job 2014-07-09 08:02 - 2011-08-22 15:27 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-09 07:26 - 2013-07-19 03:02 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-09 07:22 - 2011-09-01 15:43 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-08 23:13 - 2014-07-08 23:13 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-07-08 23:12 - 2010-09-01 10:49 - 00000000 ____D () C:\ProgramData\Adobe 2014-07-08 23:12 - 2010-09-01 10:48 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-07-08 23:06 - 2014-06-23 15:31 - 00000000 ____D () C:\Users\home\AppData\Roaming\WiseUpdate 2014-07-08 23:01 - 2014-07-08 23:01 - 00875472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110.dll 2014-07-08 23:01 - 2012-07-26 16:22 - 00849360 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110.dll 2014-07-08 23:00 - 2014-07-08 22:59 - 05344984 _____ (Dll-Files.com ) C:\Users\home\Downloads\dffsetup-msvcr110.exe 2014-07-08 22:54 - 2014-01-16 19:05 - 00003514 _____ () C:\Windows\System32\Tasks\FreeDriverScout 2014-07-08 07:12 - 2011-09-11 14:29 - 00000000 ____D () C:\Users\home\AppData\Roaming\SoftGrid Client 2014-07-06 11:58 - 2014-07-06 11:13 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-07-06 11:58 - 2014-05-28 05:54 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-07-06 11:58 - 2014-05-28 05:54 - 00000000 ____D () C:\Program Files\Realtek 2014-07-06 11:58 - 2013-12-28 14:38 - 00000000 ____D () C:\ProgramData\FreeDriverScout 2014-07-06 11:58 - 2013-11-12 22:37 - 00000000 ____D () C:\ProgramData\ProductData 2014-07-06 11:58 - 2009-07-14 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-07-06 11:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security 2014-07-06 11:55 - 2013-12-25 02:41 - 00000000 ____D () C:\Program Files (x86)\Wise 2014-07-06 11:55 - 2010-09-01 10:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-06 11:33 - 2014-07-06 11:13 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-07-06 11:14 - 2014-07-06 11:14 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-07-06 09:59 - 2014-07-06 09:59 - 00000017 _____ () C:\Users\home\AppData\Local\resmon.resmoncfg 2014-07-06 08:25 - 2010-09-01 10:25 - 00000000 ___HD () C:\Program Files (x86)\Temp 2014-07-06 08:05 - 2014-07-06 08:03 - 00000022 _____ () C:\Users\home\Downloads\ASUS_DR_PCE_AC66_6309526_Win7.zip 2014-07-06 08:02 - 2014-07-06 08:02 - 00000000 ____D () C:\Users\home\AppData\Local\DriverToolkit 2014-07-06 07:44 - 2014-07-06 07:43 - 124637134 _____ (Realtek Semiconductor Corp.) C:\Users\home\Downloads\64bit_Win7_Win8_Win81_R274.exe 2014-07-03 22:25 - 2014-07-03 22:25 - 00148759 _____ () C:\Users\home\Downloads\Bestellbestätigung Ihr Einkauf bei allyouneed.com.eml 2014-07-03 00:56 - 2014-07-03 00:54 - 00000000 ____D () C:\Users\home\Documents\Outlook-Dateien 2014-07-03 00:53 - 2014-07-03 22:27 - 00148759 _____ () C:\Users\home\Documents\Bestellbestätigung Ihr Einkauf bei allyouneed.com - Kopie.eml 2014-07-02 13:06 - 2014-07-12 20:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-07-02 13:06 - 2014-07-12 20:16 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-07-02 13:06 - 2014-07-12 20:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-06-30 04:09 - 2014-07-09 00:10 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-09 00:10 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-26 20:29 - 2014-06-26 20:29 - 00000000 ____D () C:\Users\home\AppData\Roaming\SuperEasy 2014-06-25 09:13 - 2013-08-20 06:00 - 00000000 ____D () C:\Users\home\Documents\Bluetooth-Exchange-Ordner 2014-06-22 00:30 - 2013-03-26 03:37 - 00000000 ____D () C:\Users\home\AppData\Local\Packard Bell 2014-06-21 23:36 - 2014-06-21 23:25 - 00000000 ____D () C:\Users\home\AppData\Local\LogMeIn Hamachi 2014-06-21 23:25 - 2014-06-21 23:25 - 00000000 ____D () C:\Users\home\AppData\Local\LogMeIn 2014-06-21 23:25 - 2014-06-21 23:25 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-06-21 23:20 - 2014-06-21 23:19 - 08224768 _____ () C:\Users\home\Downloads\Hamachi_2.2.0.193.msi 2014-06-20 22:14 - 2014-07-09 00:09 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-20 21:39 - 2014-07-09 00:09 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-06-20 06:03 - 2014-06-20 06:03 - 00000000 ____D () C:\ProgramData\ATI 2014-06-20 05:59 - 2014-06-20 05:59 - 00000024 _____ () C:\Users\home\AppData\Roaming\temp.ini 2014-06-20 05:58 - 2013-05-26 06:21 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys 2014-06-20 05:51 - 2014-06-20 05:51 - 00000000 ____D () C:\Users\home\AppData\Roaming\library_dir 2014-06-20 05:50 - 2014-06-20 05:50 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2014-06-20 05:50 - 2014-02-08 17:09 - 00000000 ____D () C:\ProgramData\AMD 2014-06-20 05:50 - 2011-08-22 10:11 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-06-20 05:49 - 2014-06-20 05:49 - 00056272 _____ () C:\Windows\SysWOW64\CCCInstall_201406200549477004.log 2014-06-20 05:49 - 2014-06-20 05:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-06-20 05:48 - 2013-04-26 14:20 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-06-20 05:43 - 2014-06-04 05:40 - 00003848 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1387908115 2014-06-20 05:43 - 2013-06-19 03:02 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-06-20 05:20 - 2014-06-20 05:20 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\home\Downloads\SlimDrivers-setup_32705 (3).exe 2014-06-20 05:12 - 2014-06-20 05:12 - 02938144 _____ (LionSea Software co., ltd ) C:\Users\home\Downloads\setup.exe 2014-06-20 01:10 - 2014-06-20 01:09 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3.exe 2014-06-20 01:10 - 2014-06-20 01:09 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (1).exe 2014-06-19 03:39 - 2014-07-09 00:09 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-19 03:06 - 2014-07-09 00:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-19 03:06 - 2014-07-09 00:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-19 02:48 - 2014-07-09 00:09 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-19 02:42 - 2014-07-09 00:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-19 02:42 - 2014-07-09 00:09 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-19 02:41 - 2014-07-09 00:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-06-19 02:41 - 2014-07-09 00:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-19 02:32 - 2014-07-09 00:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-19 02:31 - 2014-07-09 00:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-19 02:26 - 2014-07-09 00:09 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-19 02:24 - 2014-07-09 00:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-19 02:24 - 2014-07-09 00:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-19 02:23 - 2014-07-09 00:09 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-19 02:16 - 2014-07-09 00:09 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-19 02:14 - 2014-07-09 00:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-19 02:09 - 2014-07-09 00:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-19 01:59 - 2014-07-09 00:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-19 01:56 - 2014-07-09 00:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-19 01:53 - 2014-07-09 00:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-19 01:51 - 2014-07-09 00:09 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-19 01:50 - 2014-07-09 00:09 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-19 01:48 - 2014-07-09 00:09 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-19 01:39 - 2014-07-09 00:09 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-19 01:38 - 2014-07-09 00:09 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-19 01:37 - 2014-07-09 00:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-19 01:36 - 2014-07-09 00:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-19 01:35 - 2014-07-09 00:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-06-19 01:33 - 2014-07-09 00:09 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-19 01:32 - 2014-07-09 00:09 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-19 01:28 - 2014-07-09 00:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-19 01:28 - 2014-07-09 00:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-19 01:27 - 2014-07-09 00:09 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-19 01:27 - 2014-07-09 00:09 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-19 01:25 - 2014-07-09 00:09 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-19 01:23 - 2014-07-09 00:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-19 01:22 - 2014-07-09 00:09 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-19 01:12 - 2014-07-09 00:09 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-19 01:06 - 2014-07-09 00:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-19 01:01 - 2014-07-09 00:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-19 00:59 - 2014-07-09 00:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-19 00:58 - 2014-07-09 00:09 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-19 00:58 - 2014-07-09 00:09 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-19 00:52 - 2014-07-09 00:09 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-19 00:51 - 2014-07-09 00:09 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-19 00:49 - 2014-07-09 00:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-19 00:46 - 2014-07-09 00:09 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-19 00:45 - 2014-07-09 00:09 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-19 00:35 - 2014-07-09 00:09 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-19 00:34 - 2014-07-09 00:09 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-19 00:15 - 2014-07-09 00:09 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-19 00:13 - 2014-07-09 00:09 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-19 00:09 - 2014-07-09 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-19 00:07 - 2014-07-09 00:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-18 23:41 - 2011-09-03 16:02 - 00000000 ____D () C:\Users\home\AppData\Roaming\Apple Computer 2014-06-18 04:18 - 2014-07-09 00:11 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-06-18 03:51 - 2014-07-09 00:11 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-06-18 03:10 - 2014-07-09 00:11 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-06-17 10:12 - 2014-06-17 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 Some content of TEMP: ==================== C:\Users\home\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-08 13:14 ==================== End Of Log ============================ --- --- --- |
14.07.2014, 20:40 | #8 |
/// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefunden Schritt 1 Bitte lade Dir zoek.exe von hier: http://hijackthis.nl/smeenk/
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Bitte starte FRST erneut, und drücke auf Scan. Bitte poste mir den Inhalt des Logs.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
14.07.2014, 21:01 | #9 |
| Viele Fehler mit Malwarebites Anti-Malware gefunden Das zoek ist gestartet. Woran erkenne ich denn die Logdatei, bzw. dass das Tool fertig ist? -- Okay, es sah aus, als würde es stoppen, ich warte weiter. Geändert von Annelore (14.07.2014 um 21:14 Uhr) |
14.07.2014, 21:16 | #10 |
/// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefunden Ok...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
14.07.2014, 21:45 | #11 |
| Viele Fehler mit Malwarebites Anti-Malware gefunden Das sollte das zoek Log sein. Werde nun den AdwCleaner starten. Code:
ATTFilter Zoek.exe v5.0.0.0 Updated 14-07-2014 Tool run by home on 14.07.2014 at 21:49:50,47. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\home\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 14.07.2014 21:55:12 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{09A80918-F57F-459B-B8C1-7ACF8EFD1CE0} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7BF94701-F358-40CC-85A3-75064A01A668} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B92109A9-A502-4D2C-AD6A-8F8998119011} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E5A360F7-318E-4788-8A2D-C3D4EA2EA529} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F3DE2AEE-3CEF-4FDD-BE82-BDF2ED7D9E03} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32004B8A-44A9-43E7-84E9-808838809519} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC232AE5-3AA7-4663-8951-C1E8911DB323} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_CLASSES_ROOT\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{32004B8A-44A9-43E7-84E9-808838809519} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{597A9974-8CB0-4F41-B61F-ED065738A397} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{CC232AE5-3AA7-4663-8951-C1E8911DB323} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{79A2B609-BBC0-4D16-9925-70CB98A6490D} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{79A2B609-BBC0-4D16-9925-70CB98A6490D} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{79A2B609-BBC0-4D16-9925-70CB98A6490D} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CD90BF73-20F6-44EF-993D-BB920303BD2E} deleted successfully HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CD90BF73-20F6-44EF-993D-BB920303BD2E} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CD90BF73-20F6-44EF-993D-BB920303BD2E} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{CD90BF73-20F6-44EF-993D-BB920303BD2E} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{CD90BF73-20F6-44EF-993D-BB920303BD2E} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{1C471DD7-B459-4F4A-A418-B040CAAFDAB8} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311341140} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{1FAFD711-ABF9-4F6A-8130-5166C7371427} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{112BA211-334C-4A90-90EC-2AD1CDAB287C} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{7e111a5c-3d11-4f56-9463-5310c3c69025} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{f92a9fe4-2850-4198-b9d5-279880e49b16} deleted successfully HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Mozilla\Firefox\Extensions\speedtest4354@BestOffers deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\prefs.js: user_pref("browser.search.defaultenginename", "Yahoo!"); user_pref("browser.search.order.1", "foxsearch"); Added to C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\prefs.js: user_pref("browser.startup.homepage", "hxxp://www.google.com"); user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "hxxp://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\home\AppData\Roaming\Thunderbird\Profiles\zr5zz4xc.default\prefs.js: Added to C:\Users\home\AppData\Roaming\Thunderbird\Profiles\zr5zz4xc.default\prefs.js: user_pref("browser.startup.homepage", "hxxp://www.google.com"); user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "hxxp://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default ---- Lines Search modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"msntoolbar@msn.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\ ---- Lines bandoo modified from prefs.js ---- user_pref("extensions.enabledAddons", "ffox@bandoo.com:5.1,{BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2,{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.2. user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"msntoolbar@msn.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\ ---- FireFox user.js and prefs.js backups ---- user__2223_.backup prefs__2223_.backup ProfilePath: C:\Users\home\AppData\Roaming\Thunderbird\Profiles\zr5zz4xc.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs__2223_.backup ==== Deleting Files \ Folders ====================== C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\extensions\ffox@bandoo.com not found C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted C:\PROGRA~3\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted C:\Users\home\.android deleted C:\PROGRA~2\Probit Software deleted C:\PROGRA~2\FoxTabVideoConverter deleted C:\PROGRA~2\Yahoo! deleted C:\extensions.sqlite deleted C:\Users\home\AppData\Roaming\temp.ini deleted C:\Users\home\AppData\Roaming\Common deleted C:\Users\home\AppData\Roaming\Yahoo! deleted C:\Users\home\AppData\Roaming\YoudaGames deleted C:\Users\home\AppData\Roaming\PerformerSoft deleted C:\Users\home\Documents\Freemium Driver Utilities deleted C:\PROGRA~3\NOTEPAD.EXE-x.txt deleted C:\PROGRA~3\REGSVR32.EXE-x.txt deleted C:\PROGRA~3\RUNDLL32.EXE-x.txt deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\FreeDriverScout deleted C:\PROGRA~3\Uniblue\DriverScanner deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\Uniblue deleted C:\PROGRA~3\Package Cache deleted C:\Users\home\AppData\Local\CRE deleted C:\Users\home\AppData\Local\Slick Savings deleted C:\Users\home\AppData\Local\cache deleted C:\Users\home\AppData\Local\conduit deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covus Freemium deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\home\Downloads\iLividSetupV1(1).exe deleted C:\Users\home\Downloads\iLividSetupV1(2).exe deleted C:\Users\home\Downloads\iLividSetupV1.exe deleted C:\Users\home\Downloads\SweetImSetup.exe deleted C:\Users\home\Searches deleted C:\Users\home\AppData\LocalLow\ADSRemoval deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\PriceGong deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Conduit deleted C:\Windows\wininit.ini deleted C:\Windows\tasks\Wise Care 365.job deleted C:\Windows\tasks\Wise Turbo Checker.job deleted C:\windows\SysNative\tasks\Wise Care 365 deleted C:\windows\SysNative\tasks\Wise Turbo Checker deleted C:\windows\SysNative\tasks\RunAsStdUser Task deleted C:\windows\SysNative\tasks\FreeDriverScout deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\extensions\staged deleted C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\extensions\adsremoval@adsremoval.net deleted "C:\Windows\Installer\147222b.msi" deleted "C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\extensions\iobitapps@mybrowserbar.com" deleted "C:\Users\home\AppData\Roaming\Ihaq" deleted "C:\Users\home\AppData\Roaming\TERA" deleted "C:\Users\home\AppData\Roaming\Wazabo" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [09.07.2014 18:36] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [09.07.2014 18:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default - Undetermined - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn - Undetermined - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_2_3 - Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF - GoogleEnhancer - %ProfilePath%\extensions\{21e48e29-f574-4619-b65d-0f00eea92e5b}.xpi ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aakchaleigkohafkfjfjbblobjifikek - C:\Users\home\AppData\LocalLow\proxtube\CHROME\proxtube.crx[25.03.2013 20:52] aohghmighlieiainnegkcijnfilokake - No path found[] fplhdcjmbpfkejbhngmlngaecbjmoimd - No path found[] ggamifejnddpoocdmadhjdbgaijnphdi - C:\Users\home\AppData\Local\CRE\ggamifejnddpoocdmadhjdbgaijnphdi.crx[] gomekmidlodglbbmalcneegieacbdmki - No path found[] jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11.04.2014 19:46] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ggamifejnddpoocdmadhjdbgaijnphdi - C:\Users\home\AppData\Local\CRE\ggamifejnddpoocdmadhjdbgaijnphdi.crx[] Advanced SystemCare Surfing Protection - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd One Piece: Monkey D. Luffy (1920x1200) - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\egombopaikoeelblebkkilbmgpdofcio appbario12 - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi AdBlock - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Skype Click to Call - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Advanced SystemCare Surfing Protection - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd ==== Chrome Fix ====================== C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake deleted successfully C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd deleted successfully C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="hxxp://www.bing.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {FC6BD45B-5DF0-43BC-893A-163E741BB32B} Search By ZoneAlarm Url="hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=de&q={searchTerms}&gu=35713ac3a8f747c1b198b1b5e15d2d36&tu=10G9z00C11C01g0&sku=&tstsId=&ver=&&r=241" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aohghmighlieiainnegkcijnfilokake deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2474 folders=588 117087863 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\home\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\home\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on 14.07.2014 at 22:37:57,37 ====================== |
14.07.2014, 21:47 | #12 |
/// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefunden
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
14.07.2014, 22:12 | #13 |
| Viele Fehler mit Malwarebites Anti-Malware gefunden In dem C: Ordner sind 8 Teile davon. R0, R1, R2, R3, S0, S1, S2, S3 Dies ist die Variante, die sich nach dem Neustart öffnete: Code:
ATTFilter # AdwCleaner v3.014 - Bericht erstellt am 10/12/2013 um 15:57:23 # Updated 01/12/2013 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : home - HOME-PC # Gestartet von : C:\Users\home\Downloads\AdwCleaner-3.014.exe # Option : Suchen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Datei Gefunden : C:\END Datei Gefunden : C:\Users\home\AppData\Local\omesuperv.exe Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\om@offermosquito.com.xpi Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\searchplugins\Conduit.xml Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\searchplugins\fbdownloader_search.xml Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\searchplugins\search.xml Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\searchplugins\Search_Results.xml Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\user.js Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\searchplugins\Conduit.xml Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\searchplugins\SearchResults.xml Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\user.js Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk Datei Gefunden : C:\Windows\System32\roboot64.exe Datei Gefunden : C:\Windows\System32\Tasks\LaunchApp Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\adsremoval@adsremoval.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\adsremoval@adsremoval.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\ascsurfingprotection@iobit.com Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\ascsurfingprotection@iobit.com Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\savingsslider@mybrowserbar.com Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\searchads@instair.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\searchads@instair.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\speeddial@instair.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\speeddial@instair.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\speeddial@instair.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\adsremoval@adsremoval.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\adsremoval@adsremoval.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\ascsurfingprotection@iobit.com Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\ascsurfingprotection@iobit.com Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\ich@maltegoetz.de Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\info@flagfox.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\searchads@instair.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\searchads@instair.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\speeddial@instair.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\speeddial@instair.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\speeddial@instair.net Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\welcome@toolmin.com Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\welcome@toolmin.com Ordner Gefunden C:\Program Files (x86)\Common Files\Spigot Ordner Gefunden C:\Program Files (x86)\Conduit Ordner Gefunden C:\Program Files (x86)\iLivid Ordner Gefunden C:\Program Files (x86)\MyPC Backup Ordner Gefunden C:\Program Files (x86)\Secure Speed Dial Ordner Gefunden C:\ProgramData\AlawarWrapper Ordner Gefunden C:\ProgramData\Babylon Ordner Gefunden C:\ProgramData\boost_interprocess Ordner Gefunden C:\ProgramData\IBUpdaterService Ordner Gefunden C:\ProgramData\ParetoLogic Ordner Gefunden C:\ProgramData\Tarma Installer Ordner Gefunden C:\ProgramData\Trymedia Ordner Gefunden C:\ProgramData\Uniblue\DriverScanner Ordner Gefunden C:\Users\home\AppData\Local\Babylon Ordner Gefunden C:\Users\home\AppData\Local\Conduit Ordner Gefunden C:\Users\home\AppData\Local\Ilivid Player Ordner Gefunden C:\Users\home\AppData\Local\OpenCandy Ordner Gefunden C:\Users\home\AppData\Local\PackageAware Ordner Gefunden C:\Users\home\AppData\LocalLow\BabylonToolbar Ordner Gefunden C:\Users\home\AppData\LocalLow\Bandoo Ordner Gefunden C:\Users\home\AppData\LocalLow\Conduit Ordner Gefunden C:\Users\home\AppData\LocalLow\FlagFox Ordner Gefunden C:\Users\home\AppData\LocalLow\IncrediMail_MediaBar_2 Ordner Gefunden C:\Users\home\AppData\LocalLow\PriceGong Ordner Gefunden C:\Users\home\AppData\LocalLow\searchquband Ordner Gefunden C:\Users\home\AppData\Roaming\Babylon Ordner Gefunden C:\Users\home\AppData\Roaming\Bandoo Ordner Gefunden C:\Users\home\AppData\Roaming\Common\LuaRT Ordner Gefunden C:\Users\home\AppData\Roaming\DataMgr Ordner Gefunden C:\Users\home\AppData\Roaming\DriverCure Ordner Gefunden C:\Users\home\AppData\Roaming\file scout Ordner Gefunden C:\Users\home\AppData\Roaming\Intermediate Ordner Gefunden C:\Users\home\AppData\Roaming\OCS Ordner Gefunden C:\Users\home\AppData\Roaming\OpenCandy Ordner Gefunden C:\Users\home\AppData\Roaming\ParetoLogic Ordner Gefunden C:\Users\home\AppData\Roaming\PerformerSoft Ordner Gefunden C:\Users\home\AppData\Roaming\registry mechanic Ordner Gefunden C:\Users\home\AppData\Roaming\SCheck Ordner Gefunden C:\Users\home\AppData\Roaming\SeeSimilar02 Ordner Gefunden C:\Users\home\AppData\Roaming\Snz Ordner Gefunden C:\Users\home\AppData\Roaming\SSync Ordner Gefunden C:\Users\home\AppData\Roaming\StatusWinks Ordner Gefunden C:\Users\home\AppData\Roaming\Toolplugin ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_2 Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Search Settings Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\searchqutoolbar Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Toolbar Schlüssel Gefunden : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar Schlüssel Gefunden : HKCU\Software\clickpotatolitesa Schlüssel Gefunden : HKCU\Software\Conduit Schlüssel Gefunden : HKCU\Software\Cr_Installer Schlüssel Gefunden : HKCU\Software\DataMngr Schlüssel Gefunden : HKCU\Software\filescout Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk Schlüssel Gefunden : HKCU\Software\ilivid Schlüssel Gefunden : HKCU\Software\IM Schlüssel Gefunden : HKCU\Software\ImInstaller Schlüssel Gefunden : HKCU\Software\InstallCore Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Schlüssel Gefunden : HKCU\Software\OCS Schlüssel Gefunden : HKCU\Software\OfferMosquito Schlüssel Gefunden : HKCU\Software\ParetoLogic Schlüssel Gefunden : HKCU\Software\Protector Schlüssel Gefunden : HKCU\Software\Softonic Schlüssel Gefunden : [x64] HKCU\Software\clickpotatolitesa Schlüssel Gefunden : [x64] HKCU\Software\Conduit Schlüssel Gefunden : [x64] HKCU\Software\Cr_Installer Schlüssel Gefunden : [x64] HKCU\Software\DataMngr Schlüssel Gefunden : [x64] HKCU\Software\filescout Schlüssel Gefunden : [x64] HKCU\Software\ilivid Schlüssel Gefunden : [x64] HKCU\Software\IM Schlüssel Gefunden : [x64] HKCU\Software\ImInstaller Schlüssel Gefunden : [x64] HKCU\Software\InstallCore Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Schlüssel Gefunden : [x64] HKCU\Software\OCS Schlüssel Gefunden : [x64] HKCU\Software\OfferMosquito Schlüssel Gefunden : [x64] HKCU\Software\ParetoLogic Schlüssel Gefunden : [x64] HKCU\Software\Protector Schlüssel Gefunden : [x64] HKCU\Software\Softonic Schlüssel Gefunden : HKLM\Software\Bandoo Schlüssel Gefunden : HKLM\SOFTWARE\Classes\*\shell\filescout Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\driverscanner Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Schlüssel Gefunden : HKLM\Software\Conduit Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\cfdfamfnacokbbbnmpdfmhonipnhmbid Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp Schlüssel Gefunden : HKLM\Software\ImInstaller Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_veoh_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_veoh_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasapi32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasmancs Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_super-mario-world-deluxe_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_super-mario-world-deluxe_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_die-piratenbucht_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_die-piratenbucht_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_directx_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_directx_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_panda-cloud-antivirus_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_panda-cloud-antivirus_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_realtek-ac97-audio-codecs_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_realtek-ac97-audio-codecs_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player (1)_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player (1)_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player (2)_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player (2)_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player(1)_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player(1)_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_zelda-classic_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_zelda-classic_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} Schlüssel Gefunden : HKLM\Software\ParetoLogic Schlüssel Gefunden : HKLM\SOFTWARE\SNS_Upgrade Schlüssel Gefunden : HKLM\Software\Trymedia Systems Schlüssel Gefunden : HKLM\Software\Uniblue Schlüssel Gefunden : HKLM\Software\Uniblue\DriverScanner Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DataMngr Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Tarma Installer Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}] Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr] Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate] Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [OMESupervisor] Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck] Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Snoozer] Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync] Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [ClickPotatoLite@ClickPotatoLite.com] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-89AF-189327213627}] ***** [ Browser ] ***** -\\ Internet Explorer v10.0.9200.16736 -\\ Mozilla Firefox v [ Datei : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\prefs.js ] [ Datei : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\prefs.js ] Zeile gefunden : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Zeile gefunden : user_pref("browser.search.defaultthis.engineName", "A Free Ride Games Bar Customized Web Search"); Zeile gefunden : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1320680&SearchSource=3&q={searchTerms}"); Zeile gefunden : user_pref("extensions.BabylonToolbar.bbDpng", 17); Zeile gefunden : user_pref("extensions.BabylonToolbar.cntry", "DE"); Zeile gefunden : user_pref("extensions.BabylonToolbar.dfltLng", "de"); Zeile gefunden : user_pref("extensions.BabylonToolbar.firstRun", false); Zeile gefunden : user_pref("extensions.BabylonToolbar.hdrMd5", "88F2E069E996A263543A0687DF38E1DE"); Zeile gefunden : user_pref("extensions.BabylonToolbar.id", "b1e22830417644189772e36c1f9d8753"); Zeile gefunden : user_pref("extensions.BabylonToolbar.instlDay", "15230"); Zeile gefunden : user_pref("extensions.BabylonToolbar.lastActv", "17"); Zeile gefunden : user_pref("extensions.BabylonToolbar.lastDP", 17); Zeile gefunden : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.31.222:19:22"); Zeile gefunden : user_pref("extensions.BabylonToolbar.sid", "b1e22830417644189772e36c1f9d8753"); -\\ Google Chrome v32.0.1700.41 [ Datei : C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [24819 octets] - [10/12/2013 15:57:23] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24880 octets] ########## |
14.07.2014, 22:17 | #14 |
/// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefundenCode:
ATTFilter # AdwCleaner v3.014 - Bericht erstellt am 10/12/2013 um 15:57:23 # Updated 01/12/2013 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : home - HOME-PC # Gestartet von : C:\Users\home\Downloads\AdwCleaner-3.014.exe # Option : Suchen Code:
ATTFilter C:\AdwCleaner\
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
14.07.2014, 22:22 | #15 |
| Viele Fehler mit Malwarebites Anti-Malware gefunden Verzeihung. Das sollte nun stimmen. Code:
ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 14/07/2014 um 22:51:31 # Aktualisiert 09/07/2014 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : home - HOME-PC # Gestartet von : C:\Users\home\Downloads\adwcleaner_3.215.exe # Option : Suchen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\user.js Ordner Gefunden : C:\ProgramData\IObit\Driver Booster Ordner Gefunden : C:\Users\home\AppData\Roaming\IObit\Driver Booster Ordner Gefunden : C:\Users\home\AppData\Roaming\Nico Mak Computing ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gefunden : HKCU\Software\lollipop Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Schlüssel Gefunden : HKCU\Software\Softonic Schlüssel Gefunden : HKCU\Software\systweak Schlüssel Gefunden : [x64] HKCU\Software\lollipop Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Schlüssel Gefunden : [x64] HKCU\Software\Softonic Schlüssel Gefunden : [x64] HKCU\Software\systweak Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHost.Tool Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Schlüssel Gefunden : HKLM\Software\systweak Schlüssel Gefunden : HKLM\Software\Uniblue Schlüssel Gefunden : HKLM\Software\Uniblue\DriverScanner Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ***** [ Browser ] ***** -\\ Internet Explorer v0.0.0.0 -\\ Mozilla Firefox v [ Datei : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\prefs.js ] -\\ Google Chrome v ************************* AdwCleaner[R0].txt - [25085 octets] - [10/12/2013 16:57:23] AdwCleaner[R1].txt - [1206 octets] - [22/12/2013 07:47:32] AdwCleaner[R2].txt - [5107 octets] - [15/01/2014 22:11:47] AdwCleaner[R3].txt - [3932 octets] - [14/07/2014 22:51:31] AdwCleaner[S0].txt - [22256 octets] - [10/12/2013 17:00:13] AdwCleaner[S1].txt - [1269 octets] - [22/12/2013 07:57:02] AdwCleaner[S2].txt - [4891 octets] - [15/01/2014 22:13:50] ########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [4173 octets] ########## |