| |
| |||||||
Log-Analyse und Auswertung: Viele Fehler mit Malwarebites Anti-Malware gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
14.07.2014, 19:42
| #1 |
 |  Viele Fehler mit Malwarebites Anti-Malware gefunden Hallo. Weil es bei einem Spiel, das ich spiele, immer wieder zu Störungen kam (nach einiger Zeit wurde die Maus langsamer, das Spiel "stockte"), hatte ich zuerst eine Systemwiederherstellung zu einem anderen Punkt, um das Spiel wieder auf die Leistung zu bringen, die es anfangs hatte. Anfangs half es, doch dann störte das Spiel wieder, darum suchte ich im Internet, und fand diese Seite. Habe den Malwarebites heruntergeladen und die Quarantäne wie beschrieben gesichert. Nun weiß ich nicht, wie diese Seite hier genau funktioniert, hoffe auf Hilfe bei meinem Problem, es wurden nämlich viele Quarantäne gefunden. Falls das unhöflich ist, bitte ich zu entschuldigen. |
|
14.07.2014, 19:43
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Viele Fehler mit Malwarebites Anti-Malware gefunden Bitte das Log von Malwarebytes posten:
__________________ Lesestoff  MBAM-Funde posten: So gehts...Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden. Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.
  Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
14.07.2014, 19:57
| #3 |
| | Viele Fehler mit Malwarebites Anti-Malware gefunden Hallo, Jürgen.
__________________Erfreut, dass du dir die Mühe machen möchtest. Ich habe wohl eine englische Version erwischt, habe bei "Anwendungsprotokolle" 2 Möglichkeiten zur Auswahl: "Scan Log" und "Protection Log" Welche soll ich auswählen? und: Das FRST lade ich gerade auch herunter, ist das richtig? Es wird ein Disclaimer of Warranty angezeigt, kann ich das bestätigen? |
|
14.07.2014, 20:00
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefunden Scan-Log bitte... Ja, genau. FRST brauchen wir auch...  Ja bestätige...
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
14.07.2014, 20:06
| #5 |
| | Viele Fehler mit Malwarebites Anti-Malware gefundenCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 14.07.2014 Scan Time: 19:52:24 Logfile: Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.14.08 Rootkit Database: v2014.07.09.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: home Scan Type: Threat Scan Result: Completed Objects Scanned: 296844 Time Elapsed: 26 min, 9 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 20 PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [244c2877b1ca1d19bfe9ada5669c0cf4], PUP.Optional.SpeedDial.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}, Delete-on-Reboot, [38383b646d0ebc7a91d6a2b145bda060], PUP.Optional.SpeedDial.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}, Delete-on-Reboot, [38383b646d0ebc7a91d6a2b145bda060], PUP.Optional.SearchQu, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Delete-on-Reboot, [8fe1d0cfd8a3d85e1d33dd7c4ab8857b], PUP.Optional.SearchQu, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Delete-on-Reboot, [8fe1d0cfd8a3d85e1d33dd7c4ab8857b], PUP.Optional.SpeedTest.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}, Quarantined, [3b35742b23589a9ccac580d50df54ab6], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, Quarantined, [c5abcad53744ac8aad86eaa258aa3fc1], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, Quarantined, [2050900fbebd82b467cd1c702bd719e7], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [cfa1346b2b5054e2c206b3d808fa3dc3], PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj, Quarantined, [80f0edb242395bdba5025477e81a867a], PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj, Quarantined, [9bd5455a5e1d8ea8d6d2cefd5fa3f808], PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jljheddigenhleadfofeccneimcmlefp, Quarantined, [1f51bbe4cfac0630d4426d76f70bdd23], PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, Quarantined, [4e228f1094e7f5411297e2e9df2353ad], PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp, Quarantined, [0e62fea192e9ea4ca5056e5d4ab8a65a], PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, Quarantined, [c2ae247b4f2ca2949edb9a2269994cb4], PUP.Optional.PriceGong.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, Delete-on-Reboot, [343cb7e83744f54108d0429a3dc5e31d], PUP.Optional.RewardsArcade.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\RewardsArcade, Delete-on-Reboot, [1d53ced1b3c8261048ad22ac6999a45c], PUP.Optional.Spigot.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Quarantined, [e987554a7a015fd76740bf59c44034cc], PUP.Optional.Softonic.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [6f01d1ce8eedfa3c71fc23ae13efe917], PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, Quarantined, [0d631b84384369cdf723b34be81bfc04], Registry Values: 2 PUP.Optional.Iminent.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [cfa1346b2b5054e2c206b3d808fa3dc3], PUP.Optional.Iminent.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [72fe158a750649ed65632c5f45bd2bd5], Registry Data: 1 PUP.Optional.Spigot.A, HKU\S-1-5-21-2860422063-2389435366-3468819961-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://de.search.yahoo.com/?type=402027&fr=spigot-yhp-ie, Good: (www.google.com), Bad: (hxxp://de.search.yahoo.com/?type=402027&fr=spigot-yhp-ie),Replaced,[1957851aa4d72b0bed3a880dd3317987] Folders: 36 PUP.Optional.Iminent.A, C:\Program Files (x86)\IMINENTTOOLBAR, Quarantined, [511f910e86f57cba090e237c48ba04fc], PUP.Optional.Iminent.A, C:\Users\home\AppData\Roaming\IMINENTTOOLBAR, Quarantined, [1c54851a15661323e701554b14eef40c], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\SPEEDTEST4354, Quarantined, [c5abfea17902d561a74ed8c832d09967], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\JLJHEDDIGENHLEADFOFECCNEIMCMLEFP, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\JLJHEDDIGENHLEADFOFECCNEIMCMLEFP\3.0.0.0, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\JLJHEDDIGENHLEADFOFECCNEIMCMLEFP\3.0.0.0_0, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\JLJHEDDIGENHLEADFOFECCNEIMCMLEFP\3.0.0.0_1, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\JLJHEDDIGENHLEADFOFECCNEIMCMLEFP\3.0.0.0_2, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_0, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_0\css, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_0\Img, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_1, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_1\css, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ\1.3_1\Img, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_0, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_0\icons, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_0\scripts, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_1, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_1\icons, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_1\scripts, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_2, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_2\icons, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\MHKAEKFPCPPMMIOGGNIKNBNBDBCIGPKK\2.4_2\scripts, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\PFNDAKLGOLLADNIICKLEHHANCNLGOCPP, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\PFNDAKLGOLLADNIICKLEHHANCNLGOCPP\1.0_0, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\PFNDAKLGOLLADNIICKLEHHANCNLGOCPP\1.0_1, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\HBCENNHACFAAGDOPIKCEGFCOBCADEOCJ, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\HBCENNHACFAAGDOPIKCEGFCOBCADEOCJ\1.1_0, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\HBCENNHACFAAGDOPIKCEGFCOBCADEOCJ\1.1_1, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.OfferMosquito.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito, Quarantined, [fc740f90b8c30630a5b3723c679b2bd5], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\EXTENSIONS\SPEEDTEST4354@BESTOFFERS, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\EXTENSIONS\SPEEDTEST4354@BESTOFFERS\chrome, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\EXTENSIONS\SPEEDTEST4354@BESTOFFERS\chrome\content, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\EXTENSIONS\SPEEDTEST4354@BESTOFFERS\chrome\skin, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], Files: 227 Trojan.BProtector, C:\Users\home\AppData\Roaming\speedtest4354\install_helper.exe, Quarantined, [c4ac98075a21ab8bc0fd6aff788c43bd], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_ashampoo-firewall.exe, Quarantined, [3a36326da5d6be781747200760a1c23e], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_driver-turbo (1).exe, Quarantined, [77f9722d1b604beb3826f334fa07fb05], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_driver-turbo.exe, Quarantined, [165a633cde9d82b47be373b4d8299a66], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_drivereasy (1).exe, Quarantined, [c1af5748a4d75cda0a54bb6cd0317a86], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_drivereasy.exe, Quarantined, [294709965724ab8b9bc30b1c16eb718f], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_driverscanner.exe, Quarantined, [b3bd455a611a74c2b3abd156fa0749b7], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_pc-fixer.exe, Quarantined, [4030128d5b200f27dc82f82fa25fa759], PUP.Optional.Softonic.A, C:\Users\home\Downloads\SoftonicDownloader_fuer_smart-driver-updater.exe, Quarantined, [1f51ccd3a4d7b1850d513fe8be43c937], PUP.Optional.Iminent.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\CHROME-EXTENSION_IGDHBBLPCELLALJOKKPFHCJLAGEMHGJL_0.LOCALSTORAGE, Quarantined, [056b415efd7e41f548ac7556d230fd03], PUP.Optional.CrossRider.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpfeggemggokijeahnacacopejaabljl_0.localstorage, Quarantined, [df91c8d7b9c276c0cf25ab29a45e9769], PUP.Optional.Iminent.A, C:\Users\home\AppData\Roaming\IminentToolbar\sqlite3.dll, Quarantined, [1c54851a15661323e701554b14eef40c], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\speedtest4354\install_helper.exe, Quarantined, [c5abfea17902d561a74ed8c832d09967], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\speedtest4354\speedtest4354.crx, Quarantined, [c5abfea17902d561a74ed8c832d09967], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\speedtest4354\speedtest4354.xpi, Quarantined, [c5abfea17902d561a74ed8c832d09967], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\background.html, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\button.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\ci.bg.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\ci.browser.helper.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\ci.content.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\content.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon128.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon128.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon16.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon16.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon18.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon18.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon24.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon24.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon32.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon32.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon48.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon48.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon64.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\icon64.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\jquery-1.9.1.min.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\jquery.uuid.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\manifest.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\popup.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\rjs.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0\settings.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\background.html, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\button.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\ci.bg.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\ci.browser.helper.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\ci.content.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\content.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon128.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon128.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon16.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon16.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon18.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon18.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon24.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon24.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon32.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon32.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon48.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon48.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon64.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\icon64.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\jquery-1.9.1.min.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\jquery.uuid.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\manifest.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\popup.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\rjs.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_0\settings.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\background.html, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\button.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\ci.bg.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\ci.browser.helper.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\ci.content.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\content.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon128.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon128.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon16.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon16.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon18.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon18.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon24.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon24.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon32.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon32.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon48.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon48.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon64.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\icon64.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\jquery-1.9.1.min.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\jquery.uuid.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\manifest.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\popup.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\rjs.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_1\settings.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\background.html, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\button.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\ci.bg.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\ci.browser.helper.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\ci.content.pack.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\content.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon128.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon128.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon16.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon16.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon18.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon18.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon24.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon24.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon32.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon32.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon48.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon48.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon64.ico, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\icon64.png, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\jquery-1.9.1.min.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\jquery.uuid.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\manifest.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\popup.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\rjs.js, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SpeedAnalysis.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp\3.0.0.0_2\settings.json, Quarantined, [d0a0801f2c4f5dd997695d44b15113ed], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\config.json, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-128.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-48.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\empty-favicon.ico, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\jquery.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\manifest.json, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\util.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css\newtab.css, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\no_thumb.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\search-icon.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\background.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\background.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\config.json, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\dea-128.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\dea-48.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\empty-favicon.ico, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\jquery.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\manifest.json, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\newtab.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\newtab.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\redirect.html, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\redirect.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\util.js, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\css\newtab.css, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\Img\no_thumb.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_1\Img\search-icon.png, Quarantined, [83edb2ed1368bb7b10c13c67f60c6d93], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\background.html, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\config.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\manifest.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons\ss-128.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons\ss-48.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\background.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\loader_1036.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\utils.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\background.html, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\config.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\manifest.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\icons\ss-128.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\icons\ss-48.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\scripts\background.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\scripts\loader_1036.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\scripts\utils.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\background.html, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\config.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\manifest.json, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\icons\ss-128.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\icons\ss-48.png, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\scripts\background.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\scripts\loader_1036.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_2\scripts\utils.js, Quarantined, [bcb4c6d9205be94de1f1ddc6f30fc23e], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-128.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-19.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-48.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\background.js, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\manifest.json, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-128.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-19.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-48.png, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\background.js, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.SlickSavings.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\manifest.json, Quarantined, [4f21900f0774bc7ad6fd643f3ec422de], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\background.js, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-128.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-19.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-48.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\manifest.json, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\background.js, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\ebay-128.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\ebay-19.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\ebay-48.png, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.Spigot.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\manifest.json, Quarantined, [e987742b9cdfb284290e2e7fbc4645bb], PUP.Optional.OfferMosquito.A, C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito\ext_offermosquito.crx, Quarantined, [fc740f90b8c30630a5b3723c679b2bd5], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome.manifest, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\icon.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\install.rdf, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\background.html, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.xml, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\config.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\content.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.xul, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.ico, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.png, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\jquery-1.9.1.min.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\options.xul, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\rjs.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\settings.json, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\subscriptloader.js, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], PUP.Optional.SpeedTest.A, C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\skin\framework.css, Quarantined, [4d23445bef8c69cd179c06b1f2103dc3], Physical Sectors: 0 (No malicious items detected) (end) |
|
14.07.2014, 20:10
| #6 |
| /// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefunden Jup... Und jetzt noch die FRST-Logs...
__________________ --> Viele Fehler mit Malwarebites Anti-Malware gefunden |
|
14.07.2014, 20:21
| #7 |
| | Viele Fehler mit Malwarebites Anti-Malware gefunden Okay, da sind jetzt 5 Teile mit 2 verschiedenen Namen. Ich stelle jetzt erst einmal diese beiden ein: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2014 01
Ran by home at 2014-07-14 21:04:21
Running from C:\Users\home\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat 4.0 (HKLM-x32\...\Adobe Acrobat 4.0) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}) (Version: 1.3.17.05006 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.3.17.05006 - Alcor Micro Corp.) Hidden
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1124.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Atheros Communications Inc.)
Avira (HKLM-x32\...\{142be4a8-895b-4ed9-b1ff-11c76357e3df}) (Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.235.19 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0605.2309.39762 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
F4500 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Free Driver Scout (HKLM-x32\...\{bf115462-3e26-4764-b423-0763bfe0f81d}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.2.50.1050 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Packard Bell)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{fdb6a376-effb-4e5d-9553-a941074539e3}) (Version: - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Opera Stable 22.0.1471.70 (HKLM-x32\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA)
Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version: - )
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 2.0.3315 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 2.0.3315 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Packard Bell)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spielkanäle (x32 Version: 3.1.0.10 - WildTangent, Inc.) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.19 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
Video Web Camera (HKLM-x32\...\{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}) (Version: 0.5.37.3 - SuYin)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3004 - Packard Bell)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4100 - Broadcom Corporation)
WildTangent Games App (x32 Version: 4.0.11.9 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Wise Care 365 Version 2.92 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 3.1.6 - WiseCleaner.com, Inc.)
XMedia Recode Version 3.1.6.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.6.9 - XMedia Recode)
==================== Restore Points =========================
10-07-2014 08:33:57 Installed Network64
12-07-2014 15:27:06 Wiederherstellungsvorgang
12-07-2014 15:39:07 Windows Update
12-07-2014 15:48:12 Installed Network64
12-07-2014 21:43:04 Windows Update
13-07-2014 14:26:27 SuperEasy Registry Cleaner So, Jul 13, 14 16:26
13-07-2014 17:00:03 Windows-Sicherung
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {01D77159-F618-4D4B-9F50-4F24060FE2B1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {0532769A-813A-478F-92B1-39078497FE50} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-05-28] (IObit)
Task: {05438D7B-D0A3-4AE2-ACCC-F1D37717475F} - System32\Tasks\pcupdaterRunAtStartup => C:\Program Files (x86)\RadarSync\pcupdater.exe
Task: {132C6E14-3AC5-401F-BA33-4040A6D133C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {1B1E0608-ED39-459B-9562-FF9CB57EBE2C} - \Software Updater Ui No Task File <==== ATTENTION
Task: {242F4329-09E3-43B2-AD0B-515993104AC6} - System32\Tasks\pcupdater_UPDATES => C:\Program Files (x86)\RadarSync\pcupdater.exe
Task: {2EF14B34-DC5C-4401-B427-8347B99FEDA8} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-06-23] (WiseCleaner.COM)
Task: {3458F13D-D0D4-460D-BB10-FC718075FCF8} - System32\Tasks\{3521F159-3C3A-4C55-A090-2932239A7518} => C:\Program Files (x86)\Safari\Safari.exe
Task: {393837B2-B250-4E0C-AC0C-E1EDE8EF9D21} - \LaunchApp No Task File <==== ATTENTION
Task: {523F93A2-056B-4EC9-B5C3-07AAF2D8E13E} - System32\Tasks\Opera scheduled Autoupdate 1387908115 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software)
Task: {5870C32B-9A48-4284-9144-9D290E6F7A6F} - System32\Tasks\{62AC9355-B710-4204-A803-5BE7916D29C6} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.370&LastError=404
Task: {5A787A0F-1BE4-4AAE-B048-29324E4275CD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation)
Task: {5BE40EAD-1E41-445C-B094-5CF70C581B63} - System32\Tasks\RunAsStdUser Task => C:\Users\home\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\ClickPotatoLiteSA.exe
Task: {5EB38DC4-C18B-4189-AF1F-955578295707} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager\anvir.exe
Task: {723BB7FE-2C58-432F-9255-E6603309F7E8} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {73947097-3245-4165-8A6E-8852B5F48962} - \Software Updater No Task File <==== ATTENTION
Task: {742F9AF0-8049-48BD-8C19-D391728FA0AF} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {82C6D843-ADD7-4746-AFC1-558AA63FD157} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2013-12-20] ()
Task: {886B801F-6A6D-4768-9A69-63AE75B40E86} - System32\Tasks\Driver Booster SkipUAC (home) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9030B559-4BC1-421C-BC61-4350128085E2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2860422063-2389435366-3468819961-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {A45456EF-F8FF-4A8E-A755-757A1A279803} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2860422063-2389435366-3468819961-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {AA5E9187-406D-4DE5-A4AF-994278A0EE72} - System32\Tasks\{909ECD4C-6A7E-4DE1-9306-BB6C600BFC88} => C:\Program Files (x86)\MAESTIA\Maestia.exe
Task: {BCECE060-EA16-47B0-BA65-C74D021600E5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BE41766E-2E6A-4737-B2B4-4271FC723565} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08] (Adobe Systems Incorporated)
Task: {C96ADF2F-35CA-4203-8CF9-DB7AB659A5F3} - System32\Tasks\{967D3E01-B133-4505-8FE5-2EC563C93FC9} => C:\Program Files (x86)\Safari\Safari.exe
Task: {D4EB1761-6669-4526-8653-8015BAE1CFB5} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2013-07-26] (Veoh Networks)
Task: {DC791843-C879-4095-8174-ACE5B00350AE} - System32\Tasks\{2179C77E-1426-448F-A267-6D96A855262F} => C:\Program Files (x86)\Safari\Safari.exe
Task: {DF1EA855-F816-4A29-A046-F61356837280} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E45D7F76-947B-46F2-81D7-9DEFFA266C01} - System32\Tasks\SuperEasy Registry Cleaner_DEFAULT => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {F1F435AC-80EB-4067-8A35-C4C7E0DD1BAD} - System32\Tasks\{0941A15C-C4D4-4389-B736-EC7364292AFE} => C:\Program Files (x86)\ZC2.10\zelda-w.exe
Task: {F4B82946-19DA-4C56-86D9-59C769E39B7D} - System32\Tasks\SuperEasy Registry Cleaner_UPDATES => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {FA267388-F1F8-46DA-93A4-2C9E7C2EF93B} - System32\Tasks\{BF3FFC32-9EA9-4534-91ED-6EE4F3D10550} => C:\Program Files (x86)\Safari\Safari.exe
Task: {FCD78680-0D70-4160-9DA3-B2CFEF32F8A0} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\pcupdater_UPDATES.job => C:\Program Files (x86)\RadarSync\pcupdater.exe
Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
==================== Loaded Modules (whitelisted) =============
2014-06-06 16:01 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-07 08:21 - 2013-11-07 08:21 - 00038128 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
2011-01-13 11:04 - 2011-01-13 11:04 - 00030080 _____ () C:\Windows\snuvcdsm.exe
2014-06-20 05:43 - 2014-06-20 05:42 - 01396344 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-07 13:53 - 2014-07-07 13:53 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-07 13:52 - 2014-07-07 13:52 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-07-14 14:33 - 2014-07-07 13:53 - 00049744 _____ () C:\Users\home\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-06-20 05:43 - 2014-06-20 05:42 - 00957048 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\ffmpegsumo.dll
2014-05-28 10:09 - 2014-05-28 10:09 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:58D8F144
AlternateDataStreams: C:\ProgramData\Temp:C5831B98
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\Users\home\Downloads\Bestellbestätigung Ihr Einkauf bei allyouneed.com.eml:OECustomProperty
AlternateDataStreams: C:\Users\home\Documents\Bestellbestätigung Ihr Einkauf bei allyouneed.com - Kopie.eml:OECustomProperty
AlternateDataStreams: C:\Users\home\Documents\RE_Re_ RE_Re_ RE_Kundenkonto [T20130403053YS010Z18292853].eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
MSCONFIG\startupreg: VideoWebCamera => "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2014 07:19:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: opera.exe, Version: 22.0.1471.70, Zeitstempel: 0x539b907d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0xf18
Startzeit der fehlerhaften Anwendung: 0xopera.exe0
Pfad der fehlerhaften Anwendung: opera.exe1
Pfad des fehlerhaften Moduls: opera.exe2
Berichtskennung: opera.exe3
Error: (07/14/2014 07:19:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: opera.exe, Version: 22.0.1471.70, Zeitstempel: 0x539b907d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x17ac
Startzeit der fehlerhaften Anwendung: 0xopera.exe0
Pfad der fehlerhaften Anwendung: opera.exe1
Pfad des fehlerhaften Moduls: opera.exe2
Berichtskennung: opera.exe3
Error: (07/14/2014 07:18:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: opera.exe, Version: 22.0.1471.70, Zeitstempel: 0x539b907d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0xbd8
Startzeit der fehlerhaften Anwendung: 0xopera.exe0
Pfad der fehlerhaften Anwendung: opera.exe1
Pfad des fehlerhaften Moduls: opera.exe2
Berichtskennung: opera.exe3
Error: (07/14/2014 07:18:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: opera.exe, Version: 22.0.1471.70, Zeitstempel: 0x539b907d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x172c
Startzeit der fehlerhaften Anwendung: 0xopera.exe0
Pfad der fehlerhaften Anwendung: opera.exe1
Pfad des fehlerhaften Moduls: opera.exe2
Berichtskennung: opera.exe3
Error: (07/14/2014 04:59:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Cube.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 10e4
Startzeit: 01cf9f7327475a60
Endzeit: 125
Anwendungspfad: C:\Program Files (x86)\Cube World\Cube.exe
Berichts-ID: 6ef3212d-0b67-11e4-93b9-60eb69732031
Error: (07/14/2014 04:34:27 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (07/14/2014 04:33:57 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (07/14/2014 04:33:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.17.31000, Zeitstempel: 0x53ba89f5
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000332b0
ID des fehlerhaften Prozesses: 0x1124
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (07/14/2014 04:33:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 77A332B0
Error: (07/14/2014 03:57:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: opera.exe, Version: 22.0.1471.70, Zeitstempel: 0x539b907d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0xc58
Startzeit der fehlerhaften Anwendung: 0xopera.exe0
Pfad der fehlerhaften Anwendung: opera.exe1
Pfad des fehlerhaften Moduls: opera.exe2
Berichtskennung: opera.exe3
System errors:
=============
Error: (07/14/2014 09:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (07/14/2014 08:01:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (07/14/2014 07:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (07/14/2014 06:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (07/14/2014 05:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (07/14/2014 04:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (07/14/2014 03:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (07/14/2014 02:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (07/14/2014 01:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (07/14/2014 00:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Adobe Flash Player Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Microsoft Office Sessions:
=========================
Error: (07/14/2014 07:19:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: opera.exe22.0.1471.70539b907dntdll.dll6.1.7601.18247521ea8e7c0000374000ce753f1801cf9f87d322fe2dC:\Program Files (x86)\Opera\22.0.1471.70\opera.exeC:\Windows\SysWOW64\ntdll.dll1473a81c-0b7b-11e4-93b9-60eb69732031
Error: (07/14/2014 07:19:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: opera.exe22.0.1471.70539b907dntdll.dll6.1.7601.18247521ea8e7c0000374000ce75317ac01cf9f87bf8c35d0C:\Program Files (x86)\Opera\22.0.1471.70\opera.exeC:\Windows\SysWOW64\ntdll.dll020b791d-0b7b-11e4-93b9-60eb69732031
Error: (07/14/2014 07:18:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: opera.exe22.0.1471.70539b907dntdll.dll6.1.7601.18247521ea8e7c0000374000ce753bd801cf9f87a59e1acdC:\Program Files (x86)\Opera\22.0.1471.70\opera.exeC:\Windows\SysWOW64\ntdll.dlle7ed73c7-0b7a-11e4-93b9-60eb69732031
Error: (07/14/2014 07:18:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: opera.exe22.0.1471.70539b907dntdll.dll6.1.7601.18247521ea8e7c0000374000ce753172c01cf9f719dd326a4C:\Program Files (x86)\Opera\22.0.1471.70\opera.exeC:\Windows\SysWOW64\ntdll.dlld2558b10-0b7a-11e4-93b9-60eb69732031
Error: (07/14/2014 04:59:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Cube.exe0.0.0.010e401cf9f7327475a60125C:\Program Files (x86)\Cube World\Cube.exe6ef3212d-0b67-11e4-93b9-60eb69732031
Error: (07/14/2014 04:34:27 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
Error: (07/14/2014 04:33:57 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2
Error: (07/14/2014 04:33:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.17.3100053ba89f5ntdll.dll6.1.7601.18247521ea8e7c0000005000332b0112401cf9f708121d578C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\SysWOW64\ntdll.dlldf79273f-0b63-11e4-93b9-60eb69732031
Error: (07/14/2014 04:33:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 77A332B0
Error: (07/14/2014 03:57:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: opera.exe22.0.1471.70539b907dntdll.dll6.1.7601.18247521ea8e7c0000374000ce753c5801cf9f603872d6afC:\Program Files (x86)\Opera\22.0.1471.70\opera.exeC:\Windows\SysWOW64\ntdll.dllccf05d08-0b5e-11e4-a7a8-60eb69732031
CodeIntegrity Errors:
===================================
Date: 2014-05-26 02:29:14.874
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-25 20:55:00.926
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-25 16:46:34.484
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-25 06:36:14.842
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-23 04:55:18.675
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-22 23:59:57.456
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-22 08:35:42.270
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-22 08:28:51.358
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-17 18:46:18.701
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-16 09:38:52.216
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 4028.5 MB
Available physical RAM: 1694.55 MB
Total Pagefile: 8055.17 MB
Available Pagefile: 5091.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:452.66 GB) (Free:393.69 GB) NTFS
Drive d: (Die Siedler 2) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: DCD7F3C7)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014 01 Ran by home (administrator) on HOME-PC on 14-07-2014 21:05:46 Running from C:\Users\home\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe () C:\Windows\snuvcdsm.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-05] (Alcor Micro Corp.) HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe [99712 2011-01-13] (Sonix Technology Co., Ltd.) HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [30080 2011-01-13] () HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-11-07] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2000-01-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2000-01-01] (Realtek Semiconductor) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [189520 2014-07-07] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe" "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware " [54072 2014-05-12] (Malwarebytes Corporation) HKU\.DEFAULT\...\Run: [Advanced SystemCare 6] => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto HKU\S-1-5-21-2860422063-2389435366-3468819961-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-2860422063-2389435366-3468819961-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\PowerReg Scheduler.exe () ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://connect.sat1.de/ https://apps.facebook.com/disneycitygirl/?fb_source=fbpage URLSearchHook: HKCU - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File URLSearchHook: HKCU - (No Name) - {f92a9fe4-2850-4198-b9d5-279880e49b16} - No File URLSearchHook: HKCU - (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No File URLSearchHook: HKCU - (No Name) - {79a2b609-bbc0-4d16-9925-70cb98a6490d} - No File URLSearchHook: HKCU - (No Name) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - No File SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {09A80918-F57F-459B-B8C1-7ACF8EFD1CE0} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=eb3bde43-c29a-41d9-8590-f0c93588585e&apn_sauid=5F75A01D-7072-41C4-A293-C5770049B12D SearchScopes: HKCU - {7BF94701-F358-40CC-85A3-75064A01A668} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus SearchScopes: HKCU - {B92109A9-A502-4D2C-AD6A-8F8998119011} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279411&CUI=UN23838228739036247&UM=2 SearchScopes: HKCU - {E5A360F7-318E-4788-8A2D-C3D4EA2EA529} URL = hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=4&cc= SearchScopes: HKCU - {F3DE2AEE-3CEF-4FDD-BE82-BDF2ED7D9E03} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms} SearchScopes: HKCU - {FC6BD45B-5DF0-43BC-893A-163E741BB32B} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=de&q={searchTerms}&gu=35713ac3a8f747c1b198b1b5e15d2d36&tu=10G9z00C11C01g0&sku=&tstsId=&ver=&&r=241 BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> No File BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No File Toolbar: HKCU - No Name - {79A2B609-BBC0-4D16-9925-70CB98A6490D} - No File Toolbar: HKCU - No Name - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - No File DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-07-09] FF HKCU\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\home\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (Magic Actions for YouTube™) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2013-12-24] CHR Extension: (Docs) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-31] CHR Extension: (Google Drive) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-31] CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-05-28] CHR Extension: (YouTube) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-31] CHR Extension: (Last updated at $time$ on $date$) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-22] CHR Extension: (Google Search) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-31] CHR Extension: (One Piece: Monkey D. Luffy (1920x1200)) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\egombopaikoeelblebkkilbmgpdofcio [2013-12-13] CHR Extension: (avast! Ad Blocker) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-12-13] CHR Extension: (appbario12) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi [2014-01-31] CHR Extension: (AdBlock) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-22] CHR Extension: (Skype Click to Call) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-26] CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-21] CHR Extension: (Google Wallet) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Click&Clean App) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2013-12-24] CHR Extension: (Gmail) - C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-31] CHR HKCU\...\Chrome\Extension: [ggamifejnddpoocdmadhjdbgaijnphdi] - C:\Users\home\AppData\Local\CRE\ggamifejnddpoocdmadhjdbgaijnphdi.crx [2013-07-24] CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\home\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19] CHR HKLM-x32\...\Chrome\Extension: [ggamifejnddpoocdmadhjdbgaijnphdi] - C:\Users\home\AppData\Local\CRE\ggamifejnddpoocdmadhjdbgaijnphdi.crx [2013-07-24] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-07] (Avira Operations GmbH & Co. KG) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation) S3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated) S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-05-28] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S4 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-29] (NewTech Infosystems, Inc.) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [38128 2013-11-07] () R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group) S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com) S3 AdobeFlashPlayerUpdateSvc; No ImagePath S3 McComponentHostService; No ImagePath ==================== Drivers (Whitelisted) ==================== R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG) S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2014-02-28] (Broadcom Corporation.) R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-15] (Lenovo) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation) U0 kqrrkg; C:\Windows\System32\drivers\kkhlq.sys [79064 2014-07-14] (Malwarebytes Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-05-28] (Qualcomm Atheros Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-14] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2011-01-13] () S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-06-20] () R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () S3 WiseHDInfo; C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-14 21:04 - 2014-07-14 21:05 - 00041804 _____ () C:\Users\home\Downloads\Addition.txt 2014-07-14 21:02 - 2014-07-14 21:06 - 00026008 _____ () C:\Users\home\Downloads\FRST.txt 2014-07-14 21:02 - 2014-07-14 21:05 - 00000000 ____D () C:\FRST 2014-07-14 20:57 - 2014-07-14 20:57 - 02086912 _____ (Farbar) C:\Users\home\Downloads\FRST64.exe 2014-07-14 20:22 - 2014-07-14 20:22 - 00057429 _____ () C:\Users\home\Desktop\mbam.txt 2014-07-14 20:21 - 2014-07-14 20:21 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\kkhlq.sys 2014-07-14 19:50 - 2014-07-14 20:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-14 19:49 - 2014-07-14 19:49 - 00001094 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-14 19:49 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-14 19:49 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-14 19:49 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-14 19:48 - 2014-07-14 19:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\home\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-14 16:10 - 2014-07-14 16:10 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (3).exe 2014-07-14 16:10 - 2014-07-14 16:10 - 00001023 _____ () C:\Users\Public\Desktop\Cube World.lnk 2014-07-14 16:10 - 2014-07-14 16:10 - 00000000 ____D () C:\ProgramData\Picroma 2014-07-14 16:10 - 2014-07-14 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cube World 2014-07-14 14:54 - 2014-07-14 14:54 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (2).exe 2014-07-14 14:35 - 2014-07-14 17:35 - 00013018 _____ () C:\Windows\WindowsUpdate.log 2014-07-14 14:34 - 2014-07-14 14:34 - 00114952 _____ () C:\Users\home\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-14 14:32 - 2014-07-14 16:31 - 00000112 _____ () C:\Windows\setupact.log 2014-07-14 14:32 - 2014-07-14 14:32 - 00000666 _____ () C:\Windows\PFRO.log 2014-07-14 14:32 - 2014-07-14 14:32 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-14 10:45 - 2014-07-14 10:45 - 01448809 _____ (DOSBox Team) C:\Users\home\Downloads\DOSBox0.74-win32-installer (1).exe 2014-07-13 16:35 - 2014-07-13 16:35 - 00000000 ____D () C:\Users\home\AppData\Roaming\Eusing 2014-07-13 16:33 - 2014-07-13 16:33 - 00000000 ____D () C:\Users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2014-07-13 16:33 - 2014-07-13 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2014-07-13 16:32 - 2014-07-13 16:32 - 00982988 _____ () C:\Users\home\Downloads\EFRC35Setup.exe 2014-07-13 16:23 - 2014-07-14 15:01 - 00000320 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job 2014-07-13 16:23 - 2014-07-14 14:32 - 00000328 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job 2014-07-13 16:23 - 2014-07-13 16:23 - 00003182 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner 2014-07-13 16:23 - 2014-07-13 16:23 - 00003066 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_UPDATES 2014-07-13 16:23 - 2014-07-13 16:23 - 00002910 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_DEFAULT 2014-07-13 16:15 - 2014-07-13 16:15 - 04786016 _____ (SuperEasy Software GmbH & Co. KG ) C:\Users\home\Downloads\supereasy_registry_cleaner_1.0.0_7987.exe 2014-07-12 23:45 - 2014-07-12 23:45 - 00000045 _____ () C:\Windows\SysWOW64\Configurations.plist.signed 2014-07-12 20:18 - 2014-07-12 20:18 - 00000000 ____D () C:\Users\home\AppData\Roaming\Avira 2014-07-12 20:16 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-07-12 20:16 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-07-12 20:16 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-07-12 20:15 - 2014-07-12 20:32 - 70560360 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Basic_Win_enu_140_175 (1).exe 2014-07-12 20:14 - 2014-07-12 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-07-12 20:14 - 2014-07-12 20:16 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-07-12 20:14 - 2014-07-12 20:14 - 00001117 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-07-12 20:13 - 2014-07-12 20:13 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\home\Downloads\avira_de_av___ws2.exe 2014-07-12 18:08 - 2014-07-09 18:42 - 00218021 ____N () C:\Windows\hpoins46.dat.temp 2014-07-12 18:08 - 2010-01-30 15:21 - 00000532 ____N () C:\Windows\hpomdl46.dat.temp 2014-07-09 20:22 - 2014-07-12 11:20 - 00000000 ____D () C:\Users\home\Documents\1 Bills 2014 2014-07-09 19:14 - 2014-07-09 19:14 - 00000000 ____D () C:\Users\home\AppData\Local\Adobe 2014-07-09 19:13 - 2014-07-09 19:13 - 00000000 ____D () C:\Users\home\Documents\Eigene Scans 2014-07-09 19:12 - 2014-07-09 19:12 - 00000000 ____D () C:\Users\home\AppData\Local\HP 2014-07-09 19:11 - 2014-07-09 19:11 - 00000000 ____D () C:\ProgramData\HPSSUPPLY 2014-07-09 18:43 - 2014-07-09 19:12 - 00000000 ____D () C:\Users\home\AppData\Roaming\HP 2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\ProgramData\WEBREG 2014-07-09 18:37 - 2014-07-12 20:50 - 00000000 ____D () C:\Program Files (x86)\Yahoo! 2014-07-09 18:37 - 2014-07-12 17:50 - 00000000 ____D () C:\Users\home\AppData\Roaming\HpUpdate 2014-07-09 18:37 - 2014-07-09 18:37 - 00000000 ____D () C:\Users\home\AppData\Roaming\Yahoo! 2014-07-09 18:35 - 2014-07-09 18:35 - 00001335 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk 2014-07-09 18:35 - 2014-07-09 18:35 - 00001329 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk 2014-07-09 18:35 - 2014-07-09 18:35 - 00000000 ____D () C:\ProgramData\HP Product Assistant 2014-07-09 18:33 - 2014-07-09 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-07-09 18:32 - 2009-04-16 12:47 - 00136704 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l70w.dll 2014-07-09 18:30 - 2014-07-09 18:37 - 00000000 ____D () C:\Program Files (x86)\HP 2014-07-09 18:29 - 2014-07-09 18:42 - 00218021 ____N () C:\Windows\hpoins46.dat 2014-07-09 18:29 - 2010-01-30 15:21 - 00000532 ____N () C:\Windows\hpomdl46.dat 2014-07-09 18:29 - 2009-04-16 13:53 - 00642360 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll 2014-07-09 18:29 - 2009-04-01 08:21 - 00881664 _____ (Hewlett-Packard) C:\Windows\system32\hposwia_d02d.dll 2014-07-09 18:29 - 2009-04-01 08:21 - 00749056 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpost_d02d.dll 2014-07-09 18:29 - 2009-04-01 08:21 - 00516096 _____ (Hewlett-Packard Co.) C:\Windows\system32\hposc_d02a.dll 2014-07-09 18:29 - 2008-10-29 02:27 - 00551424 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll 2014-07-09 18:26 - 2014-07-09 18:27 - 161214848 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Full_Win_deu_140_175.exe 2014-07-09 17:46 - 2014-07-09 18:02 - 70560360 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Basic_Win_enu_140_175.exe 2014-07-09 17:31 - 2014-07-09 18:04 - 00000000 ____D () C:\Program Files\HP 2014-07-09 17:29 - 2014-07-12 18:09 - 00002300 _____ () C:\ProgramData\hpzinstall.log 2014-07-09 17:28 - 2014-07-09 18:42 - 00000000 ____D () C:\ProgramData\HP 2014-07-09 13:15 - 2014-07-09 13:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_nnfwdk64_01009.Wdf 2014-07-09 13:15 - 2014-07-09 13:15 - 00000000 _____ () C:\extensions.sqlite 2014-07-09 13:08 - 2014-07-12 17:31 - 00000000 ____D () C:\Program Files (x86)\NetRatingsNetSight 2014-07-09 13:08 - 2014-07-09 13:13 - 00000890 _____ () C:\nsinst.log 2014-07-09 12:56 - 2014-07-09 12:57 - 02756976 _____ (The Nielsen Company) C:\Users\home\Downloads\netsight_setup_6.1.0.27_MP_Production_mid51023797558_p.exe 2014-07-09 08:14 - 2014-07-09 08:14 - 00003116 _____ () C:\Windows\System32\Tasks\{D2504801-BBA0-4B9F-8CDB-00D13388E8DA} 2014-07-09 08:13 - 2014-07-09 08:13 - 00000000 ____D () C:\Users\home\AppData\Local\CrashRpt 2014-07-09 08:12 - 2014-07-09 08:12 - 00000000 ____D () C:\Users\home\AppData\Roaming\Digital Support 2014-07-09 08:12 - 2014-07-09 08:12 - 00000000 ____D () C:\Users\home\AppData\Local\conduit 2014-07-09 00:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 00:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 00:11 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 00:10 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 00:10 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 00:10 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 00:10 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 00:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 00:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 00:10 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 00:09 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 00:09 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 00:09 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 00:09 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 00:09 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 00:09 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 00:09 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 00:09 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 00:09 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 00:09 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 00:09 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 00:09 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 00:09 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 00:09 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 00:09 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 00:09 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 00:09 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 00:09 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 00:09 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 00:09 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 00:09 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 00:09 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 00:09 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 00:09 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 00:09 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 00:09 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 00:09 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 00:09 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 00:09 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 00:09 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 00:09 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 00:09 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 00:09 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 00:09 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 00:09 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 00:09 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 00:09 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 00:09 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 00:09 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 00:09 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 00:09 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 00:09 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 00:09 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 00:09 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 00:09 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 00:09 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 00:09 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 00:09 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 00:09 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 00:09 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 00:09 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 00:09 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 00:09 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 00:09 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 00:09 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 00:09 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 00:09 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 00:09 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 00:09 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-08 23:13 - 2014-07-08 23:13 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-07-08 23:01 - 2014-07-08 23:01 - 00875472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110.dll 2014-07-08 22:59 - 2014-07-08 23:00 - 05344984 _____ (Dll-Files.com ) C:\Users\home\Downloads\dffsetup-msvcr110.exe 2014-07-06 11:14 - 2014-07-06 11:14 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-07-06 11:13 - 2014-07-06 11:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-07-06 11:13 - 2014-07-06 11:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-07-06 09:59 - 2014-07-06 09:59 - 00000017 _____ () C:\Users\home\AppData\Local\resmon.resmoncfg 2014-07-06 08:03 - 2014-07-06 08:05 - 00000022 _____ () C:\Users\home\Downloads\ASUS_DR_PCE_AC66_6309526_Win7.zip 2014-07-06 08:02 - 2014-07-06 08:02 - 00000000 ____D () C:\Users\home\AppData\Local\DriverToolkit 2014-07-06 07:43 - 2014-07-06 07:44 - 124637134 _____ (Realtek Semiconductor Corp.) C:\Users\home\Downloads\64bit_Win7_Win8_Win81_R274.exe 2014-07-03 22:27 - 2014-07-03 00:53 - 00148759 _____ () C:\Users\home\Documents\Bestellbestätigung Ihr Einkauf bei allyouneed.com - Kopie.eml 2014-07-03 22:25 - 2014-07-03 22:25 - 00148759 _____ () C:\Users\home\Downloads\Bestellbestätigung Ihr Einkauf bei allyouneed.com.eml 2014-07-03 00:54 - 2014-07-03 00:56 - 00000000 ____D () C:\Users\home\Documents\Outlook-Dateien 2014-06-26 20:29 - 2014-06-26 20:29 - 00000000 ____D () C:\Users\home\AppData\Roaming\SuperEasy 2014-06-23 15:31 - 2014-07-08 23:06 - 00000000 ____D () C:\Users\home\AppData\Roaming\WiseUpdate 2014-06-21 23:25 - 2014-06-21 23:36 - 00000000 ____D () C:\Users\home\AppData\Local\LogMeIn Hamachi 2014-06-21 23:25 - 2014-06-21 23:25 - 00000000 ____D () C:\Users\home\AppData\Local\LogMeIn 2014-06-21 23:25 - 2014-06-21 23:25 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-06-21 23:19 - 2014-06-21 23:20 - 08224768 _____ () C:\Users\home\Downloads\Hamachi_2.2.0.193.msi 2014-06-20 06:03 - 2014-06-20 06:03 - 00000000 ____D () C:\ProgramData\ATI 2014-06-20 05:59 - 2014-06-20 05:59 - 00000024 _____ () C:\Users\home\AppData\Roaming\temp.ini 2014-06-20 05:51 - 2014-06-20 05:51 - 00000000 ____D () C:\Users\home\AppData\Roaming\library_dir 2014-06-20 05:50 - 2014-06-20 05:50 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2014-06-20 05:49 - 2014-06-20 05:49 - 00056272 _____ () C:\Windows\SysWOW64\CCCInstall_201406200549477004.log 2014-06-20 05:49 - 2014-06-20 05:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-06-20 05:38 - 2014-04-18 04:23 - 00231424 _____ () C:\Windows\system32\clinfo.exe 2014-06-20 05:38 - 2014-04-18 04:22 - 28685824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2014-06-20 05:38 - 2014-04-18 04:22 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll 2014-06-20 05:38 - 2014-04-18 04:22 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll 2014-06-20 05:38 - 2014-04-18 04:22 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll 2014-06-20 05:38 - 2014-04-18 04:22 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll 2014-06-20 05:38 - 2014-04-18 04:19 - 24107520 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2014-06-20 05:38 - 2014-04-18 04:17 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-06-20 05:38 - 2014-04-18 04:17 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-06-20 05:38 - 2014-04-18 04:13 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll 2014-06-20 05:38 - 2014-04-18 04:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll 2014-06-20 05:38 - 2014-04-18 04:12 - 05442048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll 2014-06-20 05:38 - 2014-04-18 03:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll 2014-06-20 05:38 - 2014-04-18 03:46 - 00580816 _____ () C:\Windows\SysWOW64\atiapfxx.blb 2014-06-20 05:38 - 2014-04-18 03:45 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll 2014-06-20 05:38 - 2014-04-18 03:45 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll 2014-06-20 05:38 - 2014-04-18 03:33 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll 2014-06-20 05:38 - 2014-04-18 03:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll 2014-06-20 05:38 - 2014-04-18 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2014-06-20 05:38 - 2014-04-18 03:21 - 00806912 _____ (AMD) C:\Windows\system32\coinst_14.100.dll 2014-06-20 05:38 - 2014-04-18 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2014-06-20 05:38 - 2014-04-10 19:58 - 00082128 _____ () C:\Windows\system32\ativce02.dat 2014-06-20 05:38 - 2014-04-01 00:06 - 00234804 _____ () C:\Windows\system32\ativvaxy_cik.dat 2014-06-20 05:38 - 2014-04-01 00:04 - 00233008 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat 2014-06-20 05:38 - 2014-02-06 17:45 - 00134192 _____ () C:\Windows\system32\ativce03.dat 2014-06-20 05:38 - 2014-01-16 19:00 - 00273712 _____ () C:\Windows\system32\ativvaxy_vi_nd.dat 2014-06-20 05:38 - 2014-01-16 18:59 - 00275124 _____ () C:\Windows\system32\ativvaxy_vi.dat 2014-06-20 05:38 - 2010-04-21 01:35 - 00450560 _____ (AMD) C:\Windows\system32\atieclxx.exe 2014-06-20 05:38 - 2010-04-21 01:34 - 00202752 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2014-06-20 05:38 - 2010-04-21 00:40 - 00330752 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2014-06-20 05:20 - 2014-06-20 05:20 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\home\Downloads\SlimDrivers-setup_32705 (3).exe 2014-06-20 05:12 - 2014-06-20 05:12 - 02938144 _____ (LionSea Software co., ltd ) C:\Users\home\Downloads\setup.exe 2014-06-20 01:10 - 2014-07-14 16:10 - 00000000 ____D () C:\Program Files (x86)\Cube World 2014-06-20 01:09 - 2014-06-20 01:10 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3.exe 2014-06-20 01:09 - 2014-06-20 01:10 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (1).exe 2014-06-17 10:12 - 2014-06-17 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 ==================== One Month Modified Files and Folders ======= 2014-07-14 21:06 - 2014-07-14 21:02 - 00026008 _____ () C:\Users\home\Downloads\FRST.txt 2014-07-14 21:06 - 2012-03-08 10:23 - 00000000 ____D () C:\Users\home\AppData\Roaming\Skype 2014-07-14 21:05 - 2014-07-14 21:04 - 00041804 _____ () C:\Users\home\Downloads\Addition.txt 2014-07-14 21:05 - 2014-07-14 21:02 - 00000000 ____D () C:\FRST 2014-07-14 21:01 - 2012-04-01 08:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-14 20:57 - 2014-07-14 20:57 - 02086912 _____ (Farbar) C:\Users\home\Downloads\FRST64.exe 2014-07-14 20:37 - 2014-07-14 19:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-14 20:22 - 2014-07-14 20:22 - 00057429 _____ () C:\Users\home\Desktop\mbam.txt 2014-07-14 20:21 - 2014-07-14 20:21 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\kkhlq.sys 2014-07-14 20:21 - 2009-07-14 06:45 - 00000000 ____D () C:\Windows\Setup 2014-07-14 19:49 - 2014-07-14 19:49 - 00001094 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-14 19:49 - 2014-07-14 19:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-14 19:49 - 2013-12-13 04:37 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-14 19:48 - 2014-07-14 19:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\home\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-14 19:37 - 2014-05-25 06:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grandia II 2014-07-14 19:37 - 2014-05-25 06:03 - 00000000 ____D () C:\Program Files (x86)\Grandia2 2014-07-14 19:20 - 2011-08-22 17:10 - 00000000 ____D () C:\Users\home\AppData\Local\CrashDumps 2014-07-14 17:35 - 2014-07-14 14:35 - 00013018 _____ () C:\Windows\WindowsUpdate.log 2014-07-14 16:44 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-14 16:44 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-14 16:33 - 2013-12-25 02:42 - 00000000 ____D () C:\Users\home\AppData\Roaming\Wise Care 365 2014-07-14 16:31 - 2014-07-14 14:32 - 00000112 _____ () C:\Windows\setupact.log 2014-07-14 16:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-14 16:10 - 2014-07-14 16:10 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (3).exe 2014-07-14 16:10 - 2014-07-14 16:10 - 00001023 _____ () C:\Users\Public\Desktop\Cube World.lnk 2014-07-14 16:10 - 2014-07-14 16:10 - 00000000 ____D () C:\ProgramData\Picroma 2014-07-14 16:10 - 2014-07-14 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cube World 2014-07-14 16:10 - 2014-06-20 01:10 - 00000000 ____D () C:\Program Files (x86)\Cube World 2014-07-14 15:01 - 2014-07-13 16:23 - 00000320 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job 2014-07-14 14:54 - 2014-07-14 14:54 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (2).exe 2014-07-14 14:34 - 2014-07-14 14:34 - 00114952 _____ () C:\Users\home\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-14 14:32 - 2014-07-14 14:32 - 00000666 _____ () C:\Windows\PFRO.log 2014-07-14 14:32 - 2014-07-14 14:32 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-14 14:32 - 2014-07-13 16:23 - 00000328 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job 2014-07-14 12:00 - 2014-01-28 09:26 - 00114952 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT 2014-07-14 10:46 - 2014-06-05 22:42 - 00001894 _____ () C:\Users\Public\Desktop\DOSBox 0.74.lnk 2014-07-14 10:45 - 2014-07-14 10:45 - 01448809 _____ (DOSBox Team) C:\Users\home\Downloads\DOSBox0.74-win32-installer (1).exe 2014-07-14 10:33 - 2014-02-15 00:34 - 00000404 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job 2014-07-13 16:35 - 2014-07-13 16:35 - 00000000 ____D () C:\Users\home\AppData\Roaming\Eusing 2014-07-13 16:33 - 2014-07-13 16:33 - 00000000 ____D () C:\Users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2014-07-13 16:33 - 2014-07-13 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2014-07-13 16:32 - 2014-07-13 16:32 - 00982988 _____ () C:\Users\home\Downloads\EFRC35Setup.exe 2014-07-13 16:30 - 2013-12-27 17:18 - 00114952 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2014-07-13 16:23 - 2014-07-13 16:23 - 00003182 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner 2014-07-13 16:23 - 2014-07-13 16:23 - 00003066 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_UPDATES 2014-07-13 16:23 - 2014-07-13 16:23 - 00002910 _____ () C:\Windows\System32\Tasks\SuperEasy Registry Cleaner_DEFAULT 2014-07-13 16:15 - 2014-07-13 16:15 - 04786016 _____ (SuperEasy Software GmbH & Co. KG ) C:\Users\home\Downloads\supereasy_registry_cleaner_1.0.0_7987.exe 2014-07-12 23:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-12 23:45 - 2014-07-12 23:45 - 00000045 _____ () C:\Windows\SysWOW64\Configurations.plist.signed 2014-07-12 22:55 - 2011-08-22 20:03 - 00711802 _____ () C:\Windows\system32\perfh007.dat 2014-07-12 22:55 - 2011-08-22 20:03 - 00155446 _____ () C:\Windows\system32\perfc007.dat 2014-07-12 22:55 - 2009-07-14 07:13 - 01655258 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-12 20:50 - 2014-07-09 18:37 - 00000000 ____D () C:\Program Files (x86)\Yahoo! 2014-07-12 20:32 - 2014-07-12 20:15 - 70560360 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Basic_Win_enu_140_175 (1).exe 2014-07-12 20:18 - 2014-07-12 20:18 - 00000000 ____D () C:\Users\home\AppData\Roaming\Avira 2014-07-12 20:17 - 2014-07-12 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-07-12 20:16 - 2014-07-12 20:14 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-07-12 20:16 - 2012-11-03 04:22 - 00000000 ____D () C:\ProgramData\Avira 2014-07-12 20:14 - 2014-07-12 20:14 - 00001117 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-07-12 20:14 - 2013-12-24 12:44 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-12 20:13 - 2014-07-12 20:13 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\home\Downloads\avira_de_av___ws2.exe 2014-07-12 18:09 - 2014-07-09 17:29 - 00002300 _____ () C:\ProgramData\hpzinstall.log 2014-07-12 17:50 - 2014-07-09 18:37 - 00000000 ____D () C:\Users\home\AppData\Roaming\HpUpdate 2014-07-12 17:50 - 2014-06-06 16:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-07-12 17:34 - 2011-08-22 10:57 - 00000000 ____D () C:\Users\home 2014-07-12 17:33 - 2014-02-14 04:30 - 00000000 ____D () C:\Users\home\AppData\Roaming\ProductData 2014-07-12 17:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-12 17:31 - 2014-07-09 13:08 - 00000000 ____D () C:\Program Files (x86)\NetRatingsNetSight 2014-07-12 11:20 - 2014-07-09 20:22 - 00000000 ____D () C:\Users\home\Documents\1 Bills 2014 2014-07-10 03:57 - 2009-07-14 06:45 - 00443784 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 20:55 - 2011-08-22 11:59 - 00000000 ____D () C:\Users\home\AppData\Roaming\Adobe 2014-07-09 19:14 - 2014-07-09 19:14 - 00000000 ____D () C:\Users\home\AppData\Local\Adobe 2014-07-09 19:13 - 2014-07-09 19:13 - 00000000 ____D () C:\Users\home\Documents\Eigene Scans 2014-07-09 19:12 - 2014-07-09 19:12 - 00000000 ____D () C:\Users\home\AppData\Local\HP 2014-07-09 19:12 - 2014-07-09 18:43 - 00000000 ____D () C:\Users\home\AppData\Roaming\HP 2014-07-09 19:11 - 2014-07-09 19:11 - 00000000 ____D () C:\ProgramData\HPSSUPPLY 2014-07-09 18:53 - 2012-04-01 08:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 18:53 - 2012-04-01 08:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 18:53 - 2011-08-25 19:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-09 18:43 - 2014-07-09 18:43 - 00000000 ____D () C:\ProgramData\WEBREG 2014-07-09 18:42 - 2014-07-12 18:08 - 00218021 ____N () C:\Windows\hpoins46.dat.temp 2014-07-09 18:42 - 2014-07-09 18:29 - 00218021 ____N () C:\Windows\hpoins46.dat 2014-07-09 18:42 - 2014-07-09 17:28 - 00000000 ____D () C:\ProgramData\HP 2014-07-09 18:42 - 2009-07-14 04:34 - 00000438 _____ () C:\Windows\win.ini 2014-07-09 18:37 - 2014-07-09 18:37 - 00000000 ____D () C:\Users\home\AppData\Roaming\Yahoo! 2014-07-09 18:37 - 2014-07-09 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-07-09 18:37 - 2014-07-09 18:30 - 00000000 ____D () C:\Program Files (x86)\HP 2014-07-09 18:35 - 2014-07-09 18:35 - 00001335 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk 2014-07-09 18:35 - 2014-07-09 18:35 - 00001329 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk 2014-07-09 18:35 - 2014-07-09 18:35 - 00000000 ____D () C:\ProgramData\HP Product Assistant 2014-07-09 18:27 - 2014-07-09 18:26 - 161214848 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Full_Win_deu_140_175.exe 2014-07-09 18:04 - 2014-07-09 17:31 - 00000000 ____D () C:\Program Files\HP 2014-07-09 18:02 - 2014-07-09 17:46 - 70560360 _____ () C:\Users\home\Downloads\DJ_AIO_06_F4500_USW_Basic_Win_enu_140_175.exe 2014-07-09 13:15 - 2014-07-09 13:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_nnfwdk64_01009.Wdf 2014-07-09 13:15 - 2014-07-09 13:15 - 00000000 _____ () C:\extensions.sqlite 2014-07-09 13:15 - 2014-06-07 23:39 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-09 13:13 - 2014-07-09 13:08 - 00000890 _____ () C:\nsinst.log 2014-07-09 12:57 - 2014-07-09 12:56 - 02756976 _____ (The Nielsen Company) C:\Users\home\Downloads\netsight_setup_6.1.0.27_MP_Production_mid51023797558_p.exe 2014-07-09 08:17 - 2014-05-07 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-09 08:17 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-09 08:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-09 08:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-09 08:14 - 2014-07-09 08:14 - 00003116 _____ () C:\Windows\System32\Tasks\{D2504801-BBA0-4B9F-8CDB-00D13388E8DA} 2014-07-09 08:13 - 2014-07-09 08:13 - 00000000 ____D () C:\Users\home\AppData\Local\CrashRpt 2014-07-09 08:12 - 2014-07-09 08:12 - 00000000 ____D () C:\Users\home\AppData\Roaming\Digital Support 2014-07-09 08:12 - 2014-07-09 08:12 - 00000000 ____D () C:\Users\home\AppData\Local\conduit 2014-07-09 08:11 - 2014-02-26 09:11 - 00000272 _____ () C:\Windows\Tasks\pcupdater_UPDATES.job 2014-07-09 08:02 - 2011-08-22 15:27 - 00000000 ____D () C:\Program Files (x86)\Google 2014-07-09 07:26 - 2013-07-19 03:02 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-09 07:22 - 2011-09-01 15:43 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-08 23:13 - 2014-07-08 23:13 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-07-08 23:12 - 2010-09-01 10:49 - 00000000 ____D () C:\ProgramData\Adobe 2014-07-08 23:12 - 2010-09-01 10:48 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-07-08 23:06 - 2014-06-23 15:31 - 00000000 ____D () C:\Users\home\AppData\Roaming\WiseUpdate 2014-07-08 23:01 - 2014-07-08 23:01 - 00875472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110.dll 2014-07-08 23:01 - 2012-07-26 16:22 - 00849360 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110.dll 2014-07-08 23:00 - 2014-07-08 22:59 - 05344984 _____ (Dll-Files.com ) C:\Users\home\Downloads\dffsetup-msvcr110.exe 2014-07-08 22:54 - 2014-01-16 19:05 - 00003514 _____ () C:\Windows\System32\Tasks\FreeDriverScout 2014-07-08 07:12 - 2011-09-11 14:29 - 00000000 ____D () C:\Users\home\AppData\Roaming\SoftGrid Client 2014-07-06 11:58 - 2014-07-06 11:13 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-07-06 11:58 - 2014-05-28 05:54 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-07-06 11:58 - 2014-05-28 05:54 - 00000000 ____D () C:\Program Files\Realtek 2014-07-06 11:58 - 2013-12-28 14:38 - 00000000 ____D () C:\ProgramData\FreeDriverScout 2014-07-06 11:58 - 2013-11-12 22:37 - 00000000 ____D () C:\ProgramData\ProductData 2014-07-06 11:58 - 2009-07-14 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-07-06 11:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security 2014-07-06 11:55 - 2013-12-25 02:41 - 00000000 ____D () C:\Program Files (x86)\Wise 2014-07-06 11:55 - 2010-09-01 10:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-06 11:33 - 2014-07-06 11:13 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-07-06 11:14 - 2014-07-06 11:14 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-07-06 09:59 - 2014-07-06 09:59 - 00000017 _____ () C:\Users\home\AppData\Local\resmon.resmoncfg 2014-07-06 08:25 - 2010-09-01 10:25 - 00000000 ___HD () C:\Program Files (x86)\Temp 2014-07-06 08:05 - 2014-07-06 08:03 - 00000022 _____ () C:\Users\home\Downloads\ASUS_DR_PCE_AC66_6309526_Win7.zip 2014-07-06 08:02 - 2014-07-06 08:02 - 00000000 ____D () C:\Users\home\AppData\Local\DriverToolkit 2014-07-06 07:44 - 2014-07-06 07:43 - 124637134 _____ (Realtek Semiconductor Corp.) C:\Users\home\Downloads\64bit_Win7_Win8_Win81_R274.exe 2014-07-03 22:25 - 2014-07-03 22:25 - 00148759 _____ () C:\Users\home\Downloads\Bestellbestätigung Ihr Einkauf bei allyouneed.com.eml 2014-07-03 00:56 - 2014-07-03 00:54 - 00000000 ____D () C:\Users\home\Documents\Outlook-Dateien 2014-07-03 00:53 - 2014-07-03 22:27 - 00148759 _____ () C:\Users\home\Documents\Bestellbestätigung Ihr Einkauf bei allyouneed.com - Kopie.eml 2014-07-02 13:06 - 2014-07-12 20:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-07-02 13:06 - 2014-07-12 20:16 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-07-02 13:06 - 2014-07-12 20:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-06-30 04:09 - 2014-07-09 00:10 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-09 00:10 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-26 20:29 - 2014-06-26 20:29 - 00000000 ____D () C:\Users\home\AppData\Roaming\SuperEasy 2014-06-25 09:13 - 2013-08-20 06:00 - 00000000 ____D () C:\Users\home\Documents\Bluetooth-Exchange-Ordner 2014-06-22 00:30 - 2013-03-26 03:37 - 00000000 ____D () C:\Users\home\AppData\Local\Packard Bell 2014-06-21 23:36 - 2014-06-21 23:25 - 00000000 ____D () C:\Users\home\AppData\Local\LogMeIn Hamachi 2014-06-21 23:25 - 2014-06-21 23:25 - 00000000 ____D () C:\Users\home\AppData\Local\LogMeIn 2014-06-21 23:25 - 2014-06-21 23:25 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-06-21 23:20 - 2014-06-21 23:19 - 08224768 _____ () C:\Users\home\Downloads\Hamachi_2.2.0.193.msi 2014-06-20 22:14 - 2014-07-09 00:09 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-20 21:39 - 2014-07-09 00:09 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-06-20 06:03 - 2014-06-20 06:03 - 00000000 ____D () C:\ProgramData\ATI 2014-06-20 05:59 - 2014-06-20 05:59 - 00000024 _____ () C:\Users\home\AppData\Roaming\temp.ini 2014-06-20 05:58 - 2013-05-26 06:21 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys 2014-06-20 05:51 - 2014-06-20 05:51 - 00000000 ____D () C:\Users\home\AppData\Roaming\library_dir 2014-06-20 05:50 - 2014-06-20 05:50 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2014-06-20 05:50 - 2014-02-08 17:09 - 00000000 ____D () C:\ProgramData\AMD 2014-06-20 05:50 - 2011-08-22 10:11 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-06-20 05:49 - 2014-06-20 05:49 - 00056272 _____ () C:\Windows\SysWOW64\CCCInstall_201406200549477004.log 2014-06-20 05:49 - 2014-06-20 05:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-06-20 05:48 - 2013-04-26 14:20 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-06-20 05:43 - 2014-06-04 05:40 - 00003848 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1387908115 2014-06-20 05:43 - 2013-06-19 03:02 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-06-20 05:20 - 2014-06-20 05:20 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\home\Downloads\SlimDrivers-setup_32705 (3).exe 2014-06-20 05:12 - 2014-06-20 05:12 - 02938144 _____ (LionSea Software co., ltd ) C:\Users\home\Downloads\setup.exe 2014-06-20 01:10 - 2014-06-20 01:09 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3.exe 2014-06-20 01:10 - 2014-06-20 01:09 - 01620442 _____ (Picroma ) C:\Users\home\Downloads\CubeSetup3 (1).exe 2014-06-19 03:39 - 2014-07-09 00:09 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-19 03:06 - 2014-07-09 00:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-19 03:06 - 2014-07-09 00:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-19 02:48 - 2014-07-09 00:09 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-19 02:42 - 2014-07-09 00:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-19 02:42 - 2014-07-09 00:09 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-19 02:41 - 2014-07-09 00:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-06-19 02:41 - 2014-07-09 00:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-19 02:32 - 2014-07-09 00:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-19 02:31 - 2014-07-09 00:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-19 02:26 - 2014-07-09 00:09 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-19 02:24 - 2014-07-09 00:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-19 02:24 - 2014-07-09 00:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-19 02:23 - 2014-07-09 00:09 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-19 02:16 - 2014-07-09 00:09 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-19 02:14 - 2014-07-09 00:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-19 02:09 - 2014-07-09 00:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-19 01:59 - 2014-07-09 00:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-19 01:56 - 2014-07-09 00:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-19 01:53 - 2014-07-09 00:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-19 01:51 - 2014-07-09 00:09 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-19 01:50 - 2014-07-09 00:09 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-19 01:48 - 2014-07-09 00:09 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-19 01:39 - 2014-07-09 00:09 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-19 01:38 - 2014-07-09 00:09 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-19 01:37 - 2014-07-09 00:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-19 01:36 - 2014-07-09 00:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-19 01:35 - 2014-07-09 00:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-06-19 01:33 - 2014-07-09 00:09 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-19 01:32 - 2014-07-09 00:09 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-19 01:28 - 2014-07-09 00:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-19 01:28 - 2014-07-09 00:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-19 01:27 - 2014-07-09 00:09 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-19 01:27 - 2014-07-09 00:09 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-19 01:25 - 2014-07-09 00:09 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-19 01:23 - 2014-07-09 00:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-19 01:22 - 2014-07-09 00:09 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-19 01:12 - 2014-07-09 00:09 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-19 01:06 - 2014-07-09 00:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-19 01:01 - 2014-07-09 00:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-19 00:59 - 2014-07-09 00:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-19 00:58 - 2014-07-09 00:09 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-19 00:58 - 2014-07-09 00:09 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-19 00:52 - 2014-07-09 00:09 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-19 00:51 - 2014-07-09 00:09 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-19 00:49 - 2014-07-09 00:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-19 00:46 - 2014-07-09 00:09 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-19 00:45 - 2014-07-09 00:09 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-19 00:35 - 2014-07-09 00:09 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-19 00:34 - 2014-07-09 00:09 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-19 00:15 - 2014-07-09 00:09 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-19 00:13 - 2014-07-09 00:09 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-19 00:09 - 2014-07-09 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-19 00:07 - 2014-07-09 00:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-18 23:41 - 2011-09-03 16:02 - 00000000 ____D () C:\Users\home\AppData\Roaming\Apple Computer 2014-06-18 04:18 - 2014-07-09 00:11 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-06-18 03:51 - 2014-07-09 00:11 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-06-18 03:10 - 2014-07-09 00:11 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-06-17 10:12 - 2014-06-17 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 Some content of TEMP: ==================== C:\Users\home\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-08 13:14 ==================== End Of Log ============================ --- --- --- |
|
14.07.2014, 20:40
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefunden Schritt 1 Bitte lade Dir zoek.exe von hier: http://hijackthis.nl/smeenk/
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Bitte starte FRST erneut, und drücke auf Scan. Bitte poste mir den Inhalt des Logs.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
14.07.2014, 21:01
| #9 |
| | Viele Fehler mit Malwarebites Anti-Malware gefunden Das zoek ist gestartet. Woran erkenne ich denn die Logdatei, bzw. dass das Tool fertig ist? -- Okay, es sah aus, als würde es stoppen, ich warte weiter. Geändert von Annelore (14.07.2014 um 21:14 Uhr) |
|
14.07.2014, 21:16
| #10 |
| /// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefunden Ok...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
14.07.2014, 21:45
| #11 |
| | Viele Fehler mit Malwarebites Anti-Malware gefunden Das sollte das zoek Log sein. Werde nun den AdwCleaner starten. Code:
ATTFilter Zoek.exe v5.0.0.0 Updated 14-07-2014
Tool run by home on 14.07.2014 at 21:49:50,47.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\home\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14.07.2014 21:55:12 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{09A80918-F57F-459B-B8C1-7ACF8EFD1CE0} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7BF94701-F358-40CC-85A3-75064A01A668} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B92109A9-A502-4D2C-AD6A-8F8998119011} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E5A360F7-318E-4788-8A2D-C3D4EA2EA529} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F3DE2AEE-3CEF-4FDD-BE82-BDF2ED7D9E03} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32004B8A-44A9-43E7-84E9-808838809519} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC232AE5-3AA7-4663-8951-C1E8911DB323} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{32004B8A-44A9-43E7-84E9-808838809519} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{597A9974-8CB0-4F41-B61F-ED065738A397} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{CC232AE5-3AA7-4663-8951-C1E8911DB323} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{79A2B609-BBC0-4D16-9925-70CB98A6490D} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{79A2B609-BBC0-4D16-9925-70CB98A6490D} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{79A2B609-BBC0-4D16-9925-70CB98A6490D} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CD90BF73-20F6-44EF-993D-BB920303BD2E} deleted successfully
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CD90BF73-20F6-44EF-993D-BB920303BD2E} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CD90BF73-20F6-44EF-993D-BB920303BD2E} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{CD90BF73-20F6-44EF-993D-BB920303BD2E} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{CD90BF73-20F6-44EF-993D-BB920303BD2E} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{1C471DD7-B459-4F4A-A418-B040CAAFDAB8} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311341140} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully
HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{1FAFD711-ABF9-4F6A-8130-5166C7371427} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{112BA211-334C-4A90-90EC-2AD1CDAB287C} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{7e111a5c-3d11-4f56-9463-5310c3c69025} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{f92a9fe4-2850-4198-b9d5-279880e49b16} deleted successfully
HKEY_USERS\S-1-5-21-2860422063-2389435366-3468819961-1000\Software\Mozilla\Firefox\Extensions\speedtest4354@BestOffers deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo!");
user_pref("browser.search.order.1", "foxsearch");
Added to C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\home\AppData\Roaming\Thunderbird\Profiles\zr5zz4xc.default\prefs.js:
Added to C:\Users\home\AppData\Roaming\Thunderbird\Profiles\zr5zz4xc.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default
---- Lines Search modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"msntoolbar@msn.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\
---- Lines bandoo modified from prefs.js ----
user_pref("extensions.enabledAddons", "ffox@bandoo.com:5.1,{BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2,{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.2.
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"msntoolbar@msn.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\
---- FireFox user.js and prefs.js backups ----
user__2223_.backup
prefs__2223_.backup
ProfilePath: C:\Users\home\AppData\Roaming\Thunderbird\Profiles\zr5zz4xc.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__2223_.backup
==== Deleting Files \ Folders ======================
C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\extensions\ffox@bandoo.com not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\PROGRA~3\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted
C:\Users\home\.android deleted
C:\PROGRA~2\Probit Software deleted
C:\PROGRA~2\FoxTabVideoConverter deleted
C:\PROGRA~2\Yahoo! deleted
C:\extensions.sqlite deleted
C:\Users\home\AppData\Roaming\temp.ini deleted
C:\Users\home\AppData\Roaming\Common deleted
C:\Users\home\AppData\Roaming\Yahoo! deleted
C:\Users\home\AppData\Roaming\YoudaGames deleted
C:\Users\home\AppData\Roaming\PerformerSoft deleted
C:\Users\home\Documents\Freemium Driver Utilities deleted
C:\PROGRA~3\NOTEPAD.EXE-x.txt deleted
C:\PROGRA~3\REGSVR32.EXE-x.txt deleted
C:\PROGRA~3\RUNDLL32.EXE-x.txt deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\FreeDriverScout deleted
C:\PROGRA~3\Uniblue\DriverScanner deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Uniblue deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\home\AppData\Local\CRE deleted
C:\Users\home\AppData\Local\Slick Savings deleted
C:\Users\home\AppData\Local\cache deleted
C:\Users\home\AppData\Local\conduit deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covus Freemium deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\Users\home\Downloads\iLividSetupV1(1).exe deleted
C:\Users\home\Downloads\iLividSetupV1(2).exe deleted
C:\Users\home\Downloads\iLividSetupV1.exe deleted
C:\Users\home\Downloads\SweetImSetup.exe deleted
C:\Users\home\Searches deleted
C:\Users\home\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\PriceGong deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Conduit deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\Wise Care 365.job deleted
C:\Windows\tasks\Wise Turbo Checker.job deleted
C:\windows\SysNative\tasks\Wise Care 365 deleted
C:\windows\SysNative\tasks\Wise Turbo Checker deleted
C:\windows\SysNative\tasks\RunAsStdUser Task deleted
C:\windows\SysNative\tasks\FreeDriverScout deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\extensions\staged deleted
C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\extensions\adsremoval@adsremoval.net deleted
"C:\Windows\Installer\147222b.msi" deleted
"C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\home\AppData\Roaming\Ihaq" deleted
"C:\Users\home\AppData\Roaming\TERA" deleted
"C:\Users\home\AppData\Roaming\Wazabo" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [09.07.2014 18:36]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [09.07.2014 18:36]
==== Firefox Extensions ======================
ProfilePath: C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default
- Undetermined - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn
- Undetermined - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_2_3
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- GoogleEnhancer - %ProfilePath%\extensions\{21e48e29-f574-4619-b65d-0f00eea92e5b}.xpi
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aakchaleigkohafkfjfjbblobjifikek - C:\Users\home\AppData\LocalLow\proxtube\CHROME\proxtube.crx[25.03.2013 20:52]
aohghmighlieiainnegkcijnfilokake - No path found[]
fplhdcjmbpfkejbhngmlngaecbjmoimd - No path found[]
ggamifejnddpoocdmadhjdbgaijnphdi - C:\Users\home\AppData\Local\CRE\ggamifejnddpoocdmadhjdbgaijnphdi.crx[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]
jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11.04.2014 19:46]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ggamifejnddpoocdmadhjdbgaijnphdi - C:\Users\home\AppData\Local\CRE\ggamifejnddpoocdmadhjdbgaijnphdi.crx[]
Advanced SystemCare Surfing Protection - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
One Piece: Monkey D. Luffy (1920x1200) - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\egombopaikoeelblebkkilbmgpdofcio
appbario12 - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi
AdBlock - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Skype Click to Call - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Advanced SystemCare Surfing Protection - home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
==== Chrome Fix ======================
C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake deleted successfully
C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd deleted successfully
C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="hxxp://www.bing.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{FC6BD45B-5DF0-43BC-893A-163E741BB32B} Search By ZoneAlarm Url="hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=de&q={searchTerms}&gu=35713ac3a8f747c1b198b1b5e15d2d36&tu=10G9z00C11C01g0&sku=&tstsId=&ver=&&r=241"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aohghmighlieiainnegkcijnfilokake deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ggamifejnddpoocdmadhjdbgaijnphdi deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome Cache found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2474 folders=588 117087863 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\home\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\home\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on 14.07.2014 at 22:37:57,37 ======================
|
|
14.07.2014, 21:47
| #12 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefundenZitat:
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
14.07.2014, 22:12
| #13 |
| | Viele Fehler mit Malwarebites Anti-Malware gefunden In dem C: Ordner sind 8 Teile davon. R0, R1, R2, R3, S0, S1, S2, S3 Dies ist die Variante, die sich nach dem Neustart öffnete: Code:
ATTFilter # AdwCleaner v3.014 - Bericht erstellt am 10/12/2013 um 15:57:23
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : home - HOME-PC
# Gestartet von : C:\Users\home\Downloads\AdwCleaner-3.014.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\END
Datei Gefunden : C:\Users\home\AppData\Local\omesuperv.exe
Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\om@offermosquito.com.xpi
Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\searchplugins\fbdownloader_search.xml
Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\searchplugins\search.xml
Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\searchplugins\Search_Results.xml
Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\user.js
Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\user.js
Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Datei Gefunden : C:\Windows\System32\roboot64.exe
Datei Gefunden : C:\Windows\System32\Tasks\LaunchApp
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\adsremoval@adsremoval.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\adsremoval@adsremoval.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\ascsurfingprotection@iobit.com
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\ascsurfingprotection@iobit.com
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\savingsslider@mybrowserbar.com
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\searchads@instair.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\searchads@instair.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\speeddial@instair.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\speeddial@instair.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\Extensions\speeddial@instair.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\adsremoval@adsremoval.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\adsremoval@adsremoval.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\ascsurfingprotection@iobit.com
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\ascsurfingprotection@iobit.com
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\ich@maltegoetz.de
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\info@flagfox.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\searchads@instair.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\searchads@instair.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\speeddial@instair.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\speeddial@instair.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\speeddial@instair.net
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\welcome@toolmin.com
Ordner Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\Extensions\welcome@toolmin.com
Ordner Gefunden C:\Program Files (x86)\Common Files\Spigot
Ordner Gefunden C:\Program Files (x86)\Conduit
Ordner Gefunden C:\Program Files (x86)\iLivid
Ordner Gefunden C:\Program Files (x86)\MyPC Backup
Ordner Gefunden C:\Program Files (x86)\Secure Speed Dial
Ordner Gefunden C:\ProgramData\AlawarWrapper
Ordner Gefunden C:\ProgramData\Babylon
Ordner Gefunden C:\ProgramData\boost_interprocess
Ordner Gefunden C:\ProgramData\IBUpdaterService
Ordner Gefunden C:\ProgramData\ParetoLogic
Ordner Gefunden C:\ProgramData\Tarma Installer
Ordner Gefunden C:\ProgramData\Trymedia
Ordner Gefunden C:\ProgramData\Uniblue\DriverScanner
Ordner Gefunden C:\Users\home\AppData\Local\Babylon
Ordner Gefunden C:\Users\home\AppData\Local\Conduit
Ordner Gefunden C:\Users\home\AppData\Local\Ilivid Player
Ordner Gefunden C:\Users\home\AppData\Local\OpenCandy
Ordner Gefunden C:\Users\home\AppData\Local\PackageAware
Ordner Gefunden C:\Users\home\AppData\LocalLow\BabylonToolbar
Ordner Gefunden C:\Users\home\AppData\LocalLow\Bandoo
Ordner Gefunden C:\Users\home\AppData\LocalLow\Conduit
Ordner Gefunden C:\Users\home\AppData\LocalLow\FlagFox
Ordner Gefunden C:\Users\home\AppData\LocalLow\IncrediMail_MediaBar_2
Ordner Gefunden C:\Users\home\AppData\LocalLow\PriceGong
Ordner Gefunden C:\Users\home\AppData\LocalLow\searchquband
Ordner Gefunden C:\Users\home\AppData\Roaming\Babylon
Ordner Gefunden C:\Users\home\AppData\Roaming\Bandoo
Ordner Gefunden C:\Users\home\AppData\Roaming\Common\LuaRT
Ordner Gefunden C:\Users\home\AppData\Roaming\DataMgr
Ordner Gefunden C:\Users\home\AppData\Roaming\DriverCure
Ordner Gefunden C:\Users\home\AppData\Roaming\file scout
Ordner Gefunden C:\Users\home\AppData\Roaming\Intermediate
Ordner Gefunden C:\Users\home\AppData\Roaming\OCS
Ordner Gefunden C:\Users\home\AppData\Roaming\OpenCandy
Ordner Gefunden C:\Users\home\AppData\Roaming\ParetoLogic
Ordner Gefunden C:\Users\home\AppData\Roaming\PerformerSoft
Ordner Gefunden C:\Users\home\AppData\Roaming\registry mechanic
Ordner Gefunden C:\Users\home\AppData\Roaming\SCheck
Ordner Gefunden C:\Users\home\AppData\Roaming\SeeSimilar02
Ordner Gefunden C:\Users\home\AppData\Roaming\Snz
Ordner Gefunden C:\Users\home\AppData\Roaming\SSync
Ordner Gefunden C:\Users\home\AppData\Roaming\StatusWinks
Ordner Gefunden C:\Users\home\AppData\Roaming\Toolplugin
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_2
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gefunden : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\clickpotatolitesa
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Cr_Installer
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\filescout
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk
Schlüssel Gefunden : HKCU\Software\ilivid
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\OfferMosquito
Schlüssel Gefunden : HKCU\Software\ParetoLogic
Schlüssel Gefunden : HKCU\Software\Protector
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\clickpotatolitesa
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\Cr_Installer
Schlüssel Gefunden : [x64] HKCU\Software\DataMngr
Schlüssel Gefunden : [x64] HKCU\Software\filescout
Schlüssel Gefunden : [x64] HKCU\Software\ilivid
Schlüssel Gefunden : [x64] HKCU\Software\IM
Schlüssel Gefunden : [x64] HKCU\Software\ImInstaller
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OfferMosquito
Schlüssel Gefunden : [x64] HKCU\Software\ParetoLogic
Schlüssel Gefunden : [x64] HKCU\Software\Protector
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\Software\Bandoo
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\cfdfamfnacokbbbnmpdfmhonipnhmbid
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Schlüssel Gefunden : HKLM\Software\ImInstaller
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_veoh_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_veoh_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_super-mario-world-deluxe_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_super-mario-world-deluxe_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_die-piratenbucht_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_die-piratenbucht_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_directx_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_directx_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_panda-cloud-antivirus_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_panda-cloud-antivirus_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_realtek-ac97-audio-codecs_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_realtek-ac97-audio-codecs_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player (1)_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player (1)_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player (2)_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player (2)_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player(1)_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player(1)_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_zelda-classic_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_zelda-classic_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Schlüssel Gefunden : HKLM\Software\ParetoLogic
Schlüssel Gefunden : HKLM\SOFTWARE\SNS_Upgrade
Schlüssel Gefunden : HKLM\Software\Trymedia Systems
Schlüssel Gefunden : HKLM\Software\Uniblue
Schlüssel Gefunden : HKLM\Software\Uniblue\DriverScanner
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DataMngr
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Tarma Installer
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [OMESupervisor]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Snoozer]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [ClickPotatoLite@ClickPotatoLite.com]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-89AF-189327213627}]
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16736
-\\ Mozilla Firefox v
[ Datei : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\m8nvimsj.default-1367199462434\prefs.js ]
[ Datei : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\prefs.js ]
Zeile gefunden : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Zeile gefunden : user_pref("browser.search.defaultthis.engineName", "A Free Ride Games Bar Customized Web Search");
Zeile gefunden : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1320680&SearchSource=3&q={searchTerms}");
Zeile gefunden : user_pref("extensions.BabylonToolbar.bbDpng", 17);
Zeile gefunden : user_pref("extensions.BabylonToolbar.cntry", "DE");
Zeile gefunden : user_pref("extensions.BabylonToolbar.dfltLng", "de");
Zeile gefunden : user_pref("extensions.BabylonToolbar.firstRun", false);
Zeile gefunden : user_pref("extensions.BabylonToolbar.hdrMd5", "88F2E069E996A263543A0687DF38E1DE");
Zeile gefunden : user_pref("extensions.BabylonToolbar.id", "b1e22830417644189772e36c1f9d8753");
Zeile gefunden : user_pref("extensions.BabylonToolbar.instlDay", "15230");
Zeile gefunden : user_pref("extensions.BabylonToolbar.lastActv", "17");
Zeile gefunden : user_pref("extensions.BabylonToolbar.lastDP", 17);
Zeile gefunden : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.31.222:19:22");
Zeile gefunden : user_pref("extensions.BabylonToolbar.sid", "b1e22830417644189772e36c1f9d8753");
-\\ Google Chrome v32.0.1700.41
[ Datei : C:\Users\home\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [24819 octets] - [10/12/2013 15:57:23]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24880 octets] ##########
|
|
14.07.2014, 22:17
| #14 |
| /// TB-Ausbilder /// Anleitungs-Guru | Viele Fehler mit Malwarebites Anti-Malware gefundenCode:
ATTFilter # AdwCleaner v3.014 - Bericht erstellt am 10/12/2013 um 15:57:23
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : home - HOME-PC
# Gestartet von : C:\Users\home\Downloads\AdwCleaner-3.014.exe
# Option : Suchen
Code:
ATTFilter C:\AdwCleaner\
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
14.07.2014, 22:22
| #15 |
| | Viele Fehler mit Malwarebites Anti-Malware gefunden Verzeihung. Das sollte nun stimmen. Code:
ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 14/07/2014 um 22:51:31
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : home - HOME-PC
# Gestartet von : C:\Users\home\Downloads\adwcleaner_3.215.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\user.js
Ordner Gefunden : C:\ProgramData\IObit\Driver Booster
Ordner Gefunden : C:\Users\home\AppData\Roaming\IObit\Driver Booster
Ordner Gefunden : C:\Users\home\AppData\Roaming\Nico Mak Computing
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\lollipop
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\lollipop
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : HKLM\Software\Uniblue
Schlüssel Gefunden : HKLM\Software\Uniblue\DriverScanner
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v
[ Datei : C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\vb07y0q4.default\prefs.js ]
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [25085 octets] - [10/12/2013 16:57:23]
AdwCleaner[R1].txt - [1206 octets] - [22/12/2013 07:47:32]
AdwCleaner[R2].txt - [5107 octets] - [15/01/2014 22:11:47]
AdwCleaner[R3].txt - [3932 octets] - [14/07/2014 22:51:31]
AdwCleaner[S0].txt - [22256 octets] - [10/12/2013 17:00:13]
AdwCleaner[S1].txt - [1269 octets] - [22/12/2013 07:57:02]
AdwCleaner[S2].txt - [4891 octets] - [15/01/2014 22:13:50]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [4173 octets] ##########
|
|
Linear-Darstellung
