n11.adshostne, Zombie News und andere Werbung

adan407 · 29.01.2015, 18:36

Hallo Team,
langsam gehen mir diese ganzen Werbebanner richtig auf die Nerven.
Bestimmt leiten die ein auch nicht immer auf Seiten weiter, die für den Computer
förderlich sind und die Programme die ich im Namen des Themas schon erwähnt habe,
lassen sich einfach nicht deinstallieren.
Ich hoffe ihr könnt mir helfen.

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Marian Curdt (administrator) on MARIANCURDTPC on 29-01-2015 18:34:58
Running from C:\Users\Marian Curdt\Downloads
Loaded Profiles: Marian Curdt & UpdatusUser (Available profiles: Marian Curdt & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Spotify Ltd) C:\Users\Marian Curdt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Time Lapse Solutions) C:\ProgramData\NtiAgOWstf\dhtDXma.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Elex do Brasil Participações Ltda) C:\Users\Marian Curdt\AppData\Local\Temp\_@7A4E.tmp
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [839384 2014-09-16] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Run: [] => [X]
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIINE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-102 103 Series"
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [Spotify Web Helper] => C:\Users\Marian Curdt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-15] (Spotify Ltd)
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\MountPoints2: {21fde83c-5e8b-11e3-8c52-d3a745ceaade} - G:\pushinst.exe
AppInit_DLLs: C:\ProgramData\Fast => C:\ProgramData\Fast File Not Found
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => "c:\progra~3\fastan~1\fastan~1.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\p6_19_erinnerung.lnk
ShortcutTarget: p6_19_erinnerung.lnk -> C:\Program Files (x86)\phase6\phase6_19\WinStart\p6erinnerung.exe (phase6)
Startup: C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk
ShortcutTarget: GameRanger.lnk -> C:\Users\Marian Curdt\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
Startup: C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1510 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1422550344&from=obw&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1422550344&from=obw&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1422550344&from=obw&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N&q={searchTerms}
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1422550344&from=obw&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N&q={searchTerms}
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = 
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1003 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1003 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656074084-342888944-3947257893-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=
BHO: No Name -> {11111111-1111-1111-1111-110311281150} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {11111111-1111-1111-1111-110311281150} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\q375034u.default-1422551480209
FF NewTab: hxxp://www.google.com
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-05]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\mezahl5h.default-1422375678338\extensions\fftoolbar2014@etech.com

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-22] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-22] (Avast Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-09-16] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-09-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-09-16] (BlueStack Systems, Inc.)
R2 dhtDXma; C:\ProgramData\NtiAgOWstf\dhtDXma.exe [2726256 2014-11-13] (Time Lapse Solutions)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-22] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Update PlumoWeb; "C:\Program Files (x86)\PlumoWeb\updatePlumoWeb.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-22] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-09-16] (BlueStack Systems)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-19] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-22] (Avast Software)
S3 AppObserver; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-29 18:34 - 2015-01-29 18:34 - 02130432 _____ (Farbar) C:\Users\Marian Curdt\Downloads\FRST64.exe
2015-01-29 18:26 - 2015-01-29 18:26 - 01121792 _____ (Farbar) C:\Users\Marian Curdt\Downloads\FRST.exe
2015-01-29 18:14 - 2015-01-29 18:14 - 00000000 ____D () C:\Windows\system32\log
2015-01-29 18:12 - 2015-01-29 18:12 - 01978096 _____ (Elex do Brasil Participações Ltda) C:\Users\Marian Curdt\Downloads\yet_another_cleaner_bbs.exe
2015-01-29 17:50 - 2015-01-29 17:52 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Opera Software
2015-01-29 17:50 - 2015-01-29 17:50 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\Opera Software
2015-01-29 17:49 - 2015-01-29 17:52 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-29 17:49 - 2015-01-29 17:51 - 00000000 ____D () C:\Program Files (x86)\Boost
2015-01-29 17:47 - 2015-01-29 17:48 - 00598464 _____ () C:\Users\Marian Curdt\Downloads\Installation.exe
2015-01-29 17:07 - 2015-01-29 17:47 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware
2015-01-29 17:06 - 2015-01-29 17:06 - 06611376 _____ (Security Stronghold ) C:\Users\Marian Curdt\Downloads\StrongholdAntiMalware_Avangate.exe
2015-01-29 17:06 - 2015-01-29 17:06 - 00000197 _____ () C:\Windows\system32\2015-01-29-16-06-04.084-AvastVBoxSVC.exe-1868.log
2015-01-29 17:03 - 2015-01-29 18:28 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\ZombieNews
2015-01-29 17:01 - 2015-01-29 17:01 - 00000310 _____ () C:\Windows\PFRO.log
2015-01-29 14:59 - 2015-01-29 14:59 - 00000197 _____ () C:\Windows\system32\2015-01-29-13-59-51.018-AvastVBoxSVC.exe-3416.log
2015-01-28 21:40 - 2015-01-29 16:58 - 00074027 _____ () C:\Users\Marian Curdt\Desktop\drums mit pad.flp
2015-01-28 16:24 - 2015-01-28 16:24 - 00000197 _____ () C:\Windows\system32\2015-01-28-15-24-37.041-AvastVBoxSVC.exe-4784.log
2015-01-28 16:16 - 2015-01-28 16:16 - 00000197 _____ () C:\Windows\system32\2015-01-28-15-16-45.000-AvastVBoxSVC.exe-1676.log
2015-01-28 16:12 - 2015-01-28 16:12 - 04958600 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-27 17:37 - 2015-01-27 17:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 17:12 - 2015-01-29 17:01 - 00000504 _____ () C:\Windows\setupact.log
2015-01-27 17:12 - 2015-01-27 17:12 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-27 13:58 - 2015-01-27 13:58 - 00065256 _____ () C:\Users\Marian Curdt\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-27 13:58 - 2015-01-27 13:58 - 00000000 _____ () C:\autoexec.bat
2015-01-27 13:55 - 2015-01-27 13:55 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Marian Curdt\Downloads\SpyHunter-Installer.exe
2015-01-27 13:47 - 2015-01-27 13:47 - 00000197 _____ () C:\Windows\system32\2015-01-27-12-47-52.071-AvastVBoxSVC.exe-3512.log
2015-01-27 13:39 - 2015-01-27 13:40 - 02194432 _____ () C:\Users\Marian Curdt\Downloads\AdwCleaner09.exe
2015-01-27 13:33 - 2015-01-27 13:33 - 00000197 _____ () C:\Windows\system32\2015-01-27-12-33-12.046-AvastVBoxSVC.exe-1980.log
2015-01-25 15:03 - 2015-01-25 15:03 - 00000197 _____ () C:\Windows\system32\2015-01-25-14-03-04.090-AvastVBoxSVC.exe-4128.log
2015-01-23 13:41 - 2015-01-23 13:41 - 00000247 _____ () C:\Windows\system32\2015-01-23-12-41-19.016-aswFe.exe-3420.log
2015-01-23 13:33 - 2015-01-23 13:41 - 00000247 _____ () C:\Windows\system32\2015-01-23-12-33-34.009-aswFe.exe-2892.log
2015-01-23 13:33 - 2015-01-23 13:33 - 00000197 _____ () C:\Windows\system32\2015-01-23-12-33-26.092-AvastVBoxSVC.exe-848.log
2015-01-23 13:24 - 2015-01-23 13:24 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-23 13:24 - 2015-01-23 13:24 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-22 16:29 - 2015-01-22 16:29 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-22 16:29 - 2015-01-22 16:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-22 16:29 - 2015-01-22 16:29 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-22 12:49 - 2015-01-29 17:02 - 00001368 _____ () C:\Windows\Tasks\TXFAZSA.job
2015-01-22 12:49 - 2015-01-22 12:49 - 01535976 _____ (ObjectB) C:\Users\Marian Curdt\AppData\Roaming\TXFAZSA.exe
2015-01-22 12:49 - 2015-01-22 12:49 - 00004418 _____ () C:\Windows\System32\Tasks\TXFAZSA
2015-01-22 12:48 - 2015-01-29 17:02 - 00001364 _____ () C:\Windows\Tasks\WJCWK.job
2015-01-22 12:48 - 2015-01-22 12:48 - 02020328 _____ (ObjectB) C:\Users\Marian Curdt\AppData\Roaming\WJCWK.exe
2015-01-22 12:48 - 2015-01-22 12:48 - 00004414 _____ () C:\Windows\System32\Tasks\WJCWK
2015-01-20 17:00 - 2015-01-20 17:00 - 00056343 _____ () C:\Users\Marian Curdt\Desktop\untitled.flp
2015-01-20 15:02 - 2015-01-20 15:02 - 00002040 _____ () C:\Users\Marian Curdt\Desktop\FL Studio 11.lnk
2015-01-20 15:02 - 2015-01-20 15:02 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2015-01-19 20:34 - 2015-01-19 20:34 - 00000000 ____D () C:\Users\Marian Curdt\Desktop\VSTs
2015-01-19 20:05 - 2015-01-20 13:49 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-01-19 20:03 - 2015-01-19 20:03 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Booster Web
2015-01-19 19:56 - 2015-01-19 20:00 - 00479824 _____ () C:\Users\Marian Curdt\Downloads\5StarLoops Sound Library__5160_i1452296211_il18653.exe
2015-01-19 19:40 - 2015-01-19 19:49 - 00479824 _____ () C:\Users\Marian Curdt\Downloads\5StarLoops Sound Library__5160_i1452283510_il18653.exe
2015-01-17 16:52 - 2015-01-21 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hypersonic 2
2015-01-17 16:52 - 2008-06-30 00:42 - 00368640 _____ (Propellerhead Software AB) C:\Windows\SysWOW64\ReWire.dll
2015-01-17 16:51 - 2015-01-17 16:51 - 00272409 _____ () C:\Windows\SysWOW64\TmpA15214824
2015-01-17 16:24 - 2015-01-19 20:05 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\DAEMON Tools Lite
2015-01-17 16:23 - 2015-01-17 16:25 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-17 16:23 - 2015-01-17 16:23 - 13429504 _____ (Disc Soft Ltd) C:\Users\Marian Curdt\Downloads\DTLite4491-0356.exe
2015-01-17 16:20 - 2015-01-17 16:20 - 00272409 _____ () C:\Windows\SysWOW64\TmpA13334466
2015-01-17 16:15 - 2015-01-17 16:15 - 00272409 _____ () C:\Windows\SysWOW64\TmpA13061682
2015-01-17 16:09 - 2015-01-17 16:09 - 00272409 _____ () C:\Windows\SysWOW64\TmpA12673677
2015-01-17 16:06 - 2015-01-17 16:06 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Steinberg
2015-01-17 16:02 - 2015-01-17 16:02 - 00003170 _____ () C:\Windows\System32\Tasks\{4E41F9C3-D503-49D8-B689-7949F60414AE}
2015-01-17 15:52 - 2010-06-06 23:37 - 02785792 _____ (AiR) C:\Windows\SysWOW64\GuaD.dll
2015-01-17 15:51 - 2010-04-08 21:47 - 02442752 _____ (AD and Gouda © 1999-2010) C:\Windows\SysWOW64\SYNSOEMU.DLL
2015-01-14 18:13 - 2015-01-14 18:13 - 00468724 _____ () C:\Users\Marian Curdt\Downloads\UCBrowser_V9.5.0.449_JAVA_pf69_(en-us)_release_(Build14070211).jar
2015-01-14 18:13 - 2015-01-14 18:13 - 00468724 _____ () C:\Users\Marian Curdt\Downloads\UCBrowser_V9.5.0.449_JAVA_pf69_(en-us)_release_(Build14070211)(1).jar
2015-01-14 16:27 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:27 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:27 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:27 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 16:27 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 16:27 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 16:27 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 16:27 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 16:27 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 16:27 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:27 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 16:27 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 16:27 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-01 18:18 - 2015-01-01 18:20 - 07266796 _____ () C:\Users\Marian Curdt\Downloads\FreeDrumKits.net - 1115_Korg_IS50_Marimboyd.sf2

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-29 18:34 - 2013-12-15 22:04 - 00021256 _____ () C:\Users\Marian Curdt\Downloads\FRST.txt
2015-01-29 18:34 - 2013-11-23 12:50 - 00000000 ____D () C:\FRST
2015-01-29 17:56 - 2013-12-06 17:17 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-29 17:56 - 2013-12-06 17:17 - 00001147 _____ () C:\Users\Marian Curdt\Desktop\Mozilla Firefox.lnk
2015-01-29 17:56 - 2013-12-06 16:37 - 00001421 _____ () C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-29 17:52 - 2013-12-10 16:37 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\CrashDumps
2015-01-29 17:36 - 2013-12-06 17:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-29 17:17 - 2014-01-05 11:55 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Spotify
2015-01-29 17:11 - 2009-07-14 05:45 - 00028704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-29 17:11 - 2009-07-14 05:45 - 00028704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-29 17:03 - 2013-12-21 19:33 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\LogMeIn Hamachi
2015-01-29 17:02 - 2014-08-24 15:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-29 17:02 - 2014-08-24 12:22 - 00000000 ____D () C:\Users\Public\Documents\phase6_19_Daten
2015-01-29 17:01 - 2013-12-06 18:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-29 17:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-29 17:00 - 2014-04-14 18:26 - 00000000 ____D () C:\AdwCleaner
2015-01-29 17:00 - 2013-12-06 16:24 - 01878770 _____ () C:\Windows\WindowsUpdate.log
2015-01-29 15:08 - 2013-12-06 17:34 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\Adobe
2015-01-27 14:05 - 2014-01-05 12:00 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\Spotify
2015-01-27 13:58 - 2013-12-06 16:36 - 00000000 ____D () C:\Users\Marian Curdt
2015-01-27 13:57 - 2013-12-06 17:09 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-27 13:56 - 2013-12-06 17:09 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\Google
2015-01-27 13:52 - 2014-06-18 19:04 - 02353664 ___SH () C:\Users\Marian Curdt\Desktop\Thumbs.db
2015-01-27 13:50 - 2013-12-07 13:04 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\TS3Client
2015-01-27 13:32 - 2014-02-05 16:08 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-25 15:36 - 2013-12-06 17:34 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 15:36 - 2013-12-06 17:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 15:36 - 2013-12-06 17:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 14:11 - 2014-04-30 20:21 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Mp3tag
2015-01-22 16:29 - 2014-08-15 08:45 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-22 16:29 - 2014-02-05 16:07 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-22 16:29 - 2014-02-05 16:07 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-22 16:29 - 2014-02-05 16:07 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-22 16:29 - 2014-02-05 16:07 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-22 16:29 - 2014-02-05 16:07 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-22 16:29 - 2014-02-05 16:07 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-01-22 16:29 - 2014-02-05 16:07 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-21 16:46 - 2014-12-23 14:57 - 00003282 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1656074084-342888944-3947257893-1000
2015-01-21 16:21 - 2014-03-03 14:49 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-01-20 15:04 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-20 14:58 - 2014-09-18 17:42 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-01-20 14:04 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini
2015-01-19 20:05 - 2014-06-30 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cube World
2015-01-19 20:05 - 2014-05-08 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2015-01-19 20:05 - 2013-12-06 18:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-19 20:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-19 19:46 - 2014-07-31 10:24 - 00012800 ___SH () C:\Users\Marian Curdt\Documents\Thumbs.db
2015-01-18 20:03 - 2013-12-10 17:58 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\Battle.net
2015-01-17 16:52 - 2014-11-17 19:19 - 00000000 ____D () C:\Program Files (x86)\steinberg
2015-01-17 16:27 - 2010-11-21 07:50 - 00700130 _____ () C:\Windows\system32\perfh007.dat
2015-01-17 16:27 - 2010-11-21 07:50 - 00149768 _____ () C:\Windows\system32\perfc007.dat
2015-01-17 16:27 - 2009-07-14 06:13 - 01622706 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-14 20:56 - 2013-12-06 18:52 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 20:51 - 2013-12-06 18:52 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-11 15:28 - 2013-12-06 18:56 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\.minecraft
2015-01-08 22:14 - 2013-12-25 13:08 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Audacity
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 20:17 - 2014-06-16 12:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-05 20:17 - 2014-06-16 12:58 - 00000000 ____D () C:\Program Files (x86)\iTunes

==================== Files in the root of some directories =======

2013-12-18 21:45 - 2014-07-25 11:32 - 0000132 _____ () C:\Users\Marian Curdt\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Marian Curdt\AppData\Roaming\TXFAZSA
2015-01-22 12:49 - 2015-01-22 12:49 - 1535976 _____ (ObjectB) C:\Users\Marian Curdt\AppData\Roaming\TXFAZSA.exe
2014-11-19 14:50 - 2014-11-22 12:50 - 0000130 _____ () C:\Users\Marian Curdt\AppData\Roaming\WB.CFG
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Marian Curdt\AppData\Roaming\WJCWK
2015-01-22 12:48 - 2015-01-22 12:48 - 2020328 _____ (ObjectB) C:\Users\Marian Curdt\AppData\Roaming\WJCWK.exe
2014-01-09 14:20 - 2014-01-09 14:20 - 0001456 _____ () C:\Users\Marian Curdt\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-10 15:18 - 2013-12-23 16:28 - 0004608 _____ () C:\Users\Marian Curdt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-22 12:50 - 2014-11-22 12:50 - 0000001 _____ () C:\Users\Marian Curdt\AppData\Local\DSI.DAT
2014-11-22 12:50 - 2014-11-22 12:50 - 0022528 _____ () C:\Users\Marian Curdt\AppData\Local\dsisetup12357302.exe
2014-04-29 18:09 - 2014-04-29 18:09 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Marian Curdt\AppData\Local\Temp\bcjcabfccbeg.exe
C:\Users\Marian Curdt\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Marian Curdt\AppData\Local\Temp\Quarantine.exe
C:\Users\Marian Curdt\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-27 16:07

==================== End Of Log ============================

n11.adshostne, Zombie News und andere Werbung

Plagegeister aller Art und deren Bekämpfung: n11.adshostne, Zombie News und andere Werbung

n11.adshostne, Zombie News und andere Werbung

Ähnliche Themen: n11.adshostne, Zombie News und andere Werbung