Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Adware, allerdings nur auf einer Seite. (meines Wissens.)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.02.2015, 21:46   #1
Fluury
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



Tagchen,

Ich besuche tägliche die Website "www.imgur.com" auf meinem Firefox Browser- und mir ist etwas eher schon schlimm auschauliches aufgefallen.



Das war definitiv davor nicht da. Ich habe kein Programm in letzter Zeit installiert. Das einzige, was ich getan habe war, alte Windows-Datein auf eine externe Festplatte zu übertragen. Ob es wohl daran lag bezweifle ich, aber man kann es ja erwähnen.

Jedenfalls, nachdem ich das gesehen habe, schaute ich mich mal um. Diese Meldung erscheint nur auf Imgur, sonst nirgends (jedenfalls meines Wissens.) Youtube, Steam, reddit, 4chan etc. alle sind frei und haben keinerlei solcher Meldungen.

Deswegen ließ ich schnell mein Antivirus laufen, nichts gefunden. Malwarebytes? Nichts gefunden. Adware cleaner? Nope. Keiner der Programme findest irgendetwas. Ich habe sogar Firefox restoriert und es ist immernoch da. Es wird nicht auf Safari/Chrome angezeigt.

Weder war "AdChoices" bei den Programmen dabei.

Hilfe?

Alt 05.02.2015, 22:54   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



Hi,

Zitat:
Ich habe sogar Firefox restoriert und es ist immernoch da.
Was genau verstehst du unter "restoriert"?
Eine neue Installation des Firefox-Browsers bringt idR bei solchen Problemen garnix, weil sich die Werbezecken im Browserprofil verewigen, da wird durch das Firefoxsetup nicht verändert.

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 06.02.2015, 15:51   #3
Fluury
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015
Ran by Dr.Kawaii Fluury (administrator) on COMPUTER-PC on 06-02-2015 15:46:41
Running from C:\Users\Dr.Kawaii Fluury\Desktop
Loaded Profiles: Dr.Kawaii Fluury (Available profiles: computer & Dr.Kawaii Fluury)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Windows\System32\atwtusb.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Windows\System32\atwtusb.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() C:\Windows\System32\AtwtusbIcon.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files\puush\puush.exe
(Akamai Technologies, Inc.) C:\Users\Dr.Kawaii Fluury\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Dr.Kawaii Fluury\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM\...\Run: [AtwtusbIcon] => C:\Windows\system32\AtwtusbIcon.exe [2963456 2012-09-10] ()
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2874048 2015-02-06] (Valve Corporation)
HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\Run: [puush] => C:\Program Files\puush\puush.exe [567880 2014-07-25] ()
HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\Run: [Akamai NetSession Interface] => C:\Users\Dr.Kawaii Fluury\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\MountPoints2: {19918c29-09a0-11e3-8fb3-001fd0287db9} - E:\Startme.exe
Startup: C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2811185551-369326641-1495617965-1003 -> {63A15237-F99C-44D3-99EF-7B6550E5C57D} URL = hxxp://www.mysearchresults.com/search?c=2355&t=01&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files\Clover\TabHelper32.dll (EJIE Technology)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Mozilla\Firefox\Profiles\fzxt57os.default-1423167299117
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: AdBlock for Firefox - C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Mozilla\Firefox\Profiles\fzxt57os.default-1423167299117\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2015-02-05]
FF Extension: Personas Plus - C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Mozilla\Firefox\Profiles\fzxt57os.default-1423167299117\Extensions\personas@christopher.beard.xpi [2015-02-05]
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2015-01-27]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-01-27]

Chrome: 
=======
CHR Profile: C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-30]
CHR Extension: (Google Docs) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-29]
CHR Extension: (Google Drive) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-30]
CHR Extension: (YouTube) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-29]
CHR Extension: (Google-Suche) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-29]
CHR Extension: (Google Tabellen) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-30]
CHR Extension: (Avira Browser Safety) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-30]
CHR Extension: (AdBlock) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-30]
CHR Extension: (Google Wallet) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-29]
CHR Extension: (Google Mail) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-29]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-08] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [182304 2015-01-17] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915784 2015-01-16] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1845096 2015-01-20] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2013-10-25] (Hi-Rez Studios) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-28] (IObit)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-01-14] (LogMeIn, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [3101376 2014-12-15] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775816 2015-01-16] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WTService; C:\Windows\system32\atwtusb.exe [535552 2012-10-19] () [File not signed]
S2 MainLSyncHost; c:\windows\system32\mpk\lsynchost.exe /startedbyscm:E4233B4F-40E3FE91-MPKService [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-04-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 cpuz137; C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [26856 2014-02-17] (CPUID)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2013-05-01] (Eugene V. Muzychenko)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HPFXBULK; C:\Windows\System32\drivers\hpfxbulk.sys [17432 2007-07-16] (Hewlett Packard)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) [File not signed]
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18760 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2011-06-15] (Realtek                                            )
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam60.sys [50280 2011-06-15] (Realtek Corporation)
S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan620.sys [27752 2011-09-16] (Realtek Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 TEAM; C:\Windows\System32\DRIVERS\RtTeam60.sys [50280 2011-06-15] (Realtek Corporation)
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [6144 2009-08-20] (Windows (R) Win 7 DDK provider)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]
S3 XDva403; \??\C:\Windows\system32\XDva403.sys [X]
S3 XDva406; \??\C:\Windows\system32\XDva406.sys [X]
S3 XDva409; \??\C:\Windows\system32\XDva409.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 15:46 - 2015-02-06 15:47 - 00019212 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\FRST.txt
2015-02-06 06:30 - 2015-02-06 15:46 - 00000000 ____D () C:\FRST
2015-02-06 06:30 - 2015-02-06 06:30 - 01123328 _____ (Farbar) C:\Users\Dr.Kawaii Fluury\Desktop\FRST.exe
2015-02-05 22:16 - 2015-02-05 22:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dr.Kawaii Fluury\Downloads\revosetup.exe
2015-02-05 22:16 - 2015-02-05 22:16 - 00001222 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\Revo Uninstaller.lnk
2015-02-05 06:19 - 2015-02-05 06:19 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Local\Steam
2015-02-02 12:10 - 2015-02-02 12:11 - 06175244 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\dem bugs.mp4
2015-02-02 11:56 - 2015-02-02 11:58 - 544818824 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\nuclearthrone 2015-02-02 11-56-17-81.avi
2015-02-02 11:00 - 2015-02-02 11:00 - 01185351 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\7CZby9V.webm
2015-01-31 18:45 - 2015-01-31 18:45 - 00021721 _____ () C:\Users\Dr.Kawaii Fluury\AppData\Local\recently-used.xbel
2015-01-30 18:09 - 2015-01-30 18:09 - 123779265 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\th145东方深秘录体验版[已打1.01补丁](C87).rar
2015-01-30 16:27 - 2015-02-05 21:05 - 00457936 _____ () C:\Windows\PFRO.log
2015-01-29 14:53 - 2015-01-29 15:15 - 99500292 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\Gun Locker.wav
2015-01-29 14:53 - 2015-01-29 15:09 - 67737692 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\mus107 looped.wav
2015-01-29 14:22 - 2015-01-29 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-29 14:22 - 2015-01-29 14:22 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2015-01-28 06:24 - 2015-02-06 15:05 - 00626570 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 06:19 - 2015-02-06 13:26 - 00003080 _____ () C:\Windows\setupact.log
2015-01-28 06:19 - 2015-01-28 06:19 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-27 17:50 - 2015-01-27 17:50 - 00000000 ____D () C:\Users\computer\Desktop\Paul
2015-01-27 17:42 - 2015-01-27 17:42 - 00000000 ____D () C:\Users\computer\AppData\Local\Clover
2015-01-27 14:59 - 2015-01-09 23:25 - 00621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
2015-01-27 14:56 - 2015-01-13 05:15 - 00161424 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2015-01-27 14:56 - 2015-01-13 05:15 - 00027280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 24765584 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 20465296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 10774728 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 10714304 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 08465224 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-27 14:56 - 2015-01-10 03:43 - 03245712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 01047880 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234725.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00929424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00911504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234725.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00906568 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00877304 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00399504 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00345744 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00305320 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00164752 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
2015-01-27 14:50 - 2014-11-22 11:46 - 00032912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2015-01-27 14:40 - 2015-01-27 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-01-27 14:40 - 2011-09-16 08:12 - 00027752 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys
2015-01-27 14:40 - 2011-06-15 14:11 - 00050280 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys
2015-01-27 14:40 - 2011-06-15 14:11 - 00027648 _____ (Realtek ) C:\Windows\system32\Drivers\RtNdPt60.sys
2015-01-27 14:39 - 2015-01-27 14:39 - 00000000 ____D () C:\Program Files\Intel
2015-01-27 14:39 - 2010-03-02 09:04 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2015-01-27 14:38 - 2015-01-27 14:40 - 00000000 ____D () C:\Program Files\Realtek
2015-01-27 14:38 - 2011-09-29 10:30 - 00490088 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2015-01-27 14:38 - 2011-09-29 10:30 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2015-01-27 14:38 - 2011-09-29 10:30 - 00080416 _____ () C:\Windows\system32\RtNicProp32.dll
2015-01-27 07:37 - 2015-01-27 07:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-26 20:00 - 2015-01-26 20:00 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Documents\TacticalIntervention
2015-01-19 16:48 - 2015-01-21 21:20 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2015-01-17 22:30 - 2015-01-17 22:30 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\.mono
2015-01-17 22:30 - 2015-01-17 22:28 - 00182304 _____ (EasyAntiCheat Ltd) C:\Windows\system32\EasyAntiCheat.exe
2015-01-17 21:26 - 2014-12-15 08:20 - 03101376 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\GameMon.des
2015-01-14 06:37 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 06:37 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 06:37 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 06:37 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 06:37 - 2014-12-11 18:47 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 06:37 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 13:34 - 2013-02-27 10:15 - 00000000 ____D () C:\Program Files\Steam
2015-02-06 13:34 - 2013-02-27 10:15 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-02-06 13:34 - 2009-07-14 05:34 - 00019568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-06 13:34 - 2009-07-14 05:34 - 00019568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-06 13:33 - 2013-04-01 18:45 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Local\LogMeIn Hamachi
2015-02-06 13:27 - 2009-07-14 03:04 - 00000418 _____ () C:\Windows\win.ini
2015-02-06 13:26 - 2013-12-07 19:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-05 22:26 - 2013-05-29 21:29 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\IrfanView
2015-02-05 22:16 - 2014-12-19 23:44 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-02-05 21:23 - 2013-02-26 18:06 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Programme
2015-02-05 21:03 - 2014-04-21 18:01 - 00000000 ____D () C:\AdwCleaner
2015-02-05 20:51 - 2013-02-26 18:05 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury
2015-02-05 20:13 - 2014-08-16 16:23 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-05 07:20 - 2013-02-25 18:50 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-05 07:17 - 2013-07-07 14:42 - 00000000 ____D () C:\Users\computer\AppData\Local\LogMeIn Hamachi
2015-02-03 13:31 - 2014-11-18 13:39 - 00002193 _____ () C:\Users\computer\Desktop\Google Chrome.lnk
2015-02-03 06:18 - 2014-03-28 19:15 - 00000000 ____D () C:\ProgramData\ProductData
2015-02-02 14:22 - 2013-05-30 15:34 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\vlc
2015-02-01 10:52 - 2014-05-14 18:49 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Local\nuclearthrone
2015-01-31 19:25 - 2013-04-30 18:33 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\.gimp-2.8
2015-01-31 18:37 - 2013-03-10 07:10 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Sonstiges
2015-01-30 11:33 - 2013-04-01 14:04 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Audacity
2015-01-28 23:10 - 2013-02-26 21:16 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Skype
2015-01-27 21:00 - 2013-02-25 18:27 - 00000000 ____D () C:\M
2015-01-27 15:45 - 2014-08-06 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2015-01-27 15:26 - 2013-05-07 16:16 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Musik
2015-01-27 15:23 - 2013-09-08 19:58 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Wubwub
2015-01-27 15:03 - 2014-01-04 22:40 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Reactions
2015-01-27 15:03 - 2012-05-11 13:30 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Bilder
2015-01-27 15:00 - 2013-12-07 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-27 14:40 - 2013-09-05 15:55 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-27 14:28 - 2013-07-02 15:02 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-27 07:22 - 2014-02-12 07:11 - 00000000 ____D () C:\Users\computer\AppData\Local\NVIDIA
2015-01-27 07:21 - 2014-02-12 07:41 - 00000000 ____D () C:\Users\computer\AppData\Local\NVIDIA Corporation
2015-01-25 09:49 - 2013-02-27 08:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 09:49 - 2013-02-27 08:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-25 09:49 - 2013-02-27 08:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-24 09:38 - 2014-09-20 09:06 - 00000000 ___RD () C:\Program Files\Skype
2015-01-24 09:38 - 2013-02-26 21:02 - 00000000 ____D () C:\ProgramData\Skype
2015-01-21 21:16 - 2013-11-09 19:59 - 00000000 ____D () C:\AeriaGames
2015-01-16 07:41 - 2014-06-02 20:04 - 01316184 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll
2015-01-16 07:41 - 2013-12-07 19:50 - 01278920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2015-01-14 20:39 - 2013-05-01 11:55 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\foobar2000
2015-01-14 11:32 - 2013-04-01 18:45 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-01-14 07:24 - 2013-07-14 22:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 07:19 - 2013-02-28 17:43 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 05:15 - 2014-01-08 17:43 - 00908608 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2015-01-10 03:43 - 2013-12-07 19:35 - 00060560 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-10 03:43 - 2013-12-07 19:34 - 16009120 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2015-01-10 03:43 - 2013-12-07 19:34 - 14116136 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2015-01-10 03:43 - 2013-12-07 19:33 - 02902272 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2015-01-10 03:43 - 2013-02-25 23:22 - 00022594 _____ () C:\Windows\system32\nvinfo.pb
2015-01-09 23:58 - 2013-12-07 19:30 - 04404040 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-09 23:58 - 2013-12-07 19:30 - 03057808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2015-01-09 23:58 - 2013-12-07 19:30 - 02554184 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-09 23:58 - 2013-12-07 19:30 - 00670352 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-09 23:58 - 2013-12-07 19:30 - 00374928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-09 23:58 - 2013-12-07 19:30 - 00061584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-09 18:46 - 2013-12-07 19:30 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2014-09-01 20:18 - 2014-12-01 22:12 - 0000139 _____ () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\licecap.ini
2014-06-19 10:12 - 2014-06-19 10:12 - 0000024 _____ () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\temp.ini
2015-01-31 18:45 - 2015-01-31 18:45 - 0021721 _____ () C:\Users\Dr.Kawaii Fluury\AppData\Local\recently-used.xbel
2013-08-30 16:35 - 2013-07-01 16:36 - 0000032 ____R () C:\ProgramData\hash.dat

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Windows\Tasks\{169360A7-9E4F-4B10-9796-2739573A11EE}.job


Some content of TEMP:
====================
C:\Users\computer\AppData\Local\Temp\AskSLib.dll
C:\Users\computer\AppData\Local\Temp\avgnt.exe
C:\Users\computer\AppData\Local\Temp\uninst1.exe
C:\Users\Dr.Kawaii Fluury\AppData\Local\Temp\avgnt.exe
C:\Users\Dr.Kawaii Fluury\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Dr.Kawaii Fluury\AppData\Local\Temp\Quarantine.exe
C:\Users\Dr.Kawaii Fluury\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-09-02 14:53

==================== End Of Log ============================
         
--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2015
Ran by Dr.Kawaii Fluury at 2015-02-06 15:48:12
Running from C:\Users\Dr.Kawaii Fluury\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
100% Orange Juice (HKLM\...\Steam App 282800) (Version:  - Orange_Juice)
32 Bit HP CIO Components Installer (Version: 4.1.1 - Hewlett-Packard) Hidden
AbiWord 2.9.4 (HKLM\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Ace of Spades (HKLM\...\Steam App 224540) (Version:  - )
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Artweaver 1.0 (HKLM\...\{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1) (Version: 1.0 - Boris Eyrich Software)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version:  - The Behemoth)
Besiege (HKLM\...\Steam App 346010) (Version:  - Spiderling Studios)
BleachBit (HKLM\...\BleachBit) (Version: 1.6 - BleachBit)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Championsheep Rally (HKLM\...\Championsheep Rally) (Version:  - Frogster Interactive Pictures)
Clover 3.0 (HKLM\...\Clover) (Version: 3.0 - EJIE Technology)
Codename Gordon (HKLM\...\Steam App 92) (Version:  - Nuclear Vision)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Crypt of the NecroDancer (HKLM\...\Steam App 247080) (Version:  - Brace Yourself Games)
Cube World version 0.0.1 (HKLM\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS™ II (HKLM\...\Steam App 236430) (Version:  - FromSoftware, Inc)
Don't Starve (HKLM\...\Steam App 219740) (Version:  - )
Don't Starve Together Beta (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)
Dungeon of the Endless (HKLM\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
Elsword (HKLM\...\Steam App 237310) (Version:  - KOG)
Eryi's Action (HKLM\...\Steam App 261700) (Version:  - Xtal Sword)
ffdshow v1.2.4422 [2012-04-09] (HKLM\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Fist of Jesus (HKLM\...\Steam App 321110) (Version:  - Mutant Games)
foobar2000 v1.2 (HKLM\...\foobar2000) (Version: 1.2 - Peter Pawlowski)
FormatFactory 3.0.1 (HKLM\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Free Image Convert and Resize version 2.1.23.430 (HKLM\...\Free Image Convert and Resize_is1) (Version: 2.1.23.430 - DVDVideoSoft Ltd.)
Free Video Dub version 2.0.17.320 (HKLM\...\Free Video Dub_is1) (Version: 2.0.17.320 - DVDVideoSoft Ltd.)
Free Video to Flash Converter version 5.0.32.1230 (HKLM\...\Free Video to Flash Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Fusion's Chao Editor (HKLM\...\{BAAA4018-E873-49E4-B971-AA4E84D7A4CB}) (Version: 2.0 - Fusion)
Game Dev Tycoon (HKLM\...\Steam App 239820) (Version:  - Greenheart Games)
GameMaker: Studio (HKLM\...\Steam App 214850) (Version:  - YoYo Games Ltd.)
GameRanger (HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\GameRanger) (Version:  - GameRanger Technologies)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Team Garry)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GIF Viewer 3.0 (HKLM\...\GIF Viewer) (Version: 3.0 - Stefan Wobbe)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Goat Simulator (HKLM\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint (HKLM\...\Steam App 206190) (Version:  - Suspicious Developments)
Half-Life Dedicated Server Update Tool (HKLM\...\Half-Life Dedicated Server Update Tool) (Version:  - )
HandBrake 0.9.8 (HKLM\...\HandBrake) (Version: 0.9.8 - )
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.2.9.10 - IObit)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Karos (HKLM\...\Steam App 337410) (Version:  - Galaxy Gate)
Kill Fun Yeah (HKLM\...\Steam App 301360) (Version:  - Arctic Anteater)
Killing Floor (HKLM\...\Steam App 1250) (Version:  - Tripwire Interactive)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Legend of Dungeon (HKLM\...\Steam App 238280) (Version:  - )
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
Lost Saga EU (HKLM\...\LostSagaEU) (Version:  - IO Entertainment Co., Ltd.)
Magic 2015 (HKLM\...\Steam App 255420) (Version:  - Stainless Games)
Magicite (HKLM\...\Steam App 268750) (Version:  - SmashGames)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McDROID (HKLM\...\Steam App 252970) (Version:  - Elefantopia)
MediaCoder 0.8.33.5680 (HKLM\...\MediaCoder) (Version: 0.8.33.5680 - Mediatronic)
Metal Slug 3 (HKLM\...\Steam App 250180) (Version:  - DotEmu)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Momodora III (HKLM\...\Steam App 302790) (Version:  - rdein)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mumble 1.2.8 (HKLM\...\{1BC144A3-20EF-49DD-8EBB-E421E128E30F}) (Version: 1.2.8 - Thorvald Natvig)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
Nidhogg (HKLM\...\Steam App 94400) (Version:  - Messhof)
Nosgoth (HKLM\...\Steam App 200110) (Version:  - Psyonix)
Notepad++ (HKLM\...\Notepad++) (Version: 6.5 - Notepad++ Team)
Nuclear Throne (HKLM\...\Steam App 242680) (Version:  - Vlambeer)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Paint XP version 1.1 (HKLM\...\{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1) (Version: 1.1 - MSPAINTXP.COM)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF4819}) (Version: 4.0.3 - dotPDN LLC)
PC Wizard 2013.2.12 (HKLM\...\PC Wizard 2013_is1) (Version:  - CPUID)
Plague Inc: Evolved (HKLM\...\Steam App 246620) (Version:  - Ndemic Creations)
Portal 2 Publishing Tool (HKLM\...\Steam App 644) (Version:  - )
puush (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rayman 3 (HKLM\...\{15F52B39-04CB-4EDB-9A8C-496C4A5588E2}) (Version: 1.00.000 - )
rayman2 (HKLM\...\rayman2) (Version:  - )
Realm of the Mad God (HKLM\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risk of Rain (HKLM\...\Steam App 248820) (Version:  - )
Robocraft (HKLM\...\Steam App 301520) (Version:  - Freejam)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
School of Dragons: How to Train Your Dragon (HKLM\...\Steam App 332070) (Version:  - JumpStart Games, Inc.)
Scratch (HKLM\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Sir, You Are Being Hunted (HKLM\...\Steam App 242880) (Version:  - Big Robot Ltd)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Sonic Adventure DX (HKLM\...\Steam App 71250) (Version:  - SEGA)
Sonic Adventure™ 2  (HKLM\...\Steam App 213610) (Version:  - SEGA)
Source Filmmaker (HKLM\...\Steam App 1840) (Version:  - )
Source SDK (HKLM\...\Steam App 211) (Version:  - Valve)
Spelunky (HKLM\...\Steam App 239350) (Version:  - )
Spiral Knights (HKLM\...\Steam App 99900) (Version:  - Three Rings)
Spore (HKLM\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM\...\Steam App 17440) (Version:  - Maxis™)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Starbound (HKLM\...\Steam App 211820) (Version:  - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Trading Card Beta Access (HKLM\...\Steam App 202352) (Version:  - )
Super Amazing Wagon Adventure (HKLM\...\Steam App 250500) (Version:  - sparsevector)
Super Crate Box (HKLM\...\Steam App 212800) (Version:  - Vlambeer)
Super Time Force Ultra (HKLM\...\Steam App 250700) (Version:  - Capybara Games)
Tactical Intervention (HKLM\...\Steam App 51100) (Version:  - FIX Korea, Co.LTD)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version:  - )
TEXTools (HKLM\...\TEXTools) (Version:  - )
The Binding of Isaac (HKLM\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Long Dark (HKLM\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Stanley Parable (HKLM\...\Steam App 221910) (Version:  - Galactic Cafe)
Trust tablet driver (HKLM\...\RmTablet) (Version: 5.01 - )
Unturned (HKLM\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM\...\Uplay) (Version: 4.4 - Ubisoft)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM\...\Steam App 260230) (Version:  - Ubisoft Montpellier)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VTFEdit 1.2.5 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wakfu (HKLM\...\Steam App 215080) (Version:  - Ankama)
War of the Human Tanks (HKLM\...\Steam App 263400) (Version:  - Yakiniku Banzai)
WG Screensaver Creator 1.0 (HKLM\...\{E0BE7153-5B7D-4214-9F2A-50EF466C27F7}) (Version: 1.0.0 - Web Grafitti)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yet Another Zombie Defense (HKLM\...\Steam App 270550) (Version:  - Awesome Games Studio)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-02-2015 22:22:59 Revo Uninstaller's restore point - IrfanView (remove only)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-02-08 14:31 - 2014-11-11 14:45 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2846072A-E0DD-4860-8C0A-1ACAAC461398} - System32\Tasks\{2F2F6436-443C-4DB6-BE51-B0A05CD0E50D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.2.0.106/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {3D86D8B5-B2E7-4224-A57C-5EF91E971F0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe
Task: {5C7B9C8C-4306-40B2-AC0A-3B4F415015D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {80589642-0FE5-4660-AE43-1922C9C2F8FE} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe
Task: {8E80CBDE-57F1-4D6B-98FD-98D729DC56B4} - System32\Tasks\{ACE734F7-4BA5-42AA-A811-622FB7F5F719} => C:\Users\Dr.Kawaii Fluury\Desktop\Touhou\12.8 妖精大戦争\Touhou 12.8 aka Baka Wars.exe
Task: {A6FF3643-AE70-4C75-BADB-270DB796C7D9} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {AD458812-6927-499A-88C0-9DE4DAD71FD4} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe
Task: {BA7BE60D-EBDA-4CD4-9548-C8D12BFD4381} - System32\Tasks\{73690E4B-8398-4ECC-8671-78C0B5E288C1} => C:\Users\Dr.Kawaii Fluury\Desktop\Touhou\12.8 妖精大戦争\Touhou 12.8 aka Baka Wars.exe
Task: {D62E7E9D-9435-4A8A-96E6-AF110899D171} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
Task: {ECD8E911-2D8D-4638-A34C-B9A2769EE151} - System32\Tasks\SmartDefragUpdate => C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe
Task: {F99FDABE-39FA-4DE5-8AE3-CCC5A10D73C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff420bbf7836b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d000d6e515c56d.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\{169360A7-9E4F-4B10-9796-2739573A11EE}.job => c:\program files\mozilla firefox\firefox.exe

==================== Loaded Modules (whitelisted) ==============

2013-12-07 19:30 - 2015-01-09 23:58 - 00107848 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-06-09 21:01 - 2014-04-25 13:11 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-09 21:01 - 2014-04-25 13:11 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-09 21:01 - 2014-04-25 13:11 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-22 17:53 - 2012-10-19 10:05 - 00535552 _____ () C:\Windows\system32\atwtusb.exe
2014-06-09 21:01 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-09 21:01 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-09-22 17:53 - 2012-09-10 12:53 - 02963456 _____ () C:\Windows\System32\AtwtusbIcon.exe
2012-01-10 13:41 - 2014-07-25 13:47 - 00567880 _____ () C:\Program Files\puush\puush.exe
2014-08-28 23:36 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files\Steam\libavcodec-56.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files\Steam\libavformat-56.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2013-03-12 17:10 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files\Steam\SDL2.dll
2014-12-02 22:54 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files\Steam\v8.dll
2014-12-02 22:54 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files\Steam\icui18n.dll
2014-12-02 22:54 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files\Steam\icuuc.dll
2014-05-21 19:51 - 2015-02-06 02:17 - 02357952 _____ () C:\Program Files\Steam\video.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2013-02-25 07:39 - 2015-02-06 02:16 - 00701632 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2013-02-19 11:48 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files\Steam\bin\libcef.dll
2015-01-27 07:37 - 2015-01-27 07:37 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-08-14 19:13 - 2015-01-28 02:30 - 01709960 _____ () C:\Program Files\Steam\bin\ffmpegsumo.dll
2015-01-25 09:49 - 2015-01-25 09:49 - 16844976 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4F78E2F6

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2811185551-369326641-1495617965-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2811185551-369326641-1495617965-500 - Administrator - Disabled)
computer (S-1-5-21-2811185551-369326641-1495617965-1000 - Administrator - Enabled) => C:\Users\computer
Dr.Kawaii Fluury (S-1-5-21-2811185551-369326641-1495617965-1003 - Administrator - Enabled) => C:\Users\Dr.Kawaii Fluury
Gast (S-1-5-21-2811185551-369326641-1495617965-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/05/2015 10:22:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {71938a1f-9c2d-494e-9299-efd926c02ad1}

Error: (02/04/2015 07:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1010
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (02/04/2015 02:19:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x430
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (02/01/2015 09:38:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: starbound.exe, Version: 0.9.0.0, Zeitstempel: 0x5f34535f
Name des fehlerhaften Moduls: starbound.exe, Version: 0.9.0.0, Zeitstempel: 0x5f34535f
Ausnahmecode: 0x40000015
Fehleroffset: 0x00501689
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0xstarbound.exe0
Pfad der fehlerhaften Anwendung: starbound.exe1
Pfad des fehlerhaften Moduls: starbound.exe2
Berichtskennung: starbound.exe3

Error: (01/31/2015 06:42:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: TabHelper32.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52e0f866
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5f016682
ID des fehlerhaften Prozesses: 0x132c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (01/31/2015 02:27:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: starbound.exe, Version: 0.9.0.0, Zeitstempel: 0xc0300000
Name des fehlerhaften Moduls: starbound.exe, Version: 0.9.0.0, Zeitstempel: 0xc0300000
Ausnahmecode: 0x40000015
Fehleroffset: 0x00500049
ID des fehlerhaften Prozesses: 0x630
Startzeit der fehlerhaften Anwendung: 0xstarbound.exe0
Pfad der fehlerhaften Anwendung: starbound.exe1
Pfad des fehlerhaften Moduls: starbound.exe2
Berichtskennung: starbound.exe3

Error: (01/31/2015 02:26:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: starbound.exe, Version: 0.9.0.0, Zeitstempel: 0xc0300000
Name des fehlerhaften Moduls: starbound.exe, Version: 0.9.0.0, Zeitstempel: 0xc0300000
Ausnahmecode: 0x40000015
Fehleroffset: 0x007b543d
ID des fehlerhaften Prozesses: 0xfc4
Startzeit der fehlerhaften Anwendung: 0xstarbound.exe0
Pfad der fehlerhaften Anwendung: starbound.exe1
Pfad des fehlerhaften Moduls: starbound.exe2
Berichtskennung: starbound.exe3

Error: (01/31/2015 01:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1028
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (01/30/2015 06:25:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x568
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (01/27/2015 03:21:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (02/06/2015 01:34:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/06/2015 01:34:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (02/06/2015 01:28:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Virtueller Datenträger" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/06/2015 01:28:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Virtueller Datenträger erreicht.

Error: (02/06/2015 01:28:02 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053vds{7D1933CB-86F6-4A98-8628-01BE94C9A575}

Error: (02/06/2015 01:27:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: 
%%14

Error: (02/06/2015 01:27:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/06/2015 01:27:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (02/06/2015 01:26:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Local Synchronization Host" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/06/2015 07:16:33 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}


Microsoft Office Sessions:
=========================
Error: (02/05/2015 10:22:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {71938a1f-9c2d-494e-9299-efd926c02ad1}

Error: (02/04/2015 07:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425101001d0407d4a61e315C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll57f5d758-ac9a-11e4-889f-001fd0287db9

Error: (02/04/2015 02:19:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f224800000030000142543001d0407adc0f040bC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll73878c9e-ac70-11e4-889f-001fd0287db9

Error: (02/01/2015 09:38:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: starbound.exe0.9.0.05f34535fstarbound.exe0.9.0.05f34535f40000015005016891fb001d03e59bd10e62fC:\Program Files\Steam\steamapps\common\Starbound\win32\starbound.exeC:\Program Files\Steam\steamapps\common\Starbound\win32\starbound.exe559fa1b6-aa52-11e4-8add-001fd0287db9

Error: (01/31/2015 06:42:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d6727a7TabHelper32.dll_unloaded0.0.0.052e0f866c00000055f016682132c01d03d7d4e8d9216C:\Windows\explorer.exeTabHelper32.dll902fdfa7-a970-11e4-888f-001fd0287db9

Error: (01/31/2015 02:27:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: starbound.exe0.9.0.0c0300000starbound.exe0.9.0.0c0300000400000150050004963001d03d598a6e2218C:\Program Files\Steam\steamapps\common\Starbound\win32\starbound.exeC:\Program Files\Steam\steamapps\common\Starbound\win32\starbound.exed6b5338f-a94c-11e4-888f-001fd0287db9

Error: (01/31/2015 02:26:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: starbound.exe0.9.0.0c0300000starbound.exe0.9.0.0c030000040000015007b543dfc401d03d560873e7b3C:\Program Files\Steam\steamapps\common\Starbound\win32\starbound.exeC:\Program Files\Steam\steamapps\common\Starbound\win32\starbound.exec7992eac-a94c-11e4-888f-001fd0287db9

Error: (01/31/2015 01:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425102801d03d39e429210aC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll76fefe8a-a945-11e4-888f-001fd0287db9

Error: (01/30/2015 06:25:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f224800000030000142556801d03ca94649d6c8C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dllfedd96d6-a8a4-11e4-a3da-001fd0287db9

Error: (01/27/2015 03:21:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Users\Dr.Kawaii Fluury\Desktop\Programme\x64\VTFEdit.exe


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 65%
Total physical RAM: 2046.3 MB
Available physical RAM: 715.21 MB
Total Pagefile: 4092.61 MB
Available Pagefile: 1512.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.16 GB) (Free:100.32 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 38.3 GB) (Disk ID: 1D2B1D2A)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: E4E4E4E4)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 06.02.2015, 20:43   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.02.2015, 22:58   #5
Fluury
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.110 - Bericht erstellt 06/02/2015 um 22:35:53
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-05.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x86)
# Benutzername : Dr.Kawaii Fluury - COMPUTER-PC
# Gestarted von : C:\Users\Dr.Kawaii Fluury\Desktop\Programme\AdwCleaner_4.110.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 de)


-\\ Google Chrome v40.0.2214.111


*************************

AdwCleaner[R0].txt - [37625 Bytes] - [21/04/2014 19:02:16]
AdwCleaner[R10].txt - [2349 Bytes] - [05/02/2015 19:15:36]
AdwCleaner[R11].txt - [2499 Bytes] - [05/02/2015 21:01:12]
AdwCleaner[R12].txt - [2039 Bytes] - [06/02/2015 22:33:41]
AdwCleaner[R1].txt - [37931 Bytes] - [21/04/2014 19:04:06]
AdwCleaner[R2].txt - [1322 Bytes] - [09/06/2014 20:45:57]
AdwCleaner[R3].txt - [2046 Bytes] - [03/08/2014 17:29:40]
AdwCleaner[R4].txt - [1875 Bytes] - [28/08/2014 17:05:38]
AdwCleaner[R5].txt - [1696 Bytes] - [09/09/2014 15:41:14]
AdwCleaner[R6].txt - [1704 Bytes] - [21/09/2014 21:49:38]
AdwCleaner[R7].txt - [1764 Bytes] - [07/10/2014 17:10:59]
AdwCleaner[R8].txt - [2548 Bytes] - [15/10/2014 14:45:38]
AdwCleaner[R9].txt - [2168 Bytes] - [19/12/2014 23:10:39]
AdwCleaner[S0].txt - [37502 Bytes] - [21/04/2014 19:06:18]
AdwCleaner[S1].txt - [1385 Bytes] - [09/06/2014 20:48:09]
AdwCleaner[S2].txt - [2107 Bytes] - [03/08/2014 17:31:33]
AdwCleaner[S3].txt - [1936 Bytes] - [28/08/2014 17:08:04]
AdwCleaner[S4].txt - [1757 Bytes] - [09/09/2014 16:32:00]
AdwCleaner[S5].txt - [2559 Bytes] - [05/02/2015 21:03:17]
AdwCleaner[S6].txt - [1960 Bytes] - [06/02/2015 22:35:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2019  Bytes] ##########
         
--- --- ---

[/CODE]

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Ultimate x86
Ran by Dr.Kawaii Fluury on 06.02.2015 at 22:47:19,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{63A15237-F99C-44D3-99EF-7B6550E5C57D}



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.02.2015 at 22:49:58,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2015
Ran by Dr.Kawaii Fluury (administrator) on COMPUTER-PC on 06-02-2015 22:53:42
Running from C:\Users\Dr.Kawaii Fluury\Desktop\Programme
Loaded Profiles: Dr.Kawaii Fluury (Available profiles: computer & Dr.Kawaii Fluury)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() C:\Windows\System32\AtwtusbIcon.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
() C:\Program Files\puush\puush.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Akamai Technologies, Inc.) C:\Users\Dr.Kawaii Fluury\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Akamai Technologies, Inc.) C:\Users\Dr.Kawaii Fluury\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Windows\System32\atwtusb.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Windows\System32\atwtusb.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(EJIE Technology) C:\Program Files\Clover\clover.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM\...\Run: [AtwtusbIcon] => C:\Windows\system32\AtwtusbIcon.exe [2963456 2012-09-10] ()
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2874048 2015-02-06] (Valve Corporation)
HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\Run: [puush] => C:\Program Files\puush\puush.exe [567880 2014-07-25] ()
HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\Run: [Akamai NetSession Interface] => C:\Users\Dr.Kawaii Fluury\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\MountPoints2: {19918c29-09a0-11e3-8fb3-001fd0287db9} - E:\Startme.exe
Startup: C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files\Clover\TabHelper32.dll (EJIE Technology)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Mozilla\Firefox\Profiles\fzxt57os.default-1423167299117
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: AdBlock for Firefox - C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Mozilla\Firefox\Profiles\fzxt57os.default-1423167299117\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2015-02-05]
FF Extension: Personas Plus - C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Mozilla\Firefox\Profiles\fzxt57os.default-1423167299117\Extensions\personas@christopher.beard.xpi [2015-02-05]
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2015-01-27]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-01-27]

Chrome: 
=======
CHR Profile: C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-30]
CHR Extension: (Google Docs) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-29]
CHR Extension: (Google Drive) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-30]
CHR Extension: (YouTube) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-29]
CHR Extension: (Google-Suche) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-29]
CHR Extension: (Google Tabellen) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-30]
CHR Extension: (Avira Browser Safety) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-30]
CHR Extension: (AdBlock) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-30]
CHR Extension: (Google Wallet) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-29]
CHR Extension: (Google Mail) - C:\Users\Dr.Kawaii Fluury\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-29]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-08] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [182304 2015-01-17] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915784 2015-01-16] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1845096 2015-01-20] (LogMeIn Inc.)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2013-10-25] (Hi-Rez Studios) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-28] (IObit)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-01-14] (LogMeIn, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [3101376 2014-12-15] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775816 2015-01-16] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WTService; C:\Windows\system32\atwtusb.exe [535552 2012-10-19] () [File not signed]
S2 MainLSyncHost; c:\windows\system32\mpk\lsynchost.exe /startedbyscm:E4233B4F-40E3FE91-MPKService [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-04-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 cpuz137; C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [26856 2014-02-17] (CPUID)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2013-05-01] (Eugene V. Muzychenko)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HPFXBULK; C:\Windows\System32\drivers\hpfxbulk.sys [17432 2007-07-16] (Hewlett Packard)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) [File not signed]
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18760 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2011-06-15] (Realtek                                            )
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam60.sys [50280 2011-06-15] (Realtek Corporation)
S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan620.sys [27752 2011-09-16] (Realtek Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 TEAM; C:\Windows\System32\DRIVERS\RtTeam60.sys [50280 2011-06-15] (Realtek Corporation)
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [6144 2009-08-20] (Windows (R) Win 7 DDK provider)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]
S3 XDva403; \??\C:\Windows\system32\XDva403.sys [X]
S3 XDva406; \??\C:\Windows\system32\XDva406.sys [X]
S3 XDva409; \??\C:\Windows\system32\XDva409.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 22:49 - 2015-02-06 22:49 - 00000906 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\JRT.txt
2015-02-06 22:46 - 2015-02-06 22:46 - 01388274 _____ (Thisisu) C:\Users\Dr.Kawaii Fluury\Desktop\JRT.exe
2015-02-06 15:54 - 2015-02-06 15:54 - 01577512 _____ ( ) C:\Users\Dr.Kawaii Fluury\Downloads\cpu-z_1.71-setup-en.exe
2015-02-06 15:53 - 2015-02-06 15:53 - 05133752 _____ (Piriform Ltd) C:\Users\Dr.Kawaii Fluury\Downloads\spsetup128.exe
2015-02-06 15:48 - 2015-02-06 15:49 - 00035895 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\Addition.txt
2015-02-06 15:46 - 2015-02-06 15:49 - 00033995 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\FRST.txt
2015-02-06 06:30 - 2015-02-06 22:53 - 00000000 ____D () C:\FRST
2015-02-05 22:16 - 2015-02-05 22:16 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dr.Kawaii Fluury\Downloads\revosetup.exe
2015-02-05 22:16 - 2015-02-05 22:16 - 00001222 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\Revo Uninstaller.lnk
2015-02-05 06:19 - 2015-02-05 06:19 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Local\Steam
2015-02-02 12:10 - 2015-02-02 12:11 - 06175244 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\dem bugs.mp4
2015-02-02 11:56 - 2015-02-02 11:58 - 544818824 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\nuclearthrone 2015-02-02 11-56-17-81.avi
2015-02-02 11:00 - 2015-02-02 11:00 - 01185351 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\7CZby9V.webm
2015-01-31 18:45 - 2015-01-31 18:45 - 00021721 _____ () C:\Users\Dr.Kawaii Fluury\AppData\Local\recently-used.xbel
2015-01-30 18:09 - 2015-01-30 18:09 - 123779265 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\th145东方深秘录体验版[已打1.01补丁](C87).rar
2015-01-30 16:27 - 2015-02-05 21:05 - 00457936 _____ () C:\Windows\PFRO.log
2015-01-29 14:53 - 2015-01-29 15:15 - 99500292 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\Gun Locker.wav
2015-01-29 14:53 - 2015-01-29 15:09 - 67737692 _____ () C:\Users\Dr.Kawaii Fluury\Desktop\mus107 looped.wav
2015-01-29 14:22 - 2015-01-29 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-29 14:22 - 2015-01-29 14:22 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2015-01-28 06:24 - 2015-02-06 22:45 - 00652124 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 06:19 - 2015-02-06 22:39 - 00003248 _____ () C:\Windows\setupact.log
2015-01-28 06:19 - 2015-01-28 06:19 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-27 17:50 - 2015-01-27 17:50 - 00000000 ____D () C:\Users\computer\Desktop\Paul
2015-01-27 17:42 - 2015-01-27 17:42 - 00000000 ____D () C:\Users\computer\AppData\Local\Clover
2015-01-27 14:59 - 2015-01-09 23:25 - 00621200 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
2015-01-27 14:56 - 2015-01-13 05:15 - 00161424 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2015-01-27 14:56 - 2015-01-13 05:15 - 00027280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 24765584 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 20465296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 10774728 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 10714304 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 08465224 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-27 14:56 - 2015-01-10 03:43 - 03245712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 01047880 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234725.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00929424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00911504 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234725.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00906568 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00877304 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00399504 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00345744 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00305320 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll
2015-01-27 14:56 - 2015-01-10 03:43 - 00164752 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
2015-01-27 14:50 - 2014-11-22 11:46 - 00032912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2015-01-27 14:40 - 2015-01-27 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-01-27 14:40 - 2011-09-16 08:12 - 00027752 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys
2015-01-27 14:40 - 2011-06-15 14:11 - 00050280 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys
2015-01-27 14:40 - 2011-06-15 14:11 - 00027648 _____ (Realtek ) C:\Windows\system32\Drivers\RtNdPt60.sys
2015-01-27 14:39 - 2015-01-27 14:39 - 00000000 ____D () C:\Program Files\Intel
2015-01-27 14:39 - 2010-03-02 09:04 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2015-01-27 14:38 - 2015-01-27 14:40 - 00000000 ____D () C:\Program Files\Realtek
2015-01-27 14:38 - 2011-09-29 10:30 - 00490088 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2015-01-27 14:38 - 2011-09-29 10:30 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2015-01-27 14:38 - 2011-09-29 10:30 - 00080416 _____ () C:\Windows\system32\RtNicProp32.dll
2015-01-27 07:37 - 2015-01-27 07:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-26 20:00 - 2015-01-26 20:00 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Documents\TacticalIntervention
2015-01-17 22:30 - 2015-01-17 22:30 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\.mono
2015-01-17 22:30 - 2015-01-17 22:28 - 00182304 _____ (EasyAntiCheat Ltd) C:\Windows\system32\EasyAntiCheat.exe
2015-01-17 21:26 - 2014-12-15 08:20 - 03101376 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\GameMon.des
2015-01-14 06:37 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 06:37 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 06:37 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 06:37 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 06:37 - 2014-12-11 18:47 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 06:37 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 22:53 - 2013-02-26 18:06 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Programme
2015-02-06 22:48 - 2009-07-14 05:34 - 00019568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-06 22:48 - 2009-07-14 05:34 - 00019568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-06 22:41 - 2013-02-27 10:15 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-02-06 22:39 - 2013-04-01 18:45 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Local\LogMeIn Hamachi
2015-02-06 22:39 - 2013-02-27 10:15 - 00000000 ____D () C:\Program Files\Steam
2015-02-06 22:39 - 2009-07-14 03:04 - 00000418 _____ () C:\Windows\win.ini
2015-02-06 22:38 - 2013-12-07 19:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-06 22:35 - 2014-04-21 18:01 - 00000000 ____D () C:\AdwCleaner
2015-02-06 15:57 - 2014-08-21 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-02-06 15:57 - 2014-08-21 22:13 - 00000000 ____D () C:\Program Files\CPUID
2015-02-05 22:26 - 2013-05-29 21:29 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\IrfanView
2015-02-05 22:16 - 2014-12-19 23:44 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-02-05 20:51 - 2013-02-26 18:05 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury
2015-02-05 20:13 - 2014-08-16 16:23 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-05 07:20 - 2013-02-25 18:50 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-05 07:17 - 2013-07-07 14:42 - 00000000 ____D () C:\Users\computer\AppData\Local\LogMeIn Hamachi
2015-02-03 13:31 - 2014-11-18 13:39 - 00002193 _____ () C:\Users\computer\Desktop\Google Chrome.lnk
2015-02-03 06:18 - 2014-03-28 19:15 - 00000000 ____D () C:\ProgramData\ProductData
2015-02-02 14:22 - 2013-05-30 15:34 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\vlc
2015-02-01 10:52 - 2014-05-14 18:49 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Local\nuclearthrone
2015-01-31 19:25 - 2013-04-30 18:33 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\.gimp-2.8
2015-01-31 18:37 - 2013-03-10 07:10 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Sonstiges
2015-01-30 11:33 - 2013-04-01 14:04 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Audacity
2015-01-28 23:10 - 2013-02-26 21:16 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Skype
2015-01-27 21:00 - 2013-02-25 18:27 - 00000000 ____D () C:\M
2015-01-27 15:45 - 2014-08-06 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2015-01-27 15:26 - 2013-05-07 16:16 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Musik
2015-01-27 15:23 - 2013-09-08 19:58 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Wubwub
2015-01-27 15:03 - 2014-01-04 22:40 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Reactions
2015-01-27 15:03 - 2012-05-11 13:30 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\Desktop\Bilder
2015-01-27 15:00 - 2013-12-07 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-27 14:40 - 2013-09-05 15:55 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-27 14:28 - 2013-07-02 15:02 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-27 07:22 - 2014-02-12 07:11 - 00000000 ____D () C:\Users\computer\AppData\Local\NVIDIA
2015-01-27 07:21 - 2014-02-12 07:41 - 00000000 ____D () C:\Users\computer\AppData\Local\NVIDIA Corporation
2015-01-25 09:49 - 2013-02-27 08:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 09:49 - 2013-02-27 08:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-25 09:49 - 2013-02-27 08:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-24 09:38 - 2014-09-20 09:06 - 00000000 ___RD () C:\Program Files\Skype
2015-01-24 09:38 - 2013-02-26 21:02 - 00000000 ____D () C:\ProgramData\Skype
2015-01-21 21:16 - 2013-11-09 19:59 - 00000000 ____D () C:\AeriaGames
2015-01-16 07:41 - 2014-06-02 20:04 - 01316184 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll
2015-01-16 07:41 - 2013-12-07 19:50 - 01278920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2015-01-14 20:39 - 2013-05-01 11:55 - 00000000 ____D () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\foobar2000
2015-01-14 11:32 - 2013-04-01 18:45 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-01-14 07:24 - 2013-07-14 22:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 07:19 - 2013-02-28 17:43 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 05:15 - 2014-01-08 17:43 - 00908608 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2015-01-10 03:43 - 2013-12-07 19:35 - 00060560 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-10 03:43 - 2013-12-07 19:34 - 16009120 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2015-01-10 03:43 - 2013-12-07 19:34 - 14116136 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2015-01-10 03:43 - 2013-12-07 19:33 - 02902272 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2015-01-10 03:43 - 2013-02-25 23:22 - 00022594 _____ () C:\Windows\system32\nvinfo.pb
2015-01-09 23:58 - 2013-12-07 19:30 - 04404040 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-09 23:58 - 2013-12-07 19:30 - 03057808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2015-01-09 23:58 - 2013-12-07 19:30 - 02554184 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-09 23:58 - 2013-12-07 19:30 - 00670352 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-09 23:58 - 2013-12-07 19:30 - 00374928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-09 23:58 - 2013-12-07 19:30 - 00061584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-09 18:46 - 2013-12-07 19:30 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2014-09-01 20:18 - 2014-12-01 22:12 - 0000139 _____ () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\licecap.ini
2014-06-19 10:12 - 2014-06-19 10:12 - 0000024 _____ () C:\Users\Dr.Kawaii Fluury\AppData\Roaming\temp.ini
2015-01-31 18:45 - 2015-01-31 18:45 - 0021721 _____ () C:\Users\Dr.Kawaii Fluury\AppData\Local\recently-used.xbel
2013-08-30 16:35 - 2013-07-01 16:36 - 0000032 ____R () C:\ProgramData\hash.dat

Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Windows\Tasks\{169360A7-9E4F-4B10-9796-2739573A11EE}.job


Some content of TEMP:
====================
C:\Users\computer\AppData\Local\Temp\AskSLib.dll
C:\Users\computer\AppData\Local\Temp\avgnt.exe
C:\Users\computer\AppData\Local\Temp\uninst1.exe
C:\Users\Dr.Kawaii Fluury\AppData\Local\Temp\avgnt.exe
C:\Users\Dr.Kawaii Fluury\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Dr.Kawaii Fluury\AppData\Local\Temp\Quarantine.exe
C:\Users\Dr.Kawaii Fluury\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-09-02 14:53

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
rayman2 (HKLM\...\rayman2) (Version:  - )
Realm of the Mad God (HKLM\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risk of Rain (HKLM\...\Steam App 248820) (Version:  - )
Robocraft (HKLM\...\Steam App 301520) (Version:  - Freejam)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
School of Dragons: How to Train Your Dragon (HKLM\...\Steam App 332070) (Version:  - JumpStart Games, Inc.)
Scratch (HKLM\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Sir, You Are Being Hunted (HKLM\...\Steam App 242880) (Version:  - Big Robot Ltd)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Sonic Adventure DX (HKLM\...\Steam App 71250) (Version:  - SEGA)
Sonic Adventure™ 2  (HKLM\...\Steam App 213610) (Version:  - SEGA)
Source Filmmaker (HKLM\...\Steam App 1840) (Version:  - )
Source SDK (HKLM\...\Steam App 211) (Version:  - Valve)
Spelunky (HKLM\...\Steam App 239350) (Version:  - )
Spiral Knights (HKLM\...\Steam App 99900) (Version:  - Three Rings)
Spore (HKLM\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM\...\Steam App 17440) (Version:  - Maxis™)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Starbound (HKLM\...\Steam App 211820) (Version:  - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Trading Card Beta Access (HKLM\...\Steam App 202352) (Version:  - )
Super Amazing Wagon Adventure (HKLM\...\Steam App 250500) (Version:  - sparsevector)
Super Crate Box (HKLM\...\Steam App 212800) (Version:  - Vlambeer)
Super Time Force Ultra (HKLM\...\Steam App 250700) (Version:  - Capybara Games)
Tactical Intervention (HKLM\...\Steam App 51100) (Version:  - FIX Korea, Co.LTD)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version:  - )
TEXTools (HKLM\...\TEXTools) (Version:  - )
The Binding of Isaac (HKLM\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Long Dark (HKLM\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Stanley Parable (HKLM\...\Steam App 221910) (Version:  - Galactic Cafe)
Trust tablet driver (HKLM\...\RmTablet) (Version: 5.01 - )
Unturned (HKLM\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM\...\Uplay) (Version: 4.4 - Ubisoft)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM\...\Steam App 260230) (Version:  - Ubisoft Montpellier)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VTFEdit 1.2.5 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wakfu (HKLM\...\Steam App 215080) (Version:  - Ankama)
War of the Human Tanks (HKLM\...\Steam App 263400) (Version:  - Yakiniku Banzai)
WG Screensaver Creator 1.0 (HKLM\...\{E0BE7153-5B7D-4214-9F2A-50EF466C27F7}) (Version: 1.0.0 - Web Grafitti)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yet Another Zombie Defense (HKLM\...\Steam App 270550) (Version:  - Awesome Games Studio)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-02-2015 22:22:59 Revo Uninstaller's restore point - IrfanView (remove only)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-02-08 14:31 - 2014-11-11 14:45 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2846072A-E0DD-4860-8C0A-1ACAAC461398} - System32\Tasks\{2F2F6436-443C-4DB6-BE51-B0A05CD0E50D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.2.0.106/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {3D86D8B5-B2E7-4224-A57C-5EF91E971F0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe
Task: {5C7B9C8C-4306-40B2-AC0A-3B4F415015D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {80589642-0FE5-4660-AE43-1922C9C2F8FE} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe
Task: {8E80CBDE-57F1-4D6B-98FD-98D729DC56B4} - System32\Tasks\{ACE734F7-4BA5-42AA-A811-622FB7F5F719} => C:\Users\Dr.Kawaii Fluury\Desktop\Touhou\12.8 妖精大戦争\Touhou 12.8 aka Baka Wars.exe
Task: {A6FF3643-AE70-4C75-BADB-270DB796C7D9} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {AD458812-6927-499A-88C0-9DE4DAD71FD4} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe
Task: {BA7BE60D-EBDA-4CD4-9548-C8D12BFD4381} - System32\Tasks\{73690E4B-8398-4ECC-8671-78C0B5E288C1} => C:\Users\Dr.Kawaii Fluury\Desktop\Touhou\12.8 妖精大戦争\Touhou 12.8 aka Baka Wars.exe
Task: {D62E7E9D-9435-4A8A-96E6-AF110899D171} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
Task: {ECD8E911-2D8D-4638-A34C-B9A2769EE151} - System32\Tasks\SmartDefragUpdate => C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe
Task: {F99FDABE-39FA-4DE5-8AE3-CCC5A10D73C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff420bbf7836b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d000d6e515c56d.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\{169360A7-9E4F-4B10-9796-2739573A11EE}.job => c:\program files\mozilla firefox\firefox.exe

==================== Loaded Modules (whitelisted) ==============

2013-12-07 19:30 - 2015-01-09 23:58 - 00107848 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-06-09 21:01 - 2014-04-25 13:11 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-09 21:01 - 2014-04-25 13:11 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-09 21:01 - 2014-04-25 13:11 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-22 17:53 - 2012-09-10 12:53 - 02963456 _____ () C:\Windows\System32\AtwtusbIcon.exe
2014-08-28 23:36 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files\Steam\libavcodec-56.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files\Steam\libavformat-56.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2013-03-12 17:10 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files\Steam\SDL2.dll
2014-12-02 22:54 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files\Steam\v8.dll
2014-12-02 22:54 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files\Steam\icui18n.dll
2014-12-02 22:54 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files\Steam\icuuc.dll
2014-05-21 19:51 - 2015-02-06 02:17 - 02357952 _____ () C:\Program Files\Steam\video.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2013-02-25 07:39 - 2015-02-06 02:16 - 00701632 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2012-01-10 13:41 - 2014-07-25 13:47 - 00567880 _____ () C:\Program Files\puush\puush.exe
2014-09-22 17:53 - 2012-10-19 10:05 - 00535552 _____ () C:\Windows\system32\atwtusb.exe
2014-06-09 21:01 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-09 21:01 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-01-27 07:37 - 2015-01-27 07:37 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-02-19 11:48 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files\Steam\bin\libcef.dll
2014-08-14 19:13 - 2015-01-28 02:30 - 01709960 _____ () C:\Program Files\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4F78E2F6

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2811185551-369326641-1495617965-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2811185551-369326641-1495617965-500 - Administrator - Disabled)
computer (S-1-5-21-2811185551-369326641-1495617965-1000 - Administrator - Enabled) => C:\Users\computer
Dr.Kawaii Fluury (S-1-5-21-2811185551-369326641-1495617965-1003 - Administrator - Enabled) => C:\Users\Dr.Kawaii Fluury
Gast (S-1-5-21-2811185551-369326641-1495617965-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2015 10:53:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: taskbarcpl.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba10
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a816
ID des fehlerhaften Prozesses: 0x16e8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (02/06/2015 10:53:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d6727a7taskbarcpl.dll6.1.7601.175144ce7ba10c00000050000a81616e801d04257439aa5cdC:\Windows\explorer.exeC:\Windows\System32\taskbarcpl.dll84a5b9b5-ae4a-11e4-8a6d-001fd0287db9


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 63%
Total physical RAM: 2046.3 MB
Available physical RAM: 750.23 MB
Total Pagefile: 4092.61 MB
Available Pagefile: 2240.76 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.16 GB) (Free:99.96 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 38.3 GB) (Disk ID: 1D2B1D2A)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: E4E4E4E4)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 06.02.2015, 23:32   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



addition.txt ist unvollständig
__________________
--> Adware, allerdings nur auf einer Seite. (meines Wissens.)

Alt 07.02.2015, 00:09   #7
Fluury
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



Zitat:
Zitat von cosinus Beitrag anzeigen
addition.txt ist unvollständig
Ah, entschuldigung.

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2015
Ran by Dr.Kawaii Fluury at 2015-02-06 22:54:48
Running from C:\Users\Dr.Kawaii Fluury\Desktop\Programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
100% Orange Juice (HKLM\...\Steam App 282800) (Version:  - Orange_Juice)
32 Bit HP CIO Components Installer (Version: 4.1.1 - Hewlett-Packard) Hidden
AbiWord 2.9.4 (HKLM\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Ace of Spades (HKLM\...\Steam App 224540) (Version:  - )
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Artweaver 1.0 (HKLM\...\{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1) (Version: 1.0 - Boris Eyrich Software)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version:  - The Behemoth)
Besiege (HKLM\...\Steam App 346010) (Version:  - Spiderling Studios)
BleachBit (HKLM\...\BleachBit) (Version: 1.6 - BleachBit)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Championsheep Rally (HKLM\...\Championsheep Rally) (Version:  - Frogster Interactive Pictures)
Clover 3.0 (HKLM\...\Clover) (Version: 3.0 - EJIE Technology)
Codename Gordon (HKLM\...\Steam App 92) (Version:  - Nuclear Vision)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crypt of the NecroDancer (HKLM\...\Steam App 247080) (Version:  - Brace Yourself Games)
Cube World version 0.0.1 (HKLM\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS™ II (HKLM\...\Steam App 236430) (Version:  - FromSoftware, Inc)
Don't Starve (HKLM\...\Steam App 219740) (Version:  - )
Don't Starve Together Beta (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)
Dungeon of the Endless (HKLM\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
Elsword (HKLM\...\Steam App 237310) (Version:  - KOG)
Eryi's Action (HKLM\...\Steam App 261700) (Version:  - Xtal Sword)
ffdshow v1.2.4422 [2012-04-09] (HKLM\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Fist of Jesus (HKLM\...\Steam App 321110) (Version:  - Mutant Games)
foobar2000 v1.2 (HKLM\...\foobar2000) (Version: 1.2 - Peter Pawlowski)
FormatFactory 3.0.1 (HKLM\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Free Image Convert and Resize version 2.1.23.430 (HKLM\...\Free Image Convert and Resize_is1) (Version: 2.1.23.430 - DVDVideoSoft Ltd.)
Free Video Dub version 2.0.17.320 (HKLM\...\Free Video Dub_is1) (Version: 2.0.17.320 - DVDVideoSoft Ltd.)
Free Video to Flash Converter version 5.0.32.1230 (HKLM\...\Free Video to Flash Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Fusion's Chao Editor (HKLM\...\{BAAA4018-E873-49E4-B971-AA4E84D7A4CB}) (Version: 2.0 - Fusion)
Game Dev Tycoon (HKLM\...\Steam App 239820) (Version:  - Greenheart Games)
GameMaker: Studio (HKLM\...\Steam App 214850) (Version:  - YoYo Games Ltd.)
GameRanger (HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\GameRanger) (Version:  - GameRanger Technologies)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Team Garry)
GCFScape 1.8.5 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GIF Viewer 3.0 (HKLM\...\GIF Viewer) (Version: 3.0 - Stefan Wobbe)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Goat Simulator (HKLM\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint (HKLM\...\Steam App 206190) (Version:  - Suspicious Developments)
Half-Life Dedicated Server Update Tool (HKLM\...\Half-Life Dedicated Server Update Tool) (Version:  - )
HandBrake 0.9.8 (HKLM\...\HandBrake) (Version: 0.9.8 - )
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.2.9.10 - IObit)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Karos (HKLM\...\Steam App 337410) (Version:  - Galaxy Gate)
Kill Fun Yeah (HKLM\...\Steam App 301360) (Version:  - Arctic Anteater)
Killing Floor (HKLM\...\Steam App 1250) (Version:  - Tripwire Interactive)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Legend of Dungeon (HKLM\...\Steam App 238280) (Version:  - )
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
Lost Saga EU (HKLM\...\LostSagaEU) (Version:  - IO Entertainment Co., Ltd.)
Magic 2015 (HKLM\...\Steam App 255420) (Version:  - Stainless Games)
Magicite (HKLM\...\Steam App 268750) (Version:  - SmashGames)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McDROID (HKLM\...\Steam App 252970) (Version:  - Elefantopia)
MediaCoder 0.8.33.5680 (HKLM\...\MediaCoder) (Version: 0.8.33.5680 - Mediatronic)
Metal Slug 3 (HKLM\...\Steam App 250180) (Version:  - DotEmu)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Momodora III (HKLM\...\Steam App 302790) (Version:  - rdein)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mumble 1.2.8 (HKLM\...\{1BC144A3-20EF-49DD-8EBB-E421E128E30F}) (Version: 1.2.8 - Thorvald Natvig)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
Nidhogg (HKLM\...\Steam App 94400) (Version:  - Messhof)
Nosgoth (HKLM\...\Steam App 200110) (Version:  - Psyonix)
Notepad++ (HKLM\...\Notepad++) (Version: 6.5 - Notepad++ Team)
Nuclear Throne (HKLM\...\Steam App 242680) (Version:  - Vlambeer)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Paint XP version 1.1 (HKLM\...\{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1) (Version: 1.1 - MSPAINTXP.COM)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF4819}) (Version: 4.0.3 - dotPDN LLC)
PC Wizard 2013.2.12 (HKLM\...\PC Wizard 2013_is1) (Version:  - CPUID)
Plague Inc: Evolved (HKLM\...\Steam App 246620) (Version:  - Ndemic Creations)
Portal 2 Publishing Tool (HKLM\...\Steam App 644) (Version:  - )
puush (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rayman 3 (HKLM\...\{15F52B39-04CB-4EDB-9A8C-496C4A5588E2}) (Version: 1.00.000 - )
rayman2 (HKLM\...\rayman2) (Version:  - )
Realm of the Mad God (HKLM\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risk of Rain (HKLM\...\Steam App 248820) (Version:  - )
Robocraft (HKLM\...\Steam App 301520) (Version:  - Freejam)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
School of Dragons: How to Train Your Dragon (HKLM\...\Steam App 332070) (Version:  - JumpStart Games, Inc.)
Scratch (HKLM\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Sir, You Are Being Hunted (HKLM\...\Steam App 242880) (Version:  - Big Robot Ltd)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Sonic Adventure DX (HKLM\...\Steam App 71250) (Version:  - SEGA)
Sonic Adventure™ 2  (HKLM\...\Steam App 213610) (Version:  - SEGA)
Source Filmmaker (HKLM\...\Steam App 1840) (Version:  - )
Source SDK (HKLM\...\Steam App 211) (Version:  - Valve)
Spelunky (HKLM\...\Steam App 239350) (Version:  - )
Spiral Knights (HKLM\...\Steam App 99900) (Version:  - Three Rings)
Spore (HKLM\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM\...\Steam App 17440) (Version:  - Maxis™)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Starbound (HKLM\...\Steam App 211820) (Version:  - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Trading Card Beta Access (HKLM\...\Steam App 202352) (Version:  - )
Super Amazing Wagon Adventure (HKLM\...\Steam App 250500) (Version:  - sparsevector)
Super Crate Box (HKLM\...\Steam App 212800) (Version:  - Vlambeer)
Super Time Force Ultra (HKLM\...\Steam App 250700) (Version:  - Capybara Games)
Tactical Intervention (HKLM\...\Steam App 51100) (Version:  - FIX Korea, Co.LTD)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-2811185551-369326641-1495617965-1003\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version:  - )
TEXTools (HKLM\...\TEXTools) (Version:  - )
The Binding of Isaac (HKLM\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Long Dark (HKLM\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Stanley Parable (HKLM\...\Steam App 221910) (Version:  - Galactic Cafe)
Trust tablet driver (HKLM\...\RmTablet) (Version: 5.01 - )
Unturned (HKLM\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM\...\Uplay) (Version: 4.4 - Ubisoft)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM\...\Steam App 260230) (Version:  - Ubisoft Montpellier)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VTFEdit 1.2.5 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Wakfu (HKLM\...\Steam App 215080) (Version:  - Ankama)
War of the Human Tanks (HKLM\...\Steam App 263400) (Version:  - Yakiniku Banzai)
WG Screensaver Creator 1.0 (HKLM\...\{E0BE7153-5B7D-4214-9F2A-50EF466C27F7}) (Version: 1.0.0 - Web Grafitti)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yet Another Zombie Defense (HKLM\...\Steam App 270550) (Version:  - Awesome Games Studio)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-02-2015 22:22:59 Revo Uninstaller's restore point - IrfanView (remove only)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-02-08 14:31 - 2014-11-11 14:45 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2846072A-E0DD-4860-8C0A-1ACAAC461398} - System32\Tasks\{2F2F6436-443C-4DB6-BE51-B0A05CD0E50D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.2.0.106/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {3D86D8B5-B2E7-4224-A57C-5EF91E971F0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe
Task: {5C7B9C8C-4306-40B2-AC0A-3B4F415015D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {80589642-0FE5-4660-AE43-1922C9C2F8FE} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe
Task: {8E80CBDE-57F1-4D6B-98FD-98D729DC56B4} - System32\Tasks\{ACE734F7-4BA5-42AA-A811-622FB7F5F719} => C:\Users\Dr.Kawaii Fluury\Desktop\Touhou\12.8 妖精大戦争\Touhou 12.8 aka Baka Wars.exe
Task: {A6FF3643-AE70-4C75-BADB-270DB796C7D9} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {AD458812-6927-499A-88C0-9DE4DAD71FD4} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe
Task: {BA7BE60D-EBDA-4CD4-9548-C8D12BFD4381} - System32\Tasks\{73690E4B-8398-4ECC-8671-78C0B5E288C1} => C:\Users\Dr.Kawaii Fluury\Desktop\Touhou\12.8 妖精大戦争\Touhou 12.8 aka Baka Wars.exe
Task: {D62E7E9D-9435-4A8A-96E6-AF110899D171} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
Task: {ECD8E911-2D8D-4638-A34C-B9A2769EE151} - System32\Tasks\SmartDefragUpdate => C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe
Task: {F99FDABE-39FA-4DE5-8AE3-CCC5A10D73C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff420bbf7836b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d000d6e515c56d.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\{169360A7-9E4F-4B10-9796-2739573A11EE}.job => c:\program files\mozilla firefox\firefox.exe

==================== Loaded Modules (whitelisted) ==============

2013-12-07 19:30 - 2015-01-09 23:58 - 00107848 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-06-09 21:01 - 2014-04-25 13:11 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-09 21:01 - 2014-04-25 13:11 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-09 21:01 - 2014-04-25 13:11 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-22 17:53 - 2012-09-10 12:53 - 02963456 _____ () C:\Windows\System32\AtwtusbIcon.exe
2014-08-28 23:36 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files\Steam\libavcodec-56.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files\Steam\libavformat-56.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2013-03-12 17:10 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files\Steam\SDL2.dll
2014-12-02 22:54 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files\Steam\v8.dll
2014-12-02 22:54 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files\Steam\icui18n.dll
2014-12-02 22:54 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files\Steam\icuuc.dll
2014-05-21 19:51 - 2015-02-06 02:17 - 02357952 _____ () C:\Program Files\Steam\video.dll
2014-08-28 23:36 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2013-02-25 07:39 - 2015-02-06 02:16 - 00701632 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2012-01-10 13:41 - 2014-07-25 13:47 - 00567880 _____ () C:\Program Files\puush\puush.exe
2014-09-22 17:53 - 2012-10-19 10:05 - 00535552 _____ () C:\Windows\system32\atwtusb.exe
2014-06-09 21:01 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-09 21:01 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-01-27 07:37 - 2015-01-27 07:37 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-02-19 11:48 - 2015-01-28 02:30 - 34641288 _____ () C:\Program Files\Steam\bin\libcef.dll
2014-08-14 19:13 - 2015-01-28 02:30 - 01709960 _____ () C:\Program Files\Steam\bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4F78E2F6

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2811185551-369326641-1495617965-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Dr.Kawaii Fluury\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2811185551-369326641-1495617965-500 - Administrator - Disabled)
computer (S-1-5-21-2811185551-369326641-1495617965-1000 - Administrator - Enabled) => C:\Users\computer
Dr.Kawaii Fluury (S-1-5-21-2811185551-369326641-1495617965-1003 - Administrator - Enabled) => C:\Users\Dr.Kawaii Fluury
Gast (S-1-5-21-2811185551-369326641-1495617965-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2015 10:53:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: taskbarcpl.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba10
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a816
ID des fehlerhaften Prozesses: 0x16e8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (02/06/2015 10:53:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d6727a7taskbarcpl.dll6.1.7601.175144ce7ba10c00000050000a81616e801d04257439aa5cdC:\Windows\explorer.exeC:\Windows\System32\taskbarcpl.dll84a5b9b5-ae4a-11e4-8a6d-001fd0287db9


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 63%
Total physical RAM: 2046.3 MB
Available physical RAM: 750.23 MB
Total Pagefile: 4092.61 MB
Available Pagefile: 2240.76 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.16 GB) (Free:99.96 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 38.3 GB) (Disk ID: 1D2B1D2A)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: E4E4E4E4)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


Hier der vollständige.

Alt 07.02.2015, 00:13   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
C:\ProgramData\hash.dat
C:\Windows\Tasks\{169360A7-9E4F-4B10-9796-2739573A11EE}.job
EmptyTemp:
Hosts:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.02.2015, 00:35   #9
Fluury
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-02-2015
Ran by Dr.Kawaii Fluury at 2015-02-07 00:20:00 Run:1
Running from C:\Users\Dr.Kawaii Fluury\Desktop
Loaded Profiles: Dr.Kawaii Fluury (Available profiles: computer & Dr.Kawaii Fluury)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
C:\ProgramData\hash.dat
C:\Windows\Tasks\{169360A7-9E4F-4B10-9796-2739573A11EE}.job
EmptyTemp:
Hosts:
         
*****************

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => Key deleted successfully.
HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key not found. 
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk" => Key deleted successfully.
C:\ProgramData\hash.dat => Moved successfully.
C:\Windows\Tasks\{169360A7-9E4F-4B10-9796-2739573A11EE}.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 742.3 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 00:21:14 ====
         

Alt 07.02.2015, 16:23   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.02.2015, 01:58   #11
Fluury
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 07.02.2015
Suchlauf-Zeit: 17:16:56
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.07.05
Rootkit Datenbank: v2015.02.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Dr.Kawaii Fluury

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 373098
Verstrichene Zeit: 18 Min, 7 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=42d7b8ca98b97d4bb244e4d04d39f0b9
# engine=22356
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-08 12:49:37
# local_time=2015-02-08 01:49:37 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 36740 288779867 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 49830192 174987768 0 0
# scanned=790399
# found=68
# cleaned=0
# scan_time=29090
sh=A6D12B550B7160C6E5D2227943ECB8F5ADF8F41F ft=1 fh=fe5fb98395aa12e3 vn="Variante von Win32/Toolbar.Iminent.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\Umbrella\umbrella.exe.vir"
sh=5EB5E13A96E13527D102DCA2000D5396E4001CCF ft=1 fh=f31cadf734d4ccb9 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll.vir"
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=806043854DBA08409D093C986B3208A5D4A512BA ft=1 fh=d6daed42d6889765 vn="Win32/Toolbar.DefaultTab.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\computer\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll.vir"
sh=EBE113C41976B63D9645B60AF83CC8487555950D ft=1 fh=75c1fb4d2ef4de76 vn="Win32/Toolbar.DefaultTab.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\computer\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe.vir"
sh=9BAF667499AA6AD943B26B82408C69BDF9D2D942 ft=1 fh=e046ea995fe5496f vn="Win64/Toolbar.DefaultTab.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\computer\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe.vir"
sh=A66441EA33B541895F23B3A4F8EB408B616A94BA ft=1 fh=02e58446c958c5ff vn="Win32/Toolbar.DefaultTab.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\computer\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabUninstaller.exe.vir"
sh=60DF417037197BB71547FC35CAC95C41F428D418 ft=1 fh=44d029b316bd3b56 vn="Win32/Toolbar.DefaultTab.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\computer\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll.vir"
sh=DB07648D185FE4A0448EDD08B409A3E90AE86B91 ft=1 fh=a325f42d455d8a90 vn="Win64/Toolbar.DefaultTab.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\computer\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll.vir"
sh=EA111903F48C1CB7FE5056509351A88EFE85114F ft=1 fh=0f73ddfd31d1def0 vn="Win32/Toolbar.DefaultTab.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\computer\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe.vir"
sh=5ACD70AEF338DE125F116CAFD8F1A8E0DCE0F595 ft=1 fh=77a0e7322f7f54d8 vn="Variante von Win32/Toolbar.DefaultTab.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\computer\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe.vir"
sh=EC1AE1832E769D6143CFD319DF7CA3C737A62BB5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\gxarsf4f.default\Extensions\webbooster@iminent.com.xpi.vir"
sh=476063885747EDD774A6B8CB2790703503A75A55 ft=1 fh=d7bb79193adaee2e vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Dr.Kawaii Fluury\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\DR4100~1.KAW\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=4D55CDD429CCC1A4758863A88B1B012AD4AD58A9 ft=1 fh=fa2b6d8baa49f691 vn="Variante von Win32/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\system32\roboot.exe.vir"
sh=354BDD57F49997D0A1AB3BADA1339CB33765898B ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Anwendungsdaten\Mozilla\Firefox\Profiles\eof33nq3.default\extensions\plugin@yontoo.com.xpi"
sh=3506A689F0AB68F1EFE7828D4FEF6D171722A8EE ft=1 fh=3073f3f0f3af2fd4 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\dffsetup-dwmapi.exe"
sh=5AED82367EAAF230DD5568E800A7B5DA4713C8AE ft=1 fh=c09653c756531741 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload(1).exe"
sh=AACEB38727983D4DECD027AB03C85A036DF0A43D ft=1 fh=2b4998118a2cda77 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload(2).exe"
sh=509931418DEB6B75185A9AAF4E687297D6F5CF61 ft=1 fh=98bdefe44f6519ae vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload.exe"
sh=07CF040FEFA25DFDA4287BAB632EAB806E294695 ft=1 fh=0db8f293d4a19d8f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubetoMP3Converter(1).exe"
sh=474BBF68C7AAC25A6ADBFD471993F52584CAEA89 ft=1 fh=7302f6233443ba92 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter(2).exe"
sh=8547D1E5EACE099ECFE5EDBF6958FA077650894B ft=1 fh=61435738673b6524 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter.exe"
sh=3837DCC6FC0D2C7D2CD6765EE18175468E314815 ft=1 fh=404bf2cda126427a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter31126.exe"
sh=AA190194CD322F27B81B57B66F0E48B16DDF09FC ft=1 fh=7a1e2a1eaadddca3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe"
sh=EAAC36A3A0D519E9943000DF69CCAC68C92598D4 ft=1 fh=2ceaca49965a9861 vn="Win32/SoftonicDownloader evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_mcpatcher.exe"
sh=7AA47BFF13189519061F2D7D4135ABF0467D7F9E ft=1 fh=574b6a7f1e4e54a0 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_minecraft-skinedit(1).exe"
sh=ED3BB465A3C80B63785F69270CA2952225FD21C9 ft=1 fh=a7addd61c1e09aa3 vn="Win32/SoftonicDownloader evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_minecraft-skinedit.exe"
sh=707B1211CC45270D4AC113DEEAC390F03EE04BD3 ft=1 fh=4290f1c69f1d583d vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_painttool-sai.exe"
sh=03406AC969A32995A7F99E913B8E773D90E0D61C ft=1 fh=ff4597981c152035 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_virtual-audio-cable.exe"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2625848\DVDVideoSoftTB_DEAutoUpdateHelper.exe"
sh=0C73CCC63EC56232CA1EF6BF8573B3A9AB323052 ft=1 fh=d014c1be8c7ac6c1 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB_DE\ldrtbDVDV.dll"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB_DE\tbDVDV.dll"
sh=FA93CBC3743E72D1330FB72049031808BBD0250B ft=1 fh=8496dd896c58edda vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll"
sh=902DBE67A58C96173CBA9D607B57D5C6AA8070EF ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.A evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Anwendungsdaten\Mozilla\Firefox\Profiles\gwjqcd1z.default\extensions\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}\chrome\games_bar_1.jar"
sh=E5AB41BD9FC5166F039421C8F3B022752C3C605A ft=1 fh=9bffae5f27f9209e vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter.exe"
sh=951C4DFA16D6BA51ADD3B86614520E3E5F53A4D5 ft=1 fh=77b67014c21a5d01 vn="Variante von Win32/DownloadSponsor.B evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Downloads\LevelR_Multi_Downloader(3).exe"
sh=15ADCFDD67BF6871B019114B040B5CA433C21621 ft=1 fh=57814fb044b3d986 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero BackItUp 4.2.16.0 Final.exe"
sh=23CFABB8A92977DD750A4F1E14047B3D2F6AD83C ft=1 fh=bf5caa3f72831846 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero MediaHome 4.2.10.0 Final.exe"
sh=4491DB119AD0D71D0852938E3EB5AA87173F085B ft=1 fh=f0a136bce1275e4a vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero Move it 1.2.19.0 .exe"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\ldrtbBro0.dll"
sh=AF2A09062B79711D5D92F58251EE238DF2E5E9F9 ft=1 fh=ea86b3a42b031233 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro0.dll"
sh=3664B7B546B41FBFB469128DEA194DBA1AF556AC ft=1 fh=532d857584187cdc vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro1.dll"
sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro2.dll"
sh=AF2A09062B79711D5D92F58251EE238DF2E5E9F9 ft=1 fh=ea86b3a42b031233 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll"
sh=ABA32A0BF4960B1AB88953C36CF160625C78AC9B ft=1 fh=47eacc88b34b8f30 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\CPUID\PC Wizard 2013\systweakasp_c.exe"
sh=CE2387651DE2A218011CF3CF3E356C941D6C15E7 ft=1 fh=bb7db9786797ff59 vn="Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\NexonEU\LostSagaEU\lostsaga.exe"
sh=E5AB41BD9FC5166F039421C8F3B022752C3C605A ft=1 fh=9bffae5f27f9209e vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\computer\Desktop\Paul\Paul\Documents\Downloads\FreeYouTubeToMP3Converter.exe"
sh=951C4DFA16D6BA51ADD3B86614520E3E5F53A4D5 ft=1 fh=77b67014c21a5d01 vn="Variante von Win32/DownloadSponsor.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\computer\Desktop\Paul\Paul\Documents\Downloads\LevelR_Multi_Downloader(3).exe"
sh=15ADCFDD67BF6871B019114B040B5CA433C21621 ft=1 fh=57814fb044b3d986 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero BackItUp 4.2.16.0 Final.exe"
sh=23CFABB8A92977DD750A4F1E14047B3D2F6AD83C ft=1 fh=bf5caa3f72831846 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero MediaHome 4.2.10.0 Final.exe"
sh=4491DB119AD0D71D0852938E3EB5AA87173F085B ft=1 fh=f0a136bce1275e4a vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero Move it 1.2.19.0 .exe"
sh=5B293CDD6C1E24E8EF2CCAD6D39E54F1EFD1C4C7 ft=1 fh=40d68ff3947b7fb7 vn="Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Desktop\Programme\Games\Lost Saga\LostSagaEU_Full.exe"
sh=3506A689F0AB68F1EFE7828D4FEF6D171722A8EE ft=1 fh=3073f3f0f3af2fd4 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Documents\Downloads\dffsetup-dwmapi.exe"
sh=5AED82367EAAF230DD5568E800A7B5DA4713C8AE ft=1 fh=c09653c756531741 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload(1).exe"
sh=AACEB38727983D4DECD027AB03C85A036DF0A43D ft=1 fh=2b4998118a2cda77 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload(2).exe"
sh=509931418DEB6B75185A9AAF4E687297D6F5CF61 ft=1 fh=98bdefe44f6519ae vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload.exe"
sh=07CF040FEFA25DFDA4287BAB632EAB806E294695 ft=1 fh=0db8f293d4a19d8f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubetoMP3Converter(1).exe"
sh=474BBF68C7AAC25A6ADBFD471993F52584CAEA89 ft=1 fh=7302f6233443ba92 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter(2).exe"
sh=8547D1E5EACE099ECFE5EDBF6958FA077650894B ft=1 fh=61435738673b6524 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter.exe"
sh=3837DCC6FC0D2C7D2CD6765EE18175468E314815 ft=1 fh=404bf2cda126427a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter31126.exe"
sh=AA190194CD322F27B81B57B66F0E48B16DDF09FC ft=1 fh=7a1e2a1eaadddca3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe"
sh=252BB7CF6BF5619E419841122325024A250E1D93 ft=1 fh=7b04b13f4f8fa2f6 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Downloads\asc-setup.exe"
sh=C5A07C6647A4228B39A382EE5246235CFDD94A82 ft=1 fh=1901ca3fd08316cd vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi134-Gif_To_Swf_Converter-ORG-10912145.exe"
sh=C5A07C6647A4228B39A382EE5246235CFDD94A82 ft=1 fh=1901ca3fd08316cd vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi134-Textools-ORG-10382457.exe"
sh=E0C5E31B4A4DAA88C64BB4CA1E304C4D70481F1F ft=1 fh=626d7421e12db363 vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi145-Textools-ORG-10382457.exe"
sh=0F4E52400FE76627B006A3A1B64BB7F9735AF475 ft=0 fh=0000000000000000 vn="Win32/DownWare.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dr.Kawaii Fluury\Downloads\GifToSwfConverter_setup.zip"
         

Alt 08.02.2015, 13:52   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Dokumente und Einstellungen\Alex xD\Anwendungsdaten\Mozilla\Firefox\Profiles\eof33nq3.default\extensions\plugin@yontoo.com.xpi
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\dffsetup-dwmapi.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload(1).exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload(2).exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubetoMP3Converter(1).exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter(2).exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter31126.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_mcpatcher.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_minecraft-skinedit(1).exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_minecraft-skinedit.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_painttool-sai.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_virtual-audio-cable.exe
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2625848\DVDVideoSoftTB_DEAutoUpdateHelper.exe
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB_DE\ldrtbDVDV.dll
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB_DE\tbDVDV.dll
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
C:\Dokumente und Einstellungen\Paul\Anwendungsdaten\Mozilla\Firefox\Profiles\gwjqcd1z.default\extensions\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}\chrome\games_bar_1.jar
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter.exe
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Downloads\LevelR_Multi_Downloader(3).exe
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero BackItUp 4.2.16.0 Final.exe
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero MediaHome 4.2.10.0 Final.exe
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero Move it 1.2.19.0 .exe
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\ldrtbBro0.dll
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro0.dll
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro1.dll
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro2.dll
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll
C:\Program Files\CPUID\PC Wizard 2013\systweakasp_c.exe
C:\Program Files\NexonEU\LostSagaEU\lostsaga.exe
C:\Users\computer\Desktop\Paul\Paul\Documents\Downloads\FreeYouTubeToMP3Converter.exe
C:\Users\computer\Desktop\Paul\Paul\Documents\Downloads\LevelR_Multi_Downloader(3).exe
C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero BackItUp 4.2.16.0 Final.exe
C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero MediaHome 4.2.10.0 Final.exe
C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero Move it 1.2.19.0 .exe
C:\Users\Dr.Kawaii Fluury\Desktop\Programme\Games\Lost Saga\LostSagaEU_Full.exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\dffsetup-dwmapi.exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload(1).exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload(2).exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload.exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubetoMP3Converter(1).exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter(2).exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter.exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter31126.exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe
C:\Users\Dr.Kawaii Fluury\Downloads\asc-setup.exe
C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi134-Gif_To_Swf_Converter-ORG-10912145.exe
C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi134-Textools-ORG-10382457.exe
C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi145-Textools-ORG-10382457.exe
C:\Users\Dr.Kawaii Fluury\Downloads\GifToSwfConverter_setup.zip
EmptyTemp:
Hosts:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.02.2015, 14:17   #13
Fluury
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-02-2015
Ran by Dr.Kawaii Fluury at 2015-02-08 14:05:49 Run:2
Running from C:\Users\Dr.Kawaii Fluury\Desktop
Loaded Profiles: Dr.Kawaii Fluury (Available profiles: computer & Dr.Kawaii Fluury)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Dokumente und Einstellungen\Alex xD\Anwendungsdaten\Mozilla\Firefox\Profiles\eof33nq3.default\extensions\plugin@yontoo.com.xpi
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\dffsetup-dwmapi.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload(1).exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload(2).exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubetoMP3Converter(1).exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter(2).exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter31126.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_mcpatcher.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_minecraft-skinedit(1).exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_minecraft-skinedit.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_painttool-sai.exe
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_virtual-audio-cable.exe
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2625848\DVDVideoSoftTB_DEAutoUpdateHelper.exe
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB_DE\ldrtbDVDV.dll
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB_DE\tbDVDV.dll
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
C:\Dokumente und Einstellungen\Paul\Anwendungsdaten\Mozilla\Firefox\Profiles\gwjqcd1z.default\extensions\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}\chrome\games_bar_1.jar
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter.exe
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Downloads\LevelR_Multi_Downloader(3).exe
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero BackItUp 4.2.16.0 Final.exe
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero MediaHome 4.2.10.0 Final.exe
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero Move it 1.2.19.0 .exe
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\ldrtbBro0.dll
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro0.dll
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro1.dll
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro2.dll
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll
C:\Program Files\CPUID\PC Wizard 2013\systweakasp_c.exe
C:\Program Files\NexonEU\LostSagaEU\lostsaga.exe
C:\Users\computer\Desktop\Paul\Paul\Documents\Downloads\FreeYouTubeToMP3Converter.exe
C:\Users\computer\Desktop\Paul\Paul\Documents\Downloads\LevelR_Multi_Downloader(3).exe
C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero BackItUp 4.2.16.0 Final.exe
C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero MediaHome 4.2.10.0 Final.exe
C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero Move it 1.2.19.0 .exe
C:\Users\Dr.Kawaii Fluury\Desktop\Programme\Games\Lost Saga\LostSagaEU_Full.exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\dffsetup-dwmapi.exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload(1).exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload(2).exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload.exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubetoMP3Converter(1).exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter(2).exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter.exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter31126.exe
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe
C:\Users\Dr.Kawaii Fluury\Downloads\asc-setup.exe
C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi134-Gif_To_Swf_Converter-ORG-10912145.exe
C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi134-Textools-ORG-10382457.exe
C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi145-Textools-ORG-10382457.exe
C:\Users\Dr.Kawaii Fluury\Downloads\GifToSwfConverter_setup.zip
EmptyTemp:
Hosts:
         
*****************

C:\Dokumente und Einstellungen\Alex xD\Anwendungsdaten\Mozilla\Firefox\Profiles\eof33nq3.default\extensions\plugin@yontoo.com.xpi => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\dffsetup-dwmapi.exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload(1).exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload(2).exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeDownload.exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubetoMP3Converter(1).exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter(2).exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter.exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter31126.exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_mcpatcher.exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_minecraft-skinedit(1).exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_minecraft-skinedit.exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_painttool-sai.exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Eigene Dateien\Downloads\SoftonicDownloader_fuer_virtual-audio-cable.exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2625848\DVDVideoSoftTB_DEAutoUpdateHelper.exe => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB_DE\ldrtbDVDV.dll => Moved successfully.
C:\Dokumente und Einstellungen\Alex xD\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB_DE\tbDVDV.dll => Moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Anwendungsdaten\Mozilla\Firefox\Profiles\gwjqcd1z.default\extensions\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}\chrome\games_bar_1.jar => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Downloads\FreeYouTubeToMP3Converter.exe => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Downloads\LevelR_Multi_Downloader(3).exe => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero BackItUp 4.2.16.0 Final.exe => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero MediaHome 4.2.10.0 Final.exe => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Eigene Dateien\Programms\Nero_9\Nero Move it 1.2.19.0 .exe => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\ldrtbBro0.dll => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro0.dll => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro1.dll => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\BrotherSoft_Extreme\tbBro2.dll => Moved successfully.
C:\Dokumente und Einstellungen\Paul\Lokale Einstellungen\Anwendungsdaten\ConduitEngine\ConduitEngine.dll => Moved successfully.
C:\Program Files\CPUID\PC Wizard 2013\systweakasp_c.exe => Moved successfully.
C:\Program Files\NexonEU\LostSagaEU\lostsaga.exe => Moved successfully.
C:\Users\computer\Desktop\Paul\Paul\Documents\Downloads\FreeYouTubeToMP3Converter.exe => Moved successfully.
C:\Users\computer\Desktop\Paul\Paul\Documents\Downloads\LevelR_Multi_Downloader(3).exe => Moved successfully.
C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero BackItUp 4.2.16.0 Final.exe => Moved successfully.
C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero MediaHome 4.2.10.0 Final.exe => Moved successfully.
C:\Users\computer\Desktop\Paul\Paul\Documents\Programms\Nero_9\Nero Move it 1.2.19.0 .exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Desktop\Programme\Games\Lost Saga\LostSagaEU_Full.exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\dffsetup-dwmapi.exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload(1).exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload(2).exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeDownload.exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubetoMP3Converter(1).exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter(2).exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter.exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter31126.exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Documents\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Downloads\asc-setup.exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi134-Gif_To_Swf_Converter-ORG-10912145.exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi134-Textools-ORG-10382457.exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Downloads\cbsidlm-cbsi145-Textools-ORG-10382457.exe => Moved successfully.
C:\Users\Dr.Kawaii Fluury\Downloads\GifToSwfConverter_setup.zip => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 368.8 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 14:06:20 ====
         

Alt 08.02.2015, 14:17   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.02.2015, 14:51   #15
Fluury
 
Adware, allerdings nur auf einer Seite. (meines Wissens.) - Standard

Adware, allerdings nur auf einer Seite. (meines Wissens.)



Zitat:
Zitat von cosinus Beitrag anzeigen
Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
Sonst gibt es soweit keine Probleme mit diesem Computer.

Scheint das eine große Menge an Problemen welches dieses Programm erkannt hat von einem der Accounts unserer jüngeren Benutzer auskommt, müsste dann mal ein Wörtchen reden.

Sonst würd ich mich stark bei Ihnen für die Hilfe bedanken! Werde diese Seite definitiv weiterempfehlen. :]

Antwort

Themen zu Adware, allerdings nur auf einer Seite. (meines Wissens.)
adchoices, adware, antivirus, cleaner, einzige, erscheint, externe, externe festplatte, festplatte, firefox, immernoch, installier, lag, laufen, malwarebytes, meldung, nichts, platte, programm, programme, programmen, schlimm, schnell, steam, website, youtube




Ähnliche Themen: Adware, allerdings nur auf einer Seite. (meines Wissens.)


  1. Nachricht beim Öffnen einer Seite auf dem iPhone 5 - Virus?
    Smartphone, Tablet & Handy Security - 07.04.2015 (5)
  2. Verdächtige aktivität nach aufruf einer Spam seite
    Plagegeister aller Art und deren Bekämpfung - 04.09.2014 (1)
  3. Weiterleitung bei erstmaligen besuch einer Seite
    Log-Analyse und Auswertung - 02.08.2013 (10)
  4. PUP.Bundleinstaller, Adware Shopper und Trojan.Downloader...am Ende meines IT-Lateins
    Plagegeister aller Art und deren Bekämpfung - 27.03.2013 (33)
  5. Win7 beim hochfahren ist der desktop blockiert mir einer seite, diese seite kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (1)
  6. GoogleSuche endet immer auf einer 95p.com Seite
    Plagegeister aller Art und deren Bekämpfung - 07.01.2012 (31)
  7. Weisse seite erscheint nach einer Suchangabe.
    Plagegeister aller Art und deren Bekämpfung - 21.09.2011 (3)
  8. Computer infiziert durch Besuch einer verdächtigen Seite?
    Log-Analyse und Auswertung - 30.09.2010 (4)
  9. svchost.exe versucht eine Verbindung mit einer schädlichen Seite herzustellen
    Plagegeister aller Art und deren Bekämpfung - 20.08.2010 (52)
  10. MSN Messenger verschickt Bilder ohne meines Wissens
    Log-Analyse und Auswertung - 29.12.2009 (1)
  11. Bin auf einer komischen Seite gelandet und weiss nicht ob sie gefährlich ist...
    Plagegeister aller Art und deren Bekämpfung - 16.11.2009 (4)
  12. Googlesuche führt nur zu einer Seite: bediddle
    Mülltonne - 18.11.2008 (0)
  13. Problem mit einer Inet Seite
    Plagegeister aller Art und deren Bekämpfung - 23.10.2008 (1)
  14. iexplore.exe beendet sich nach einer bestimmten zeit auf einer seite
    Plagegeister aller Art und deren Bekämpfung - 08.01.2008 (47)
  15. Werbung IN einer Seite
    Mülltonne - 31.03.2007 (1)
  16. Internet startet alle paar minuten mit einer leeren Seite
    Log-Analyse und Auswertung - 01.08.2006 (2)

Zum Thema Adware, allerdings nur auf einer Seite. (meines Wissens.) - Tagchen, Ich besuche tägliche die Website "www.imgur.com" auf meinem Firefox Browser- und mir ist etwas eher schon schlimm auschauliches aufgefallen. Das war definitiv davor nicht da. Ich habe kein Programm - Adware, allerdings nur auf einer Seite. (meines Wissens.)...
Archiv
Du betrachtest: Adware, allerdings nur auf einer Seite. (meines Wissens.) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.