Windows 7: Firewall startet nicht mehr, komme ich um eine Neuinstallation herum? Code:
Alles auswählen Aufklappen ATTFilter
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 04.03.2015
Suchlauf-Zeit: 10:08:15
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.4.1028
Malware Datenbank: v2015.03.04.03
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ***
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 368611
Verstrichene Zeit: 24 Min, 54 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 13
PUP.Optional.Yawtix.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{f9c8ce1b-66a0-4f45-af10-5f24ef19bc4e}, In Quarantäne, [c7bc073ab1d9d561f74137e037ccad53],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HD Cinema Plus 1..7V01.03, In Quarantäne, [236094adaddde94db099c3dfb54eee12],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HD Cinema Plus 1..7V01.03-nv, In Quarantäne, [166d83be5d2d8babea5fa2007b889c64],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HD Cinema Plus 1..7V01.03-nv-ie, In Quarantäne, [e89b5be6cebcb482f356bbe7a360a25e],
PUP.Optional.QuickRef.A, HKLM\SOFTWARE\WOW6432NODE\QuickRef_1.10.0.9, In Quarantäne, [384bcf724248b5810b7c3d698281dc24],
PUP.Optional.QuickRef.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\qrnfd_1_10_0_9, In Quarantäne, [6a1941007a10fc3a2367980e976cb14f],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\HD Cinema Plus 1..7V01.03-nv, Löschen bei Neustart, [770c172ac3c70e28da706a38c53e3ac6],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\HD Cinema Plus 1..7V01.03-nv-ie, Löschen bei Neustart, [c1c2ed54464449edf654dfc3d132f010],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, Löschen bei Neustart, [d7ac97aa404a71c58e19665125deec14],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3442608748-3166315647-1265210741-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\HD Cinema Plus 1..7V01.03-nv, In Quarantäne, [4340cc75008aaa8c96b42f73c2412dd3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3442608748-3166315647-1265210741-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\HD Cinema Plus 1..7V01.03-nv-ie, In Quarantäne, [abd8241de1a9da5c9bafb1f1b64de31d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3442608748-3166315647-1265210741-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\HDCinemaPlus1..7V01.03, In Quarantäne, [41427fc2a0ea2610cc7e62408f74649c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311531182}, In Quarantäne, [9fe4be833f4b6fc7d11d07d87b8a837d],
Registrierungswerte: 0
(Keine schädliche Elemente erkannt)
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 15
PUP.Optional.Datamngr.A, C:\Users\***\AppData\LocalLow\DataMngr, In Quarantäne, [fc87073a2f5bb383ddc1a8c2659e4db3],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\Service, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HD Cinema Plus 1..7V01.03, In Quarantäne, [374c38091872ba7c3582297320e37b85],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\userCode, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\icons, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\icons\actions, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\api, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\popupResource, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
Dateien: 107
PUP.Optional.ZombieNews.A, C:\ProgramData\IpgdOysemtX\dat\BFFQsphLZv.exe, In Quarantäne, [453efc452466c076b69523a040c1e21e],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\IpgdOysemtX\dat\SUgxHPL.dll, In Quarantäne, [4d36152c1476fe381434b614986d728e],
PUP.Optional.Giga, C:\Users\***\Downloads\rKill-lnstall.exe, In Quarantäne, [2f546dd41e6cf73f1461e1dd48bd38c8],
PUP.Optional.Datamngr.A, C:\Users\***\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, In Quarantäne, [fc87073a2f5bb383ddc1a8c2659e4db3],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\terms-of-service.rtf, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\buildcrx-license.txt, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\Info-ZIP-license.txt, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\JSON-simple-license.txt, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\nsJSON-license.txt, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\Nustache-license.txt, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\TaskScheduler-license.txt, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.QuickRef.A, C:\Program Files (x86)\QuickRef_1.10.0.9\3rd Party Licenses\UAC-license.txt, In Quarantäne, [3d464ff2206a4ee84fc9821971926b95],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HD Cinema Plus 1..7V01.03\045500c9-887c-4712-bbab-d6c9a36467e6.crx, In Quarantäne, [374c38091872ba7c3582297320e37b85],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HD Cinema Plus 1..7V01.03\756c8cbf-9406-46b0-affd-4f3d450cb851.xpi, In Quarantäne, [374c38091872ba7c3582297320e37b85],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HD Cinema Plus 1..7V01.03\bgNova.html, In Quarantäne, [374c38091872ba7c3582297320e37b85],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\HD Cinema Plus 1..7V01.03\utils.exe, In Quarantäne, [374c38091872ba7c3582297320e37b85],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\background.html, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\chromeCoreFilesIndex.txt, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\manifest.json, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\popup.html, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\Settings.json, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\manifest.xml, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins.json, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\260.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\102.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\104.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\119.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\123.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\13.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\14.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\17.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\178.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\179.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\180.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\184.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\19.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\195.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\200.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\220.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\221.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\223.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\231.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\232.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\234.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\242.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\246.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\252.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\253.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\262.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\263.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\264.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\273.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\281.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\286.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\288.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\289.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\300.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\315.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\334.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\335.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\345.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\354.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\356.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\380.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\4.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\47.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\64.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\7.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\78.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\80.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\9.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\91.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\93.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\plugins\97.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\userCode\background.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\extensionData\userCode\extension.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\icons\icon128.png, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\icons\icon16.png, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\icons\icon48.png, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\icons\actions\1.png, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\590f82319e6fd9345ccbe850c1ad2d7f.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\f198c9eeac28ed12946091625cb88c77.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\main.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\api\5aa10c4956bc395f6b0668beb3deae1e.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\api\71384254612be1caaa811d79ae324a66.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\api\8f820729c05732e7a58b53360a23a906.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\api\d3a662c35ff7fce011ad08726d68e569.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\api\e100ddbaae7d78374d91515c264b22d4.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\api\pageAction.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\9f22f688830f59787df600074ac03dfa.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\131590f7aaf2c988c9364bb0a08bcf02.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\3ae2750fad6dd2ea95bb09cef40bb835.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\3d09570459270163280eb8f4379865bf.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\628c34a3ece0f16eea74d84b4311a9df.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\77c2748148e3ee3f2fd2bffdba6fec8d.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\90fc1b075354ec0e13077bc9f051012e.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\9453f3decd1a07e0ad1866c3623cf47e.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\98ea4eab5b5de7c15c5383f94117aa63.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\app_api.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\c53872081fb30b5e44b70595c001fc47.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\cea42e9bcaa7f28f1a85d2da0ffbbaed.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\df473de355f21724f955354b2bba9f06.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\eef9c9fb067c82ee83609e02bedd1b50.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\f4436449e714ca6c68ba7cce8c8db4cc.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\installer.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\popupResource\newPopup.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
PUP.Optional.CrossRider.A, C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni\1.26.25_0\js\lib\popupResource\popup.js, In Quarantäne, [eb98d07122684de91a6ea3fa50b338c8],
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end)
Code:
Alles auswählen Aufklappen ATTFilter
# AdwCleaner v4.111 - Bericht erstellt 04/03/2015 um 10:48:56
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-03-02.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : *** - ***-HP
# Gestarted von : C:\Users\***\Downloads\adwcleaner_4.111.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [istart_ffnt@gmail.com]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickRef_1.10.0.9
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v36.0 (x86 de)
-\\ Google Chrome v40.0.2214.115
*************************
AdwCleaner[R0].txt - [325 Bytes] - [01/03/2015 22:41:59]
AdwCleaner[R1].txt - [31390 Bytes] - [02/03/2015 10:56:32]
AdwCleaner[R2].txt - [1264 Bytes] - [04/03/2015 10:40:42]
AdwCleaner[S0].txt - [28567 Bytes] - [02/03/2015 10:58:33]
AdwCleaner[S1].txt - [1186 Bytes] - [04/03/2015 10:48:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1245 Bytes] ##########
Code:
Alles auswählen Aufklappen ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by *** on 04.03.2015 at 10:53:13,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{03B6E944-A8C0-4E06-927E-7A79BC669382}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{08A7929C-052F-4931-B191-CCF15DB2C89A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{093B9671-3984-42B5-ABDF-72B19F8C8AD0}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0A1FF9D2-5030-4076-812B-1E9FC332CCDE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0BE058BD-B3EB-4C3A-AD04-95D973BAE673}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0E4E84C3-437E-490A-9555-14A26A924238}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0E8CA386-555F-40A1-983D-B5115C018447}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1353D84A-1BBB-4D00-B0F0-1A9BC583F228}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{154C47AC-B957-44AF-A07A-7CBC69B9CF3C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1655116B-2617-4E50-B3D8-B452460DACBB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{17F03265-6793-4CFD-8AD0-54916B6D37CC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1DFF9BE5-DAFE-40CF-A144-4313872B52F3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{249F8F71-9526-493B-8FD9-623829EE648E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{251CE694-B6FD-425A-A26B-34CA9E38DFD8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{26E92ED5-AB62-4050-BE77-0B4550FAA329}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2D3B87FE-D9F1-4967-A08A-20C27F54F031}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2D666A49-E86E-465A-962A-BF01CD6864FB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{3045E7FF-0ED7-4BF3-87C6-730E604BB968}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{373434EC-873F-4CEF-B33E-97CA359A53AE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{37884A32-F2F2-4D4D-9997-CB044C74CAFF}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{38F3FD50-D605-45A0-AFF5-7C62004B0588}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{3B7AD84D-683D-47A1-988E-55A61C32C5EF}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{3CE573B2-E3B9-40E5-BFB2-2B0611CDD3C8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{40A91355-E59F-4736-900C-46D738FDE8B3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{411F1B71-2E7F-4902-A405-0E39FC3D97AE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{43960C83-8B8B-4B9B-AB99-C1C8656CCB34}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{455764E3-2E86-49EF-B64D-AE096D1E4278}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4B0190EF-8AF4-44B6-9839-684101453F96}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{54BFF67D-29C2-4A04-959A-5859D45B3591}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{54FC8213-6BB6-47A7-97BE-EA5933B421DE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5523C032-B01F-43CD-8D20-BE190919F15D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{55A8014A-4418-48AD-A352-408272CF8D0B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5624B6A3-40C0-44BE-8324-EEC33AD0D65A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5637F41A-1959-4D77-8B7F-68CA75B1AFBA}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{56FEADCC-08CC-4591-A5A6-C94F0B2B2CE7}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5E23066D-2CF0-4BC2-8BF6-A06B9D8790AA}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5E542CA1-2A55-43B0-BD98-0B9CB9B8D086}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5EE13A26-A1B4-4253-93AF-46F309159C3E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{607C80C9-4792-4147-8559-108EDCB44100}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6086EAC5-DB9E-42D8-A2C2-76CBF8746D63}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{614A9F2C-0FF2-487C-948D-52A22164723D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{661B093A-2200-4140-8E8A-432666D2F3C2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{680BBD28-1BF7-4E69-B0B4-923315D41AF9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{68149EB9-F561-4134-8104-84D0AEE53491}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6B015BF6-8F59-40D1-B969-F1F7B558B395}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6C88F306-B24A-4191-9B13-0D367B5A75F8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6F614463-FAC0-412D-B875-5029DCB570FA}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7047D603-919F-457D-9927-20DC018F6DF8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7420E0EE-FCC9-4374-94FF-482C7ACC88F9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{7CAF4AB1-D8F5-4F47-BA3C-6D91F5E4E282}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{809E84A7-2454-4CEA-AC31-2E42337754BD}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{82540DEE-4D44-4183-8C4A-EC4E81EA522A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{82EADDD5-B483-4456-8224-E308C84B67C0}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{84087C9F-A280-4322-AA49-6883B9B39469}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{84B5CA10-FD72-4980-A28E-CF353C3A0BE2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{880BDFC0-9C2F-470B-A028-988E6E662516}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8A989C1B-DB8C-4EF6-B27C-859F188838B9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8D567278-3D17-4C6B-8D62-D349A12155D2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8E6618F7-5E40-42FF-9D2A-4E6F978BF00E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8E8E17F6-F8EE-4D74-A1D7-98C4848027A9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8F740FDF-0828-43DE-B085-35626BE68330}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{96AC061D-B083-4DB4-A604-0C9DA1BD5EE0}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{99AAD1A8-72D2-446C-91DD-5515C1E446A1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9D9EDF90-CD70-421A-9909-33486E79AAB4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9E551682-9361-42B9-A03E-7A07E4D6FE93}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A11E034B-64E6-4C9F-8339-15601D4360F5}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A28D11F7-07FC-43CC-AA29-1476F3BA0689}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A3228A5B-8B99-4C5E-A8BF-800A6816DA6F}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A8985FE6-4728-4604-B8B2-D2B0BBB38525}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{AAEACD50-4A60-4ECE-A139-50D627B6ED7C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{AB64E4BB-55DE-4DF0-A0E6-B55E2BD3798D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{AED1826E-2AAC-4813-BAB4-7306CC9771A2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B33892D4-2001-409D-B2FB-6BFFB2E5C821}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B5A55D96-B379-4076-80DE-214DC050F75A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BA255164-2923-4FBC-B49F-2AB04EA45A3F}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BE662735-763E-4321-AD51-D72855E0FA63}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C3B76520-EAE3-486B-B857-E4B6D132B1DF}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C519267E-F540-471F-A347-BDE79BF5168F}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C6B0DBA0-8A79-4EB8-BFC3-E72BE4528A86}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CA731E2F-65A2-4493-8CC2-79D81A9A6CB7}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CAEE50E0-0B0C-43B3-AF2A-004F3D79D908}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CBF6D400-5473-4A22-B73A-5DB887FDB1B9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CC9C7F4A-3663-4466-BDC9-C77110C66BFE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CCAFC268-E014-4FF3-B402-4706D1C4F317}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D03F2E84-4924-49D4-A4DF-129E94806E72}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{DA9DD54C-F9E3-4BAE-99BA-1CE25FF01D0F}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{DCAA8646-4F65-456E-A76F-8984756DE1C9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{DE5F3B47-90E3-4C4E-8734-5B74FC9F896D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{DEF0841F-CB53-45DA-BB74-F8328C146850}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{DF72680B-15FC-4C8E-AF28-65DFF47D7801}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E39BFF40-9885-4398-9099-B98D30C847C1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{EB3EFB63-02D0-4B29-B9AA-4927B5088BBA}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F332309A-B3E6-455F-9FDA-79F51D9F43CE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F3FB2F20-A676-4CFF-96A0-DB67E73F20DA}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F4189B12-9EFC-4D41-8B40-EC2020A6220E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F4B037CE-D483-4EE5-8DF9-26DACDFC64DF}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F757D611-A33D-407D-A9CE-07BEDF4121AA}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F80638DE-7EB0-4F36-8288-4AECE97E01D3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FC5862A4-5073-41C6-B660-2E518424A173}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FDBB5904-4DE3-4F17-8F41-7E4B00E60D7E}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted: [Folder] C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\d8lkupy5.default-1382554203178\extensions\toolbar@web.de
Successfully deleted the following from C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\d8lkupy5.default-1382554203178\prefs.js
user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
user_pref("browser.search.searchengine.ptid", "tt4u");
user_pref("browser.search.searchengine.uid", "ST9500325AS_6VESH81K");
user_pref("extensions.trusted-ads.TrustAd", "{\"r\":[{\"t\":\"FQDN\",\"r\":\"trustedads.adtrustmedia.com\",\"c\":[{\"i\":\"1\",\"s\":[\"mmgads.com\",\"www.ad2ad.ir\",\"www.pro
user_pref("extensions.trusted-ads.options", "{\"categories\":{\"1\":{\"title\":\"Ad Networks\",\"total\":1760,\"threats\":[\"display.clickpoint.com\",\"www.africawin.com\",\"b
Emptied folder: C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\d8lkupy5.default-1382554203178\minidumps [30 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.03.2015 at 10:57:03,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
Ran by *** (administrator) on ***-HP on 04-03-2015 10:59:45
Running from C:\Users\***\Downloads
Loaded Profiles: *** (Available profiles: ***)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2015-03-01] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3442608748-3166315647-1265210741-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256 2015-02-08] (Google)
HKU\S-1-5-21-3442608748-3166315647-1265210741-1000\...\Run: [Spotify Web Helper] => C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-18] (Spotify Ltd)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * 1????????????�?`t????????�??????????????????ae???�AC:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3442608748-3166315647-1265210741-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3442608748-3166315647-1265210741-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {64E31182-ECC8-414D-9151-D759981F3DA6} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {64E31182-ECC8-414D-9151-D759981F3DA6} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-3442608748-3166315647-1265210741-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-04-20] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{481A47C2-6459-4798-9CE9-97F000667D55}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{A7388F77-9C37-40BE-8DE8-57FF5F9F824D}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{CDE87808-211D-4651-961E-A17A9415DDD7}: [NameServer] 156.154.70.25,156.154.71.25
FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\d8lkupy5.default-1382554203178
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\d8lkupy5.default-1382554203178\Extensions\abs@avira.com [2015-03-02]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\d8lkupy5.default-1382554203178\Extensions\adblockpopups@jessehakanen.net.xpi [2014-10-20]
FF Extension: {fb7a27c8-c8e9-4b48-b06e-eea84e98288d} - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\d8lkupy5.default-1382554203178\Extensions\{fb7a27c8-c8e9-4b48-b06e-eea84e98288d}.xpi [2014-06-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-02-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-02-25]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-03-02]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hp&ts=1425244323&from=squadm&uid=ST9500325AS_6VESH81K
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1425244323&from=squadm&uid=ST9500325AS_6VESH81K"
CHR DefaultSearchKeyword: Default -> istartsurf
CHR DefaultSearchURL: Default -> hxxp://www.istartsurf.com/web/?type=ds&ts=1425244323&from=squadm&uid=ST9500325AS_6VESH81K&q={searchTerms}
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-28]
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-28]
CHR Extension: (Google Search) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-28]
CHR Extension: (No Name) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjfiaeaopgmgbenipljajjipecobmbni [2015-03-01]
CHR Extension: (No Name) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\gimkdkfdpcikeiiedmgmlhphnjcekhoo [2015-03-01]
CHR Extension: (No Name) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkilfadjoneaheacgmkahfgcjchkpad [2014-06-11]
CHR Extension: (Google Wallet) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Gmail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-28]
CHR HKU\S-1-5-21-3442608748-3166315647-1265210741-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\***\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-03-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2015-03-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2015-03-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2015-03-01] (Avira Operations GmbH & Co. KG)
S4 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-28] (LogMeIn, Inc.)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
S4 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-04-30] (Nitro PDF Software)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2014-12-18] (Tunngle.net GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 cae99edb; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Super Optimizer\SupOptStats.dll",ENT
S2 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2015-03-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2015-03-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-06] (Disc Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-04-05] (EldoS Corporation)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24592 2008-10-23] (IBM)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-09-30] (EldoS Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2012-05-20] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2014-12-18] (Tunngle.net)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-04 10:59 - 2015-03-04 11:00 - 00020891 _____ () C:\Users\***\Downloads\FRST.txt
2015-03-04 10:57 - 2015-03-04 10:57 - 00012416 _____ () C:\Users\***\Desktop\JRT.txt
2015-03-04 10:51 - 2015-03-04 10:51 - 01388333 _____ (Thisisu) C:\Users\***\Downloads\JRT.exe
2015-03-04 10:36 - 2015-03-04 10:36 - 00029075 _____ () C:\Users\***\Desktop\mbam.txt
2015-03-04 10:07 - 2015-03-04 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-03-04 10:07 - 2015-03-04 10:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-03-04 10:07 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-04 10:07 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-04 10:04 - 2015-03-04 10:04 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\***\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-03 17:33 - 2015-03-03 17:33 - 608338589 _____ () C:\Windows\MEMORY.DMP
2015-03-03 17:33 - 2015-03-03 17:33 - 00262144 _____ () C:\Windows\Minidump\030315-26442-01.dmp
2015-03-03 17:01 - 2015-03-03 17:04 - 00034203 _____ () C:\ComboFix.txt
2015-03-03 16:45 - 2015-03-03 17:01 - 00000000 ____D () C:\Qoobox
2015-03-03 16:45 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-03 16:45 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-03 16:45 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-03 16:45 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-03 16:45 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-03 16:45 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-03 16:45 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-03 16:45 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-03 16:44 - 2015-03-03 17:00 - 00000000 ____D () C:\Windows\erdnt
2015-03-03 16:43 - 2015-03-03 16:44 - 05612482 ____R (Swearware) C:\Users\***\Downloads\ComboFix.exe
2015-03-03 10:03 - 2015-03-03 10:03 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-03-03 03:00 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-03 03:00 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-03-02 16:47 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-02 16:47 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-02 16:47 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-02 16:47 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-02 12:30 - 2015-03-02 12:30 - 16502728 _____ (Malwarebytes Corp.) C:\Users\***\Downloads\mbar-1.09.1.1004.exe
2015-03-02 12:21 - 2015-03-02 12:21 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\***\Downloads\tdsskiller.exe
2015-03-02 12:20 - 2015-03-02 12:20 - 00000572 _____ () C:\Users\***\Downloads\defogger_disable.log
2015-03-02 11:52 - 2015-03-02 12:15 - 00017074 _____ () C:\Users\***\Desktop\GMER.log
2015-03-02 11:49 - 2015-03-02 11:49 - 00380416 _____ () C:\Users\***\Downloads\Gmer-19357.exe
2015-03-02 11:47 - 2015-03-02 11:54 - 00052224 _____ () C:\Users\***\Desktop\Addition.txt
2015-03-02 11:46 - 2015-03-04 10:59 - 00000000 ____D () C:\FRST
2015-03-02 11:46 - 2015-03-02 11:54 - 00062948 _____ () C:\Users\***\Desktop\FRST.txt
2015-03-02 11:45 - 2015-03-02 11:45 - 02092544 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2015-03-02 11:45 - 2015-03-02 11:45 - 00000574 _____ () C:\Users\***\Desktop\defogger_disable.log
2015-03-02 11:45 - 2015-03-02 11:45 - 00000188 _____ () C:\Users\***\defogger_reenable
2015-03-02 11:44 - 2015-03-02 11:44 - 00050477 _____ () C:\Users\***\Downloads\Defogger.exe
2015-03-02 11:33 - 2015-03-02 11:33 - 00000000 ____D () C:\navigon123
2015-03-02 11:21 - 2015-03-02 11:21 - 00074703 _____ () C:\Windows\SysWOW64\mfc45.dat
2015-03-02 11:08 - 2015-03-02 11:08 - 00002090 _____ () C:\Users\***\Desktop\Rkill.txt
2015-03-02 10:50 - 2015-03-02 10:50 - 00000000 ____D () C:\Users\***\Desktop\rkill
2015-03-02 10:50 - 2015-03-02 10:50 - 00000000 ____D () C:\Users\***\AppData\Local\Temp7732e6817aba858991cb6a1f76235162
2015-03-02 10:50 - 2015-03-02 10:50 - 00000000 ____D () C:\Program Files (x86)\WEB.DE MailCheck
2015-03-02 10:49 - 2015-03-02 10:49 - 00000000 ____D () C:\Users\***\Downloads\rKill
2015-03-02 10:49 - 2015-03-02 10:49 - 00000000 ____D () C:\Users\***\AppData\Local\Temp59dc060b391d046ba0dc22d3f9c3c01e
2015-03-02 10:33 - 2015-03-02 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-02 05:00 - 2015-03-02 05:00 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-02 03:34 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-02 03:34 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-02 03:34 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-02 03:34 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-02 03:34 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-02 03:34 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-02 03:34 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-02 03:34 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-02 03:34 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-02 03:34 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-02 03:11 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-03-02 03:11 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-03-01 22:47 - 2015-03-01 22:47 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-01 22:41 - 2015-03-04 10:48 - 00000000 ____D () C:\AdwCleaner
2015-03-01 22:39 - 2015-03-01 22:40 - 02126848 _____ () C:\Users\***\Downloads\adwcleaner_4.111.exe
2015-03-01 22:27 - 2015-03-01 22:27 - 00003152 _____ () C:\Windows\System32\Tasks\{7DAD2B53-5CC4-4D5A-929B-2D752A7CAF25}
2015-03-01 22:18 - 2015-03-01 22:16 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-01 22:15 - 2015-03-01 22:48 - 00000000 ____D () C:\ProgramData\{b0ded784-c691-9ac8-b0de-ed784c695e13}
2015-03-01 22:11 - 2015-03-01 22:52 - 00000000 ____D () C:\ProgramData\IpgdOysemtX
2015-03-01 22:08 - 2015-03-01 22:10 - 00008544 _____ () C:\Windows\SysWOW64\BasementDusterOff.ini
2015-03-01 22:08 - 2015-03-01 22:10 - 00008544 _____ () C:\Windows\system32\BasementDusterOff.ini
2015-03-01 22:07 - 2015-02-24 14:51 - 00318808 _____ (OM Inc.) C:\Windows\SysWOW64\BDL.dll
2015-03-01 22:05 - 2015-03-01 22:05 - 00000000 ____D () C:\Users\***\AppData\Roaming\Avira
2015-03-01 22:04 - 2015-03-02 10:33 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-03-01 22:04 - 2015-03-01 22:16 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-01 22:04 - 2015-03-01 22:16 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-01 22:04 - 2015-03-01 22:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-01 22:04 - 2013-12-18 09:32 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-03-01 22:03 - 2015-03-01 22:03 - 00000000 ____D () C:\Users\***\AppData\Roaming\dlg
2015-03-01 21:57 - 2015-03-03 10:05 - 00000000 ____D () C:\Users\***\AppData\Local\31464E43-1425247025-5A31-5236-2C27D7D09030
2015-03-01 21:56 - 2015-03-03 10:05 - 00000000 ____D () C:\Users\***\AppData\Roaming\31464E43-1425246975-5A31-5236-2C27D7D09030
2015-03-01 21:31 - 2015-03-01 21:31 - 01010176 _____ () C:\Users\***\Downloads\MicrosoftFixit50884.msi
2015-03-01 21:25 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-01 21:25 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-01 21:25 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-01 21:25 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-01 21:19 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-01 21:19 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-01 21:19 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-01 21:19 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-01 21:19 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-01 21:19 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-01 21:19 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-01 21:19 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-03-01 21:19 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-01 21:19 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-01 21:19 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-01 21:19 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-01 21:19 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-01 21:19 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-01 21:19 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-01 21:19 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-01 21:19 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-01 21:19 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-01 21:19 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-01 21:19 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-01 21:19 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-01 21:19 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-01 21:19 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-01 21:19 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-03-01 21:19 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-03-01 21:19 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-03-01 21:19 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-03-01 21:19 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-03-01 21:19 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-03-01 21:19 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-03-01 21:19 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-03-01 21:18 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-01 21:18 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-01 21:18 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-01 21:18 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-01 21:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-01 21:18 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-01 21:18 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-01 21:18 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-01 21:18 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-01 21:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-01 21:18 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-01 21:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-01 21:18 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-01 21:18 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-01 21:18 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-01 21:18 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-01 21:18 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-01 21:18 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-01 21:18 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-01 21:18 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-01 21:18 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-01 21:18 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-01 21:18 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-01 21:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-01 21:18 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-01 21:18 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-01 21:18 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-01 21:18 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-01 21:18 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-01 21:18 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-01 21:18 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-01 21:18 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-01 21:18 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-01 21:18 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-01 21:18 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-01 21:18 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-01 21:18 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-01 21:18 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-01 21:18 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-01 21:18 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-01 21:18 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-01 21:18 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-01 21:18 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-01 21:18 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-01 21:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-01 21:18 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-01 21:18 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-01 21:18 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-01 21:18 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-01 21:18 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-01 21:18 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-01 21:18 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-01 21:18 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-01 21:18 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-01 21:18 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-01 21:18 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-03-01 21:18 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-03-01 21:18 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-03-01 21:18 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-03-01 21:18 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-03-01 21:18 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-03-01 21:17 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-01 21:17 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-01 21:17 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-01 21:17 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-01 21:17 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-01 21:17 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-01 21:17 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-01 21:17 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-01 21:17 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-01 21:17 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-01 21:17 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-01 21:17 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-01 21:17 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-01 21:17 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-01 21:17 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-01 21:17 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-01 21:17 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-01 21:17 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-01 21:17 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-01 21:17 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-01 21:17 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-01 21:17 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-01 21:17 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-01 21:17 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-03-01 21:17 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-03-01 21:17 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-03-01 21:17 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-01 21:17 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-01 21:17 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-01 21:17 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-01 21:17 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-01 21:17 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-01 21:17 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-01 21:17 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-01 21:17 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-01 21:17 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-01 21:17 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-01 21:17 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-03-01 21:17 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-03-01 21:17 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-03-01 21:17 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-01 21:17 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-03-01 21:17 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-03-01 21:17 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-03-01 21:17 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-03-01 21:17 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-03-01 21:17 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-03-01 21:17 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-03-01 21:17 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-03-01 21:17 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-03-01 21:17 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-01 21:17 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-01 21:17 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-01 21:17 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-01 21:16 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-01 21:15 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-03-01 21:15 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-03-01 21:15 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-03-01 21:15 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-03-01 21:15 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-03-01 21:15 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-03-01 21:15 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-03-01 21:15 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-03-01 21:15 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-03-01 21:15 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-03-01 21:15 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-03-01 21:15 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-03-01 21:15 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-03-01 21:15 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-03-01 21:15 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-03-01 21:15 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-03-01 21:14 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-03-01 21:14 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-03-01 21:13 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-03-01 21:13 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-03-01 21:13 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-03-01 21:13 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-03-01 21:13 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-03-01 21:13 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-03-01 21:11 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-01 21:11 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-01 21:11 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-01 21:11 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-01 21:10 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-01 21:10 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-01 21:10 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-01 21:10 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-01 21:10 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-01 21:10 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-01 21:10 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-01 21:08 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-28 23:02 - 2015-03-04 10:50 - 00000000 ____D () C:\Users\***\AppData\Local\LogMeIn Hamachi
2015-02-28 23:02 - 2015-02-28 23:02 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-02-28 23:02 - 2015-02-28 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-28 23:02 - 2015-02-28 23:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-28 22:59 - 2015-02-28 22:59 - 01203488 _____ () C:\Users\***\Downloads\LogMeIn Hamachi - CHIP-Installer.exe
2015-02-28 21:26 - 2005-09-22 21:23 - 00005772 _____ () C:\Users\***\Downloads\sharedaccess.reg
2015-02-28 21:25 - 2015-02-28 21:25 - 00001098 _____ () C:\Users\***\Downloads\sharedaccess.zip
2015-02-25 20:40 - 2015-02-25 20:40 - 00159230 _____ () C:\Users\***\Downloads\Zeiterfassungsblatt 2014 Marzuillo(1).xlsx
2015-02-25 20:15 - 2015-03-02 10:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-25 12:35 - 2015-02-25 12:35 - 00159230 _____ () C:\Users\***\Downloads\Zeiterfassungsblatt 2014 Marzuillo.xlsx
2015-02-16 16:20 - 2015-02-28 23:02 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2015-02-10 00:32 - 2015-02-10 00:32 - 00010998 _____ () C:\Users\***\Documents\Platzhirsch.xlsx
2015-02-08 23:52 - 2015-02-08 23:52 - 00639912 _____ (Oracle Corporation) C:\Users\***\Downloads\jxpiinstall.exe
2015-02-08 11:09 - 2015-02-08 11:22 - 06702954 _____ () C:\Users\***\Downloads\Akustik V4.pptx
2015-02-08 10:25 - 2015-03-04 10:50 - 00000000 ___RD () C:\Users\***\Google Drive
2015-02-08 10:25 - 2015-02-08 11:10 - 00001906 _____ () C:\Users\***\Desktop\Google Drive.lnk
2015-02-08 10:22 - 2015-02-08 10:22 - 00880208 _____ (Google Inc.) C:\Users\***\Downloads\googledrivesync.exe
2015-02-08 10:22 - 2015-02-08 10:22 - 00002042 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2015-02-08 10:22 - 2015-02-08 10:22 - 00002040 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2015-02-08 10:22 - 2015-02-08 10:22 - 00002030 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2015-02-08 10:22 - 2015-02-08 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-02-08 00:43 - 2015-03-04 10:38 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-08 00:43 - 2015-03-04 10:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-08 00:43 - 2015-03-02 13:42 - 00000000 ____D () C:\Users\***\Desktop\mbar
2015-02-08 00:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-08 00:42 - 2015-02-08 00:42 - 16466552 _____ (Malwarebytes Corp.) C:\Users\***\Downloads\mbar-1.08.3.1004.exe
2015-02-05 23:48 - 2015-02-05 23:48 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-04 10:58 - 2009-07-14 05:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-04 10:58 - 2009-07-14 05:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-04 10:57 - 2011-05-13 00:42 - 01106929 _____ () C:\Windows\WindowsUpdate.log
2015-03-04 10:50 - 2012-07-03 16:43 - 00000000 ___RD () C:\Users\***\Dropbox
2015-03-04 10:50 - 2012-07-03 16:42 - 00000000 ____D () C:\Users\***\AppData\Roaming\Dropbox
2015-03-04 10:49 - 2013-10-26 12:39 - 00017584 _____ () C:\Windows\setupact.log
2015-03-04 10:49 - 2013-10-26 12:38 - 00672230 _____ () C:\Windows\PFRO.log
2015-03-04 10:49 - 2013-08-28 18:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-04 10:49 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-04 10:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-04 10:48 - 2012-04-04 08:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-04 10:42 - 2011-09-22 18:37 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DD6E649E-A66D-40AB-8278-902AD72A056B}
2015-03-04 10:31 - 2013-08-28 18:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-04 10:07 - 2013-10-23 18:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-04 00:18 - 2013-08-03 01:47 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-04 00:10 - 2014-11-05 10:39 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleFor***
2015-03-04 00:10 - 2014-11-05 10:39 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleFor***.job
2015-03-03 17:33 - 2011-09-25 00:48 - 00000000 ____D () C:\Windows\Minidump
2015-03-03 17:01 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-03 16:55 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-03 04:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-02 13:10 - 2013-11-18 13:15 - 00000000 ____D () C:\Program Files (x86)\iolo
2015-03-02 13:09 - 2011-05-13 00:42 - 00000000 ____D () C:\Windows\SoftwareDistribution.old
2015-03-02 11:45 - 2011-09-22 18:31 - 00000000 ____D () C:\Users\***
2015-03-02 11:14 - 2011-04-20 08:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-02 10:58 - 2013-08-28 18:43 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-02 10:58 - 2013-08-28 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-02 10:58 - 2011-10-03 22:35 - 00000000 ____D () C:\ProgramData\ICQ
2015-03-02 10:58 - 2011-09-22 18:57 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-02 10:58 - 2011-09-22 18:57 - 00001053 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-02 10:58 - 2011-09-22 18:37 - 00000995 _____ () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-02 10:58 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-02 10:50 - 2011-10-30 23:37 - 00000000 ____D () C:\Users\***\AppData\Local\CrashDumps
2015-03-02 10:49 - 2014-06-11 15:40 - 00000185 _____ () C:\Users\***\Desktop\Amazon.de.url
2015-03-02 10:49 - 2014-06-11 15:40 - 00000000 ____D () C:\Users\***\ChromeExtensions
2015-03-02 05:28 - 2011-09-22 18:35 - 00124376 _____ () C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-02 05:23 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-02 05:21 - 2009-07-14 05:45 - 00479536 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-02 05:00 - 2014-05-07 08:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-02 05:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-02 05:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-02 05:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-03-02 04:48 - 2012-03-13 15:15 - 00000000 ____D () C:\Users\***\AppData\Roaming\Spotify
2015-03-02 04:37 - 2011-10-20 15:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-02 04:16 - 2014-06-24 22:18 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-02 04:07 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2015-03-02 03:40 - 2011-10-10 21:29 - 01745566 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-02 03:40 - 2011-04-20 18:24 - 00792830 _____ () C:\Windows\system32\perfh007.dat
2015-03-02 03:40 - 2011-04-20 18:24 - 00205024 _____ () C:\Windows\system32\perfc007.dat
2015-03-02 03:40 - 2009-07-14 06:13 - 01745566 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-01 22:04 - 2013-03-11 08:49 - 00000000 ____D () C:\ProgramData\Avira
2015-02-28 23:37 - 2013-11-18 17:54 - 00000000 ____D () C:\ProgramData\COMODO
2015-02-28 23:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-28 22:57 - 2014-12-18 18:42 - 00000000 ____D () C:\ProgramData\Tunngle
2015-02-27 20:21 - 2012-04-25 21:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-27 20:00 - 2012-03-13 15:15 - 00000000 ____D () C:\Users\***\AppData\Local\Spotify
2015-02-26 00:42 - 2014-08-14 10:08 - 00000000 ____D () C:\Users\***\Documents\OpenTTD
2015-02-16 17:26 - 2012-07-03 16:43 - 00001234 _____ () C:\Users\***\Desktop\Dropbox.lnk
2015-02-16 16:39 - 2012-07-03 16:42 - 00000000 ____D () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 02:00 - 2014-06-23 20:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-12 01:04 - 2012-12-07 19:48 - 00003218 _____ () C:\Windows\System32\Tasks\HPCeeScheduleFor***-HP$
2015-02-12 01:04 - 2012-12-07 19:48 - 00000342 _____ () C:\Windows\Tasks\HPCeeScheduleFor***-HP$.job
2015-02-09 23:28 - 2014-12-30 00:58 - 00053090 _____ () C:\Users\***\Documents\MappeTour.xlsx
2015-02-08 23:57 - 2013-10-03 14:08 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-08 23:56 - 2013-10-23 20:50 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-08 23:54 - 2013-10-23 20:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-08 23:54 - 2013-10-03 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-08 23:53 - 2014-11-10 17:16 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-08 23:53 - 2014-11-10 17:16 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-08 23:53 - 2014-11-10 17:16 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-08 10:23 - 2013-08-28 18:40 - 00000000 ____D () C:\Users\***\AppData\Local\Google
2015-02-08 10:22 - 2013-08-28 18:40 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-05 23:48 - 2012-04-04 08:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 23:48 - 2012-04-04 08:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 23:48 - 2011-09-22 21:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 22:26 - 2013-08-28 18:40 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-03 22:26 - 2013-08-28 18:40 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2012-10-17 16:09 - 2012-10-17 16:09 - 0009142 _____ () C:\Users\***\AppData\Roaming\CompatAdmin.log
2014-11-06 19:37 - 2014-11-27 17:51 - 0000000 _____ () C:\Users\***\AppData\Roaming\FileIn.cns
2014-11-06 19:37 - 2014-11-27 17:51 - 0000000 _____ () C:\Users\***\AppData\Roaming\FileOut.cns
2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\***\AppData\Roaming\GVX
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\***\AppData\Roaming\NKSYZISP
2012-07-12 11:55 - 2012-07-12 11:55 - 0000048 _____ () C:\Users\***\AppData\Local\***-HP.cfg
Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\avgnt.exe
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjkzgha.dll
C:\Users\***\AppData\Local\Temp\Quarantine.exe
C:\Users\***\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-23 19:31
==================== End Of Log ============================
--- --- ---
--- --- ---
WARNUNG an die MITLESER: 
Linear-Darstellung
