Chrome öffnet sich von alleine und öffnet dann Popup Fenster

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by Ugur (administrator) on UGUR-PC on 03-03-2015 12:36:04
Running from C:\Users\Ugur\Downloads
Loaded Profiles: Ugur & UpdatusUser (Available profiles: Ugur & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AxoNet Software GmbH) C:\Program Files\Windows Server\Bin\LightsOutClientService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Launchpad.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Spotify Ltd) C:\Users\Ugur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AxoNet Software GmbH) C:\Program Files\Windows Server\Bin\LightsOutClientGui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows\WER\wermgr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WhsMcClient.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\LANConfigSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Ugur\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [Launchpad] => C:\Program Files\Windows Server\Bin\Launchpad.exe [1099360 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [wermgr] => C:\ProgramData\Microsoft\Windows\WER\wermgr.exe [6786560 2015-01-09] (Microsoft Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Run: [Facebook Update] => "C:\Users\Ugur\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Run: [Spotify Web Helper] => C:\Users\Ugur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-03-01] (Spotify Ltd)
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Run: [GoogleChromeAutoLaunch_6E7E2DFC7A27BA7E7C590946A61463AE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\MountPoints2: L - L:\LaunchU3.exe -a
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\MountPoints2: {06be9a6b-746d-11e2-9361-f46d048fadd5} - F:\setup.exe
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\...\MountPoints2: {84d28340-7fcd-11e2-aeeb-f46d048fadd5} - L:\LaunchU3.exe -a
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-3757739924-4194404402-1720301288-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
IFEO\ehshell.exe: [Debugger] "C:\Program Files (x86)\XBMCLauncher\XbmcLauncher.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lights-Out Client.lnk
ShortcutTarget: Lights-Out Client.lnk -> C:\Program Files\Windows Server\Bin\LightsOutClientGui.exe (AxoNet Software GmbH)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-3757739924-4194404402-1720301288-1000] => Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?rlz=1W4CHBA_deDE566
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3757739924-4194404402-1720301288-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3757739924-4194404402-1720301288-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3757739924-4194404402-1720301288-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3757739924-4194404402-1720301288-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Ugur\AppData\Roaming\Mozilla\Firefox\Profiles\jn3halhh.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3757739924-4194404402-1720301288-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ugur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Extension: Avira Browser Safety - C:\Users\Ugur\AppData\Roaming\Mozilla\Firefox\Profiles\jn3halhh.default\Extensions\abs@avira.com [2015-02-06]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-02-11]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-02-11]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-02]
CHR Extension: (Google Docs) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-02]
CHR Extension: (Google Drive) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-02]
CHR Extension: (TV) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-03-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-02]
CHR Extension: (YouTube) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-02]
CHR Extension: (Google Search) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-02]
CHR Extension: (Logitech SetPoint) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2015-03-02]
CHR Extension: (Google Calendar) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-03-02]
CHR Extension: (Google Sheets) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-02]
CHR Extension: (Avira Browser Safety) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-02]
CHR Extension: (AdBlock) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-02]
CHR Extension: (Google Maps) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-03-02]
CHR Extension: (Premiumize.me) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm [2015-03-02]
CHR Extension: (Gmail) - C:\Users\Ugur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-02]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-02-11]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-03] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 LoClntService; C:\Program Files\Windows Server\bin\LightsOutClientService.exe [22152 2013-12-19] (AxoNet Software GmbH)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [41568 2012-11-02] (Microsoft Corporation)
R2 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94208 2013-09-24] (Advanced Micro Devices) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-03] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-11] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-25] (Malwarebytes Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\atBIOS\GPCIDrv64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-03 12:35 - 2015-03-03 12:35 - 02092544 _____ (Farbar) C:\Users\Ugur\Downloads\FRST64 (1).exe
2015-03-02 18:34 - 2015-03-02 18:34 - 00000000 ____D () C:\Users\Ugur\Tracing
2015-03-02 18:31 - 2015-03-02 18:31 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-02 18:31 - 2015-03-02 18:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-02 18:31 - 2015-03-02 18:31 - 00000000 ____D () C:\Users\Ugur\AppData\Local\Skype
2015-03-02 18:31 - 2015-03-02 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-02 18:30 - 2015-03-02 18:30 - 01380448 _____ (Skype Technologies S.A.) C:\Users\Ugur\Downloads\SkypeSetup.exe
2015-03-02 18:21 - 2015-03-02 18:21 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-02 18:21 - 2015-03-02 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-01 16:11 - 2015-03-02 18:20 - 00000000 ____D () C:\Users\Ugur\AppData\Roaming\Spotify
2015-03-01 16:11 - 2015-03-02 18:04 - 00000000 ____D () C:\Users\Ugur\AppData\Local\Spotify
2015-03-01 16:11 - 2015-03-01 16:11 - 00001762 _____ () C:\Users\Ugur\Desktop\Spotify.lnk
2015-03-01 16:11 - 2015-03-01 16:11 - 00001748 _____ () C:\Users\Ugur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-01 16:10 - 2015-03-01 16:10 - 00137888 _____ (Spotify Ltd) C:\Users\Ugur\Downloads\SpotifySetup.exe
2015-02-28 16:27 - 2015-03-03 12:27 - 00000504 _____ () C:\Windows\setupact.log
2015-02-28 16:27 - 2015-02-28 16:27 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-28 01:38 - 2015-02-28 01:39 - 00038611 _____ () C:\Users\Ugur\Downloads\Addition.txt
2015-02-28 01:37 - 2015-03-03 12:36 - 00026923 _____ () C:\Users\Ugur\Downloads\FRST.txt
2015-02-28 01:37 - 2015-03-03 12:36 - 00000000 ____D () C:\FRST
2015-02-28 01:37 - 2015-02-28 01:37 - 02087936 _____ (Farbar) C:\Users\Ugur\Downloads\FRST64.exe
2015-02-28 00:03 - 2015-02-28 00:11 - 52666576 _____ () C:\Users\Ugur\Downloads\TaiGJBreak_1210.zip
2015-02-27 23:47 - 2015-02-27 23:47 - 00000000 ____D () C:\Users\Ugur\AppData\Roaming\TaiG
2015-02-27 23:36 - 2015-02-27 23:44 - 57133895 _____ () C:\Users\Ugur\Downloads\TaiGJBreak_1300.zip
2015-02-27 23:33 - 2015-02-27 23:33 - 44435904 _____ () C:\Users\Ugur\Downloads\Pangu8_v1.2.1.exe
2015-02-27 22:58 - 2015-02-28 01:48 - 00000866 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-27 22:58 - 2015-02-27 22:58 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-27 22:58 - 2015-02-27 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-27 22:58 - 2015-02-27 22:58 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-27 22:57 - 2015-02-27 22:57 - 04197696 _____ (Piriform Ltd) C:\Users\Ugur\Downloads\ccsetup503_slim.exe
2015-02-27 22:57 - 2015-02-27 22:57 - 04197696 _____ (Piriform Ltd) C:\Users\Ugur\Downloads\ccsetup503_slim (1).exe
2015-02-26 14:25 - 2015-02-26 14:25 - 00007055 _____ () C:\Windows\wininit.ini
2015-02-26 12:16 - 2015-02-26 12:16 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ugur\Downloads\spybot-2.4 (3).exe
2015-02-26 12:16 - 2015-02-26 12:16 - 00980944 _____ (A.I.SOFT,INC.) C:\Users\Ugur\Downloads\nettool_1290 (1).EXE
2015-02-26 12:11 - 2015-02-26 12:11 - 00980944 _____ (A.I.SOFT,INC.) C:\Users\Ugur\Downloads\nettool_1290.EXE
2015-02-26 12:11 - 2015-02-26 12:11 - 00000000 ____D () C:\Users\Ugur\Downloads\NetTool
2015-02-26 12:09 - 2015-02-26 12:09 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ugur\Downloads\spybot-2.4 (2).exe
2015-02-26 11:55 - 2015-02-26 11:55 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ugur\Downloads\spybot-2.4 (1).exe
2015-02-26 11:27 - 2015-02-26 14:41 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-26 11:27 - 2015-02-26 11:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-02-26 11:27 - 2015-02-26 11:27 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-26 11:27 - 2015-02-26 11:27 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-02-26 11:27 - 2015-02-26 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-26 11:27 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-02-26 11:21 - 2015-02-26 11:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ugur\Downloads\spybot-2.4.exe
2015-02-26 11:16 - 2015-02-26 11:16 - 00000000 ____D () C:\Users\Ugur\Downloads\backups
2015-02-26 11:07 - 2015-02-26 11:10 - 00013686 _____ () C:\Users\Ugur\Downloads\hijackthis.log
2015-02-26 11:06 - 2015-02-26 11:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ugur\Downloads\HiJackThis204.exe
2015-02-26 11:06 - 2015-02-26 11:06 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ugur\Downloads\HiJackThis204 (1).exe
2015-02-26 00:41 - 2015-02-26 00:41 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
2015-02-26 00:36 - 2015-02-26 00:36 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-26 00:36 - 2015-02-26 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-26 00:36 - 2015-02-26 00:36 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-26 00:36 - 2015-02-26 00:36 - 00000000 ____D () C:\Program Files\iTunes
2015-02-26 00:36 - 2015-02-26 00:36 - 00000000 ____D () C:\Program Files\iPod
2015-02-26 00:36 - 2015-02-26 00:36 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-25 13:11 - 2009-06-10 22:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.original
2015-02-25 08:42 - 2015-02-25 08:42 - 02126848 _____ () C:\Users\Ugur\Downloads\adwcleaner_4.111.exe
2015-02-25 08:29 - 2015-02-25 08:30 - 20117766 _____ () C:\Users\Ugur\Downloads\RestoreTools.zip
2015-02-24 15:50 - 2015-02-24 15:50 - 00026600 _____ () C:\Users\Ugur\Downloads\config.bin
2015-02-24 15:37 - 2015-02-24 15:48 - 08126464 _____ () C:\Users\Ugur\Downloads\openwrt-ar71xx-generic-tl-wr1043nd-v1-squashfs-factory.bin
2015-02-24 03:18 - 2015-02-24 03:22 - 13703279 _____ () C:\Users\Ugur\Downloads\doulci_activator_2.3v_private_build_2360.zip
2015-02-24 03:06 - 2015-02-24 03:06 - 12537741 _____ () C:\Users\Ugur\Downloads\Doulci-master.zip
2015-02-24 02:23 - 2015-02-24 02:23 - 01999034 _____ () C:\Users\Ugur\Downloads\DoulCi-server2-master.zip
2015-02-24 02:21 - 2015-02-24 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-02-24 02:19 - 2015-02-24 03:25 - 00000000 ____D () C:\xampp
2015-02-24 02:17 - 2015-02-24 02:18 - 150905704 _____ (Bitnami) C:\Users\Ugur\Downloads\xampp-win32-5.6.3-0-VC11-installer.exe
2015-02-21 16:35 - 2015-02-21 16:35 - 00015339 _____ () C:\Users\Ugur\Downloads\Hercules.EXTENDED.2014.German.DL.1080p.BluRay.x264-EXQUiSiTE.rar.nzb
2015-02-06 20:08 - 2015-02-06 20:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-06 17:09 - 2015-02-06 17:10 - 00000000 ____D () C:\Users\Ugur\Desktop\Jugend

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-03 12:36 - 2014-02-28 02:38 - 00000000 ____D () C:\Users\Ugur\AppData\Roaming\NetSpeedMonitor
2015-03-03 12:36 - 2013-02-11 14:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-03 12:34 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-03 12:34 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-03 12:33 - 2011-04-12 08:43 - 00700634 _____ () C:\Windows\system32\perfh007.dat
2015-03-03 12:33 - 2011-04-12 08:43 - 00149856 _____ () C:\Windows\system32\perfc007.dat
2015-03-03 12:33 - 2009-07-14 06:13 - 01624376 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-03 12:32 - 2013-10-02 10:27 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-03 12:32 - 2013-10-02 10:27 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-03 12:32 - 2013-10-02 10:27 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-03 12:32 - 2013-02-08 23:01 - 01951542 _____ () C:\Windows\WindowsUpdate.log
2015-03-03 12:27 - 2013-11-24 23:41 - 00000000 ____D () C:\Users\Ugur\AppData\Roaming\Skype
2015-03-03 12:27 - 2013-10-02 11:10 - 00000000 ____D () C:\ProgramData\VMware
2015-03-03 12:27 - 2013-02-11 18:23 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-03-03 12:27 - 2013-02-11 16:59 - 00000000 ____D () C:\ProgramData\LightsOut
2015-03-03 12:27 - 2013-02-11 14:51 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-03 12:27 - 2013-02-08 23:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-03 12:27 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-03 12:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-02 19:28 - 2013-03-05 20:59 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3757739924-4194404402-1720301288-1000UA.job
2015-03-02 19:28 - 2013-03-05 20:59 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3757739924-4194404402-1720301288-1000Core.job
2015-03-02 18:34 - 2013-02-08 13:47 - 00000000 ____D () C:\Users\Ugur
2015-03-02 18:31 - 2013-11-24 23:41 - 00000000 ____D () C:\ProgramData\Skype
2015-03-02 18:21 - 2013-02-10 21:44 - 00000000 ____D () C:\Users\Ugur\AppData\Local\Google
2015-03-02 18:17 - 2013-02-08 13:47 - 00001256 _____ () C:\Users\Ugur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-01 14:18 - 2013-02-12 15:23 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2
2015-02-28 19:53 - 2014-07-16 12:27 - 00000000 ____D () C:\Users\Ugur\Desktop\Bodybulding
2015-02-28 18:47 - 2013-04-11 21:50 - 00000000 ____D () C:\Users\Ugur\AppData\Roaming\MediaMonkey
2015-02-28 01:51 - 2013-10-02 11:10 - 00000000 ____D () C:\Users\Ugur\AppData\Local\VMware
2015-02-28 01:48 - 2013-10-02 11:10 - 00000000 ____D () C:\Users\Ugur\AppData\Roaming\VMware
2015-02-28 01:21 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-02-28 01:06 - 2014-07-14 03:04 - 00000860 _____ () C:\Windows\system32\Drivers\etc\hosts.funzt
2015-02-28 00:44 - 2013-10-02 10:17 - 00000000 ____D () C:\AdwCleaner
2015-02-27 23:03 - 2014-05-24 12:25 - 00000000 ____D () C:\Users\Ugur\AppData\Roaming\Sony
2015-02-27 23:03 - 2013-03-07 21:45 - 00000000 ____D () C:\Users\Ugur\AppData\Roaming\TeamViewer
2015-02-27 23:03 - 2013-02-11 18:34 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2015-02-27 23:03 - 2013-02-11 18:13 - 00000000 ____D () C:\Users\Ugur\AppData\Roaming\DAEMON Tools Lite
2015-02-27 23:02 - 2014-07-30 12:37 - 00000000 ____D () C:\Users\Ugur\AppData\Local\CrashDumps
2015-02-27 23:02 - 2014-02-09 15:40 - 00000000 ____D () C:\Windows\Minidump
2015-02-27 23:02 - 2013-02-08 13:42 - 00000000 ____D () C:\Windows\Panther
2015-02-27 22:01 - 2014-06-14 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-26 11:09 - 2014-04-10 11:57 - 00000193 _____ () C:\Windows\WORDPAD.INI
2015-02-26 00:36 - 2014-04-15 00:33 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-02-26 00:36 - 2013-02-15 15:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-25 13:10 - 2013-02-12 19:37 - 00002056 ____H () C:\Users\Ugur\Documents\Default.rdp
2015-02-25 08:50 - 2014-09-06 01:06 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-25 08:50 - 2014-09-06 01:06 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-25 08:50 - 2014-09-06 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-25 08:50 - 2014-09-06 01:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-24 16:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-24 16:13 - 2009-07-14 03:34 - 00000874 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2015-02-10 11:27 - 2014-07-29 13:18 - 00010571 _____ () C:\Users\Ugur\Desktop\Maße.xlsx
2015-02-10 11:26 - 2013-02-11 14:50 - 00000000 ____D () C:\Users\Ugur\AppData\Local\Deployment
2015-02-07 10:31 - 2013-02-11 14:51 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 10:31 - 2013-02-11 14:51 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 18:43 - 2013-02-19 01:55 - 00000000 ____D () C:\Users\Ugur\AppData\Roaming\vlc
2015-02-03 16:05 - 2014-08-14 12:14 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-02-03 16:05 - 2013-11-27 22:09 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-03 16:05 - 2013-10-02 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-03 16:05 - 2013-10-02 10:27 - 00000000 ____D () C:\Program Files (x86)\Avira

==================== Files in the root of some directories =======

2013-11-26 18:36 - 2014-08-20 18:13 - 0000600 _____ () C:\Users\Ugur\AppData\Roaming\winscp.rnd
2013-03-25 01:47 - 2014-06-17 00:47 - 0001456 _____ () C:\Users\Ugur\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-04-09 14:22 - 2013-04-09 14:22 - 0003584 _____ () C:\Users\Ugur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-06 11:01 - 2013-12-08 22:19 - 1065984 _____ () C:\Users\Ugur\AppData\Local\file__0.localstorage
2013-03-08 10:30 - 2013-03-08 10:30 - 0000001 _____ () C:\Users\Ugur\AppData\Local\llftool.4.25.agreement
2013-11-26 15:51 - 2013-11-26 19:13 - 0000600 _____ () C:\Users\Ugur\AppData\Local\PUTTY.RND
2013-02-12 22:28 - 2013-03-12 10:15 - 0007652 _____ () C:\Users\Ugur\AppData\Local\Resmon.ResmonCfg

Files to move or delete:
====================
C:\Users\Ugur\comcat5.dll


Some content of TEMP:
====================
C:\Users\Ugur\AppData\Local\Temp\avgnt.exe
C:\Users\Ugur\AppData\Local\Temp\proxy_vole1534570714431839532.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 22:51

==================== End Of Log ============================