| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Crossrider etc.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.05.2015, 22:32
| #1 |
| |  Crossrider etc. Hallo, ich hoffe ihr könnt mir helfen. Heute habe ich meinen Laptop neu aufgesetzt. Nachdem er fertig war, habe ich nur 3 Dinge gemacht: Avira, Chrome und CCleaner geladen. Und jetzt zeigt mir Avira am laufenden Band irgendwelche Meldungen an... Ich weiß echt nicht, was ich da falsch gemacht habe.. Hier mal das Log von Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 16.05.2015 Suchlauf-Zeit: 23:10:34 Logdatei: Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.05.16.05 Rootkit Datenbank: v2015.05.14.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Home Suchlauf-Art: Hyper-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 284358 Verstrichene Zeit: 19 Min, 2 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Deaktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 4 PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\MediaPlayerVid2.4\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-1-6.exe, 3460, Löschen bei Neustart, [ed68d7bddbaff145fc08ea6fd6303bc5] PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05\d360c057-e907-4184-87cf-fce50efd5fe3-1-6.exe, 3504, Löschen bei Neustart, [1243ade7850542f4e54f1246bc4ace32] PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancerService.exe, 2040, Löschen bei Neustart, [1c39a6ee0f7bed499004383605003ec2] PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancer.exe, 2884, Löschen bei Neustart, [b3a24f454743a2940013567fd0333fc1] Module: 3 PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\ApiHandlr.dll, Löschen bei Neustart, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\FiddlerCore.dll, Löschen bei Neustart, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\Newtonsoft.Json.dll, Löschen bei Neustart, [b3a24f454743a2940013567fd0333fc1], Registrierungsschlüssel: 28 PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HQ Video Pro 3.1cV16.05, In Quarantäne, [2b2ac4d0f39790a6a6cefcd9976cc43c], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MediaPlayerVid2.4, In Quarantäne, [3d184f459bef48ee007413c213f0ac54], PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE, In Quarantäne, [ea6bd8bc0f7be254723197d61aeb5ca4], PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE, In Quarantäne, [2f261e76afdb57dfe6bd4825818456aa], PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION, In Quarantäne, [f065870d107a30062bff3438e91c30d0], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HQ Video Pro 3.1cV16.05, In Quarantäne, [f0651f751a70ba7c55be5d843ac94bb5], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HQ Video Pro 3.1cV16.05-nv, In Quarantäne, [0253454f4b3fc3733bd89c45b84bb24e], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\HQ Video Pro 3.1cV16.05-nv-ie, In Quarantäne, [401596fea0eaa294a56ebd242cd71de3], PUP.Optional.MediaPlayer.A, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerVid2.4, In Quarantäne, [80d54c48761471c5a38e6675c241857b], PUP.Optional.MediaPlayer.A, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerVid2.4-nv-ie, In Quarantäne, [20352c684a40e94d53de9a4154afbf41], PUP.Optional.WajaWebEnhance.A, HKLM\SOFTWARE\WOW6432NODE\WajaWebEnhance, In Quarantäne, [f263a6ee8bff90a6f8c2640a61a429d7], PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE, In Quarantäne, [5ff6fd97d4b613234e55165772937789], PUP.Optional.PCTuner.C, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION, In Quarantäne, [c5904b492d5d2016101a77f55da8a957], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [b4a1c8cc47437cbaa825f16ad33256aa], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [86cf8f05d8b2c1757559e972e421a060], PUP.Optional.Wajam.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WajaWebEnhance Service, In Quarantäne, [1c39a6ee0f7bed499004383605003ec2], PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, In Quarantäne, [25307b194d3d2d09938f7eeebf4636ca], PUP.Optional.TNT.A, HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\SOFTWARE\TNT2, In Quarantäne, [e471395b820872c43de517cb92716d93], PUP.Optional.WajaWebEnhance.A, HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\SOFTWARE\WajaWebEnhance, In Quarantäne, [98bd672deb9f9f977940a8c665a0b749], PUP.Optional.Wajam.A, HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\SOFTWARE\WajIEnhance, In Quarantäne, [b1a4058f9ceec76f0b252bbd1fe47b85], PUP.Optional.Iminent.A, HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantäne, [89cca1f3ff8b7bbb49bf4e8f10f31fe1], PUP.Optional.Iminent.A, HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantäne, [b69fa4f0018995a1cb3e6479c241e020], PUP.Optional.Linkey.A, HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, In Quarantäne, [3c194f45dab04de90307904d15ee6997], PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, In Quarantäne, [dc79f0a49feb5adc00b405669570ad53], PUP.Optional.Vosteran.A, HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, In Quarantäne, [f65f7b19e5a5290d060534a9b84b31cf], PUP.Optional.Wajam.A, HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantäne, [70e5d9bb6822d561d735ac312dd68080], PUP.Optional.Wajam.A, HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\SOFTWARE\SIMPLYTECH\HomeTabWajIEnhance, In Quarantäne, [a7ae2e662b5fbb7b4926588845beba46], PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajaWebEnhance, In Quarantäne, [67eebdd792f8d85e13299211887bb947], Registrierungswerte: 5 PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, In Quarantäne, [ea6bd8bc0f7be254723197d61aeb5ca4] PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, In Quarantäne, [2f261e76afdb57dfe6bd4825818456aa] PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, In Quarantäne, [f065870d107a30062bff3438e91c30d0] PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, In Quarantäne, [5ff6fd97d4b613234e55165772937789] PUP.Optional.PCTuner.C, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, In Quarantäne, [c5904b492d5d2016101a77f55da8a957] Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 12 PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05, Löschen bei Neustart, [2b2ac4d0f39790a6a6cefcd9976cc43c], PUP.Optional.CrossRider.A, C:\Program Files (x86)\MediaPlayerVid2.4, Löschen bei Neustart, [3d184f459bef48ee007413c213f0ac54], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Search, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Uninstall Wajam, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam, In Quarantäne, [67eebdd792f8d85e13299211887bb947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance, Löschen bei Neustart, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer, Löschen bei Neustart, [b3a24f454743a2940013567fd0333fc1], Dateien: 138 PUP.Optional.MediaPlayer.A, C:\Program Files (x86)\MediaPlayerVid2.4\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-1-6.exe, Löschen bei Neustart, [ed68d7bddbaff145fc08ea6fd6303bc5], PUP.Optional.HQVideoPro.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05\d360c057-e907-4184-87cf-fce50efd5fe3-1-6.exe, Löschen bei Neustart, [1243ade7850542f4e54f1246bc4ace32], PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05\bgNova.html, In Quarantäne, [2b2ac4d0f39790a6a6cefcd9976cc43c], PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05\0e963b74-8e5c-423d-a6ee-487bcabadc73.dll, In Quarantäne, [2b2ac4d0f39790a6a6cefcd9976cc43c], PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05\242a80b6-c647-4a47-9bcf-4803967f1e14.crx, In Quarantäne, [2b2ac4d0f39790a6a6cefcd9976cc43c], PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05\d360c057-e907-4184-87cf-fce50efd5fe3-5.exe, In Quarantäne, [2b2ac4d0f39790a6a6cefcd9976cc43c], PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05\d360c057-e907-4184-87cf-fce50efd5fe3-64.exe, In Quarantäne, [2b2ac4d0f39790a6a6cefcd9976cc43c], PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05\Uninstall.exe, In Quarantäne, [2b2ac4d0f39790a6a6cefcd9976cc43c], PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05\UninstallBrw.exe, In Quarantäne, [2b2ac4d0f39790a6a6cefcd9976cc43c], PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQ Video Pro 3.1cV16.05\utils.exe, In Quarantäne, [2b2ac4d0f39790a6a6cefcd9976cc43c], PUP.Optional.CrossRider.A, C:\Program Files (x86)\MediaPlayerVid2.4\bgNova.html, In Quarantäne, [3d184f459bef48ee007413c213f0ac54], PUP.Optional.CrossRider.A, C:\Program Files (x86)\MediaPlayerVid2.4\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-5.exe, In Quarantäne, [3d184f459bef48ee007413c213f0ac54], PUP.Optional.CrossRider.A, C:\Program Files (x86)\MediaPlayerVid2.4\Uninstall.exe, In Quarantäne, [3d184f459bef48ee007413c213f0ac54], PUP.Optional.CrossRider.A, C:\Program Files (x86)\MediaPlayerVid2.4\utils.exe, In Quarantäne, [3d184f459bef48ee007413c213f0ac54], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Wajam Website.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Settings.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\SignIn with Facebook.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\SignIn with Twitter.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Search\Ask.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Search\Google.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Search\IMDb.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Search\Shopping.com.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Search\TripAdvisor.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Search\Wikipedia.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Search\Yahoo!.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Amazon.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Argos.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Ebay.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Etsy.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\HomeDepot.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Ikea.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Lowe's.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Mercadolivre.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\MyShopping.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Sears.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Target.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Tesco.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Walmart.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Explore Social Shopping\Zalando.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance\Uninstall Wajam\uninstall.lnk, In Quarantäne, [094c33617b0fda5cf88d577e20e344bc], PUP.Optional.Crossbrowse.C, C:\Windows\System32\Tasks\Crossbrowse, In Quarantäne, [6de8efa5b8d272c467426c6c53b08779], PUP.Optional.Crossbrowse.C, C:\Windows\Tasks\Crossbrowse.job, In Quarantäne, [1f36a4f04d3d55e16446cb0da55e40c0], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-1-6, In Quarantäne, [4213bcd80d7dbf77793028d9f4103fc1], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-1-7, In Quarantäne, [dc79d0c4c0cada5cb2f74ab7c53fb64a], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-10_user, In Quarantäne, [aaabc9cbd0baaf87c9e0986933d10ff1], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-5, In Quarantäne, [96bf92024545d1656e3b59a861a314ec], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-5_user, In Quarantäne, [5afbcfc5a2e896a0644538c9b94bd52b], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-1-6, In Quarantäne, [272e31635f2b56e02386f809709450b0], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-1-7, In Quarantäne, [5005bbd9c3c7fb3b76339170f60ea957], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-10_user, In Quarantäne, [e86d9103b9d15dd92f7a9f6243c1a858], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-3, In Quarantäne, [14410c889feb270fe3c64bb6a75dbc44], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-5, In Quarantäne, [e570d6bec6c447ef4d5c887980848779], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-5_user, In Quarantäne, [e0752d67a5e525118c1d847d4db7c13f], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-6, In Quarantäne, [8acbbbd9711947efa009eb16b84c748c], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-7, In Quarantäne, [b1a4b3e1aae080b69811649d030122de], PUP.Optional.CrossRider.T, C:\Windows\Tasks\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-1-6.job, In Quarantäne, [381d03918a0077bf5574d584ea1be020], PUP.Optional.CrossRider.T, C:\Windows\Tasks\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-1-7.job, In Quarantäne, [e4711a7a4d3dd46225a479e0739204fc], PUP.Optional.CrossRider.T, C:\Windows\Tasks\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-10_user.job, In Quarantäne, [c194f1a30c7e6dc9c70254053ec7a15f], PUP.Optional.CrossRider.T, C:\Windows\Tasks\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-5.job, In Quarantäne, [470e167e5b2f40f6cdfc0356966f9868], PUP.Optional.CrossRider.T, C:\Windows\Tasks\cffbde82-f4a4-4ef1-a8e5-b5e10973fc5c-5_user.job, In Quarantäne, [30253d570b7f2a0cfecbe57439ccf50b], PUP.Optional.CrossRider.T, C:\Windows\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-1-6.job, In Quarantäne, [80d581136822f3437752f267ac590af6], PUP.Optional.CrossRider.T, C:\Windows\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-1-7.job, In Quarantäne, [e075c7cd9bef55e1913883d61beaa060], PUP.Optional.CrossRider.T, C:\Windows\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-10_user.job, In Quarantäne, [5bfab7dd7e0c9c9ae1e84e0bbc49af51], PUP.Optional.CrossRider.T, C:\Windows\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-3.job, In Quarantäne, [5302a5ef01893ef807c236237f86768a], PUP.Optional.CrossRider.T, C:\Windows\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-5.job, In Quarantäne, [73e2dbb9b5d515215d6c88d154b1847c], PUP.Optional.CrossRider.T, C:\Windows\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-5_user.job, In Quarantäne, [ee67fd97e6a496a0deeb114811f44fb1], PUP.Optional.CrossRider.T, C:\Windows\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-6.job, In Quarantäne, [1441e6aedbafc96da920035653b210f0], PUP.Optional.CrossRider.T, C:\Windows\Tasks\d360c057-e907-4184-87cf-fce50efd5fe3-7.job, In Quarantäne, [d87d5044ff8bbb7b15b4590093726e92], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancerService.exe, Löschen bei Neustart, [1c39a6ee0f7bed499004383605003ec2], PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\uninstall.exe, In Quarantäne, [67eebdd792f8d85e13299211887bb947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335\globalupdate.exe, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335\globalupdateBroker.exe, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335\globalupdateCrashHandler.exe, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335\globalupdateHelper.msi, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335\globalupdateOnDemand.exe, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335\goopdate.dll, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335\goopdateres_en.dll, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335\npglobalupdateUpdate4.dll, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335\psmachine.dll, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.120335\psuser.dll, In Quarantäne, [5cf9771d02889c9a8e49f6c18f74a858], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279\globalupdate.exe, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279\globalupdateBroker.exe, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279\globalupdateCrashHandler.exe, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279\globalupdateHelper.msi, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279\globalupdateOnDemand.exe, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279\goopdate.dll, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279\goopdateres_en.dll, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279\npglobalupdateUpdate4.dll, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279\psmachine.dll, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.GlobalUpdate.A, C:\Users\Home\AppData\Local\Temp\comh.471279\psuser.dll, In Quarantäne, [66ef8b09f496a195498e684f2fd4b947], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\uninstall.exe, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\amazon.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\argos.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\ask.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\bestbuy.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\ebay.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\etsy.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\facebook.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\favicon.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\google.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\homedepot.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\ikea.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\imdb.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\lowes.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\mercado.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\mysearchweb.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\myshopping.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\searchresult.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\sears.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\setting.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\settings.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\shopping.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\target.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\tesco.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\tripadvisor.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\twitter.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\wajam.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\walmart.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\wiki.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\yahoo.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\Logos\zalando.ico, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\fd6dbc306c804c8ddc05bbf7718a9fb0, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\007290c6eaab8e3f7a895162dbe596bc, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\27a3e026958775027c50df2378a10264, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\4274ab802ce4827a61f0945bb90f2658, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\7a7f47864cc9f47f051a99757259e4c6, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\8f4e413e15e24f194e5329cacb14280f, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\990e813e891cbbd0c9777c2cd94e9600, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\a6ae6d2596b121bf37b260719739349b, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\ApiHandlr.dll, Löschen bei Neustart, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\FiddlerCore.dll, Löschen bei Neustart, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\HtmlAgilityPack.dll, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\InternetEnhancer.exe, Löschen bei Neustart, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\lan-proxy-settings.dat, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\makecert.exe, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\Newtonsoft.Json.dll, Löschen bei Neustart, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\wie, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], PUP.Optional.Wajam.A, C:\Program Files (x86)\WajaWebEnhance\WajaWebEnhance Internet Enhancer\WJManifest, In Quarantäne, [b3a24f454743a2940013567fd0333fc1], Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end)  |
|
16.05.2015, 23:08
| #2 |
| Ruhe in Frieden † 2019     | Crossrider etc. Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Von wo hast du das geladen und wieso CCleaner? Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
17.05.2015, 08:11
| #3 |
| | Crossrider etc.FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02 Ran by Home (administrator) on HOME-PC on 17-05-2015 09:00:06 Running from C:\Users\Home\Downloads Loaded Profiles: Home & (Available profiles: Home) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (ASUS) C:\Windows\AsScrPro.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS) C:\Program Files\P4G\BatteryLife.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro Inc.) HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [192520 2010-10-12] (Trend Micro Inc.) HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [322384 2010-09-17] (Trend Micro Inc.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-12] (ELAN Microelectronics Corp.) HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor) HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation) HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-09] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme) HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.OE.Systray.exe [128760 2015-05-07] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [728312 2015-04-16] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-04-09] ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe () ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com HKU\S-1-5-21-3273513408-1347916941-2385951518-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com HKU\S-1-5-21-3273513408-1347916941-2385951518-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKU\S-1-5-21-3273513408-1347916941-2385951518-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3273513408-1347916941-2385951518-1000 -> {780DF0A3-916B-4B05-88AE-FD30D6626850} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3273513408-1347916941-2385951518-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3273513408-1347916941-2385951518-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {780DF0A3-916B-4B05-88AE-FD30D6626850} URL = https://www.google.com/search?q={searchTerms} BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro Inc.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17] (Trend Micro Inc.) BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17] (Trend Micro Inc.) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro Inc.) Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17] (Trend Micro Inc.) Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro Inc.) Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro Inc.) Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17] (Trend Micro Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.) FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation) FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension [2011-04-09] Chrome: ======= CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-16] CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-16] CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-16] CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-16] CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-16] CHR Extension: (Google Sheets) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-16] CHR Extension: (Avira Browser Safety) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-16] CHR Extension: (Bookmark Manager) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-16] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-16] CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-16] CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-16] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827640 2015-04-16] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1185584 2015-04-16] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [206584 2015-05-07] (Avira Operations GmbH & Co. KG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] () R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-04-16] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-04-16] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-04-16] (Avira Operations GmbH & Co. KG) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-17] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.) R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.) R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.) R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-17 09:00 - 2015-05-17 09:01 - 00018775 _____ () C:\Users\Home\Downloads\FRST.txt 2015-05-17 08:57 - 2015-05-17 09:00 - 00000000 ____D () C:\FRST 2015-05-17 08:56 - 2015-05-17 08:56 - 02107392 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe 2015-05-17 08:50 - 2015-05-17 08:50 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-17 08:50 - 2015-05-17 08:50 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-17 08:50 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-05-17 08:50 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-05-17 08:50 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-05-17 08:49 - 2015-05-17 08:49 - 00000000 ____D () C:\Windows\pss 2015-05-17 08:48 - 2015-05-17 08:48 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Home\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-17 08:48 - 2015-05-17 08:48 - 00003018 _____ () C:\Windows\System32\Tasks\ASUS Live Update 2015-05-17 08:48 - 2015-05-17 08:48 - 00002786 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-05-17 08:48 - 2015-05-17 08:48 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-05-17 08:48 - 2015-05-17 08:48 - 00000000 ____D () C:\Program Files\CCleaner 2015-05-17 08:47 - 2015-05-17 08:47 - 05248848 _____ (Piriform Ltd) C:\Users\Home\Downloads\ccsetup505_slim.exe 2015-05-17 08:47 - 2015-05-17 08:47 - 05248848 _____ (Piriform Ltd) C:\Users\Home\Downloads\ccsetup505_slim (1).exe 2015-05-17 08:42 - 2015-05-17 08:42 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-17 08:40 - 2015-05-17 08:54 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-17 08:40 - 2015-05-17 08:54 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-17 08:40 - 2015-05-17 08:49 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-17 08:40 - 2015-05-17 08:49 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-17 08:35 - 2015-04-16 15:23 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-05-17 08:35 - 2015-04-16 15:23 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-05-17 08:35 - 2015-04-16 15:23 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-05-17 08:35 - 2015-04-16 15:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-05-17 08:34 - 2015-05-17 08:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-05-17 08:34 - 2015-05-17 08:34 - 00001213 _____ () C:\Users\Public\Desktop\Avira.lnk 2015-05-17 08:34 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-05-17 08:34 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-05-17 08:34 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-05-17 08:34 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-05-17 08:33 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-05-17 08:33 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-05-17 08:33 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-05-17 08:33 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-05-17 08:32 - 2015-05-17 08:32 - 00000000 ____D () C:\Windows\system32\appmgmt 2015-05-17 06:21 - 2015-05-17 06:21 - 00000000 _____ () C:\Windows\AsRunBar.txt 2015-05-17 06:21 - 2015-05-17 05:46 - 00000000 ____D () C:\eSupport 2015-05-17 06:21 - 2011-09-30 08:26 - 00000031 _____ () C:\Windows\AsToolCDVer.txt 2015-05-17 06:19 - 2015-05-17 06:00 - 00000000 ____D () C:\WIMAPPLY 2015-05-17 06:00 - 2015-05-17 06:00 - 00014211 _____ () C:\devlist.txt 2015-05-17 06:00 - 2015-05-17 06:00 - 00000009 _____ () C:\Finish.log 2015-05-17 05:59 - 2015-05-17 05:59 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_P53E.alu 2015-05-17 05:50 - 2015-05-17 05:51 - 00000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2015-05-17 05:50 - 2015-05-17 05:51 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite 2015-05-17 05:50 - 2015-05-17 05:51 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite 2015-05-17 05:50 - 2015-05-17 05:50 - 00000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2015-05-17 05:50 - 2015-05-17 05:50 - 00000000 ____D () C:\ProgramData\CyberLink 2015-05-17 05:50 - 2015-05-17 05:50 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2015-05-17 05:49 - 2015-05-17 05:49 - 00061430 _____ () C:\Windows\AsChkDev.txt 2015-05-17 05:49 - 2015-05-17 05:49 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\1043_ASUSTEK_P43E_P53E_V30_WIN7.MRK 2015-05-17 05:47 - 2015-05-17 08:29 - 00000080 _____ () C:\Windows\system32\Defrag.ini 2015-05-17 05:47 - 2015-05-17 08:23 - 00000000 ____D () C:\Program Files\ASUS 2015-05-17 05:47 - 2015-05-17 05:50 - 00000000 ____D () C:\ProgramData\Temp 2015-05-17 05:47 - 2015-05-17 05:47 - 03058304 _____ (ASUS) C:\Windows\AsScrPro.exe 2015-05-17 05:47 - 2015-05-17 05:47 - 00080512 _____ (ASUS) C:\Windows\Asus_PSeries_Screensaver Uninstaller.exe 2015-05-17 05:47 - 2015-05-17 05:47 - 00003066 _____ () C:\Windows\System32\Tasks\ACMON 2015-05-17 05:47 - 2015-05-17 05:47 - 00002986 _____ () C:\Windows\System32\Tasks\ASUS SmartLogon Console Sensor 2015-05-17 05:47 - 2015-05-17 05:47 - 00002964 _____ () C:\Windows\System32\Tasks\ASUS Secure Delete 2015-05-17 05:47 - 2015-05-17 05:47 - 00001329 _____ () C:\Windows\system32\ServiceFilter.ini 2015-05-17 05:47 - 2015-05-17 05:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover 2015-05-17 05:47 - 2015-05-17 05:47 - 00000000 ____D () C:\Program Files\CyberLink 2015-05-17 05:47 - 2015-05-16 21:26 - 00001886 _____ () C:\Windows\system32\AutoRunFilter.ini 2015-05-17 05:47 - 2011-05-30 22:48 - 00155648 _____ (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe 2015-05-17 05:47 - 2011-01-25 23:11 - 00379520 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe 2015-05-17 05:47 - 2010-07-05 11:06 - 103598799 ____N (Axialis Software) C:\Windows\system32\Asus_PSeries_Screensaver.scr 2015-05-17 05:47 - 2010-04-28 18:59 - 00027264 _____ (ASUS Corporation) C:\Windows\system32\Drivers\assd.sys 2015-05-17 05:47 - 2009-06-13 02:55 - 00000105 _____ () C:\Windows\system32\FastBoot.ini 2015-05-17 05:47 - 2009-06-05 22:35 - 00000052 _____ () C:\Windows\system32\RemoveFont.ini 2015-05-17 05:47 - 2009-06-05 22:35 - 00000015 _____ () C:\Windows\system32\BootTime.ini 2015-05-17 05:46 - 2015-05-17 08:23 - 00000000 ____D () C:\ProgramData\P4G 2015-05-17 05:46 - 2015-05-17 05:49 - 00000000 ____D () C:\Program Files\P4G 2015-05-17 05:46 - 2015-05-17 05:46 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute 2015-05-17 05:46 - 2015-05-17 05:46 - 00003078 _____ () C:\Windows\System32\Tasks\AIRecoveryRemind 2015-05-17 05:46 - 2015-05-17 05:46 - 00003044 _____ () C:\Windows\System32\Tasks\ASUS P4G 2015-05-17 05:46 - 2015-05-17 05:46 - 00002984 _____ () C:\Windows\System32\Tasks\ATKOSD2 2015-05-17 05:46 - 2015-05-17 05:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_AMPPAL_01009.Wdf 2015-05-17 05:44 - 2015-05-17 05:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf 2015-05-17 05:44 - 2015-05-17 05:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_btmaux_01009.Wdf 2015-05-17 05:41 - 2015-05-17 05:46 - 00000000 ____D () C:\Program Files\Intel 2015-05-17 05:41 - 2015-05-17 05:44 - 00008764 _____ () C:\Windows\DPINST.LOG 2015-05-17 05:41 - 2015-05-17 05:41 - 00002450 _____ () C:\RHDSetup.log 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ___HD () C:\Program Files (x86)\Temp 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ____D () C:\ProgramData\SonicFocus 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virage Logic, Corp 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ____D () C:\ProgramData\AmUStor 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ____D () C:\Program Files\Realtek 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ____D () C:\Program Files\Elantech 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ____D () C:\Program Files (x86)\Realtek 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ____D () C:\Program Files (x86)\Cisco 2015-05-17 05:41 - 2015-05-17 05:41 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun 2015-05-17 05:41 - 2011-05-17 11:02 - 02872680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2015-05-17 05:41 - 2011-05-17 07:56 - 00090216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll 2015-05-17 05:41 - 2011-05-17 07:43 - 03137128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2015-05-17 05:41 - 2011-05-17 07:43 - 02405992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2015-05-17 05:41 - 2011-05-16 10:48 - 01060864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2015-05-17 05:41 - 2011-05-12 14:57 - 01559656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2015-05-17 05:41 - 2011-05-05 09:24 - 02085440 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2015-05-17 05:41 - 2011-05-05 08:15 - 00220512 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2015-05-17 05:41 - 2011-05-05 08:14 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2015-05-17 05:41 - 2011-05-05 08:14 - 00078176 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2015-05-17 05:41 - 2011-04-18 12:50 - 02601816 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll 2015-05-17 05:41 - 2011-03-15 09:32 - 00648808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2015-05-17 05:41 - 2011-03-02 11:25 - 01242216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2015-05-17 05:41 - 2011-02-25 13:37 - 01284712 ____N (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2015-05-17 05:41 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2015-05-17 05:41 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2015-05-17 05:41 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2015-05-17 05:41 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2015-05-17 05:41 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2015-05-17 05:41 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2015-05-17 05:41 - 2010-11-03 12:31 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2015-05-17 05:41 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2015-05-17 05:41 - 2010-11-03 12:29 - 01327208 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2015-05-17 05:41 - 2010-11-03 12:29 - 01179752 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2015-05-17 05:41 - 2010-11-03 12:29 - 01111656 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2015-05-17 05:41 - 2010-11-03 12:29 - 00504936 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2015-05-17 05:41 - 2010-11-03 12:29 - 00475752 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2015-05-17 05:41 - 2010-11-03 12:29 - 00317032 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2015-05-17 05:41 - 2010-11-03 12:29 - 00269928 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2015-05-17 05:41 - 2010-11-03 12:29 - 00266856 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2015-05-17 05:41 - 2010-11-03 12:29 - 00126056 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2015-05-17 05:41 - 2010-11-03 12:29 - 00125544 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2015-05-17 05:41 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2015-05-17 05:41 - 2010-07-22 10:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2015-05-17 05:41 - 2010-07-22 10:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2015-05-17 05:41 - 2010-07-11 15:28 - 00180048 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFProc64.dll 2015-05-17 05:41 - 2010-07-11 15:28 - 00086352 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFComm64.dll 2015-05-17 05:41 - 2010-07-11 15:28 - 00083792 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFSAPO64.dll 2015-05-17 05:41 - 2010-07-11 15:28 - 00082768 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFHAPO64.dll 2015-05-17 05:41 - 2010-07-11 15:28 - 00082768 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFDAPO64.dll 2015-05-17 05:41 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2015-05-17 05:41 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2015-05-17 05:41 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2015-05-17 05:41 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2015-05-17 05:41 - 2009-11-18 12:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll 2015-05-17 05:41 - 2009-11-17 12:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2015-05-17 05:39 - 2015-05-17 05:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-05-17 05:39 - 2015-05-17 05:47 - 00000168 _____ () C:\setup.log 2015-05-17 05:39 - 2010-12-21 03:08 - 00008192 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll 2015-05-17 05:39 - 2010-10-20 01:34 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys 2015-05-17 05:37 - 2015-05-17 05:41 - 00000000 ____D () C:\ProgramData\Intel 2015-05-17 05:37 - 2015-05-17 05:37 - 00015794 _____ () C:\Windows\system32\results.xml 2015-05-17 05:36 - 2015-05-17 05:41 - 00000000 ____D () C:\Program Files\Common Files\Intel 2015-05-17 05:36 - 2015-05-17 05:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-05-17 05:33 - 2015-05-17 05:44 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-05-17 05:33 - 2015-05-17 05:35 - 00000000 ____D () C:\Intel 2015-05-17 05:33 - 2010-12-23 05:09 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2015-05-17 05:31 - 2011-01-28 21:03 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll 2015-05-17 05:31 - 2011-01-28 07:46 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll 2015-05-17 05:29 - 2010-12-29 12:57 - 00951680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-05-17 05:28 - 2015-05-17 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility 2015-05-17 05:26 - 2015-05-17 08:35 - 00637221 _____ () C:\Windows\WindowsUpdate.log 2015-05-17 05:23 - 2015-05-17 05:23 - 00000000 ____D () C:\Windows\CSC 2015-05-16 23:09 - 2015-05-17 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-16 23:09 - 2015-05-17 08:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-05-16 23:09 - 2015-05-16 23:09 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-16 23:06 - 2015-05-17 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-16 23:05 - 2015-05-16 23:05 - 00000000 ____D () C:\Users\Home\AppData\Local\Deployment 2015-05-16 23:05 - 2015-05-16 23:05 - 00000000 ____D () C:\Users\Home\AppData\Local\Apps\2.0 2015-05-16 22:33 - 2015-05-17 08:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-05-16 21:51 - 2015-05-16 21:51 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Mozilla 2015-05-16 21:51 - 2015-05-16 21:51 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Avira 2015-05-16 21:50 - 2015-05-16 21:50 - 00000000 ____D () C:\Users\Home\AppData\Roaming\ASUS WebStorage 2015-05-16 21:46 - 2015-05-17 08:33 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-16 21:46 - 2015-05-16 21:49 - 00000000 ____D () C:\ProgramData\Avira 2015-05-16 21:46 - 2015-05-16 21:49 - 00000000 ____D () C:\Program Files (x86)\Avira 2015-05-16 21:43 - 2015-05-16 21:43 - 00000000 ____D () C:\Users\Home\AppData\Local\globalUpdate 2015-05-16 21:42 - 2015-05-16 23:06 - 00000000 ____D () C:\Users\Home\AppData\Local\Google 2015-05-16 21:40 - 2015-05-16 21:40 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Macromedia 2015-05-16 21:40 - 2015-05-16 21:40 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Adobe 2015-05-16 21:28 - 2015-05-17 08:24 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security 2015-05-16 21:27 - 2015-05-16 21:27 - 00001445 _____ () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-05-16 21:27 - 2015-05-16 21:27 - 00001411 _____ () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2015-05-16 21:26 - 2015-05-17 08:29 - 00000000 ___HD () C:\ASUS.DAT 2015-05-16 21:26 - 2015-05-16 21:26 - 00060792 _____ () C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT 2015-05-16 21:26 - 2015-05-16 21:26 - 00045056 _____ () C:\Windows\SysWOW64\acovcnt.exe 2015-05-16 21:26 - 2015-05-16 21:26 - 00000196 _____ () C:\Windows\FixPatch.log 2015-05-16 21:26 - 2015-05-16 21:26 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Google 2015-05-16 21:26 - 2015-05-16 21:26 - 00000000 ____D () C:\Users\Home\AppData\Local\VirtualStore 2015-05-16 21:26 - 2015-05-16 21:26 - 00000000 ____D () C:\Users\Home\AppData\Local\Power2Go 2015-05-16 21:26 - 2015-05-16 21:26 - 00000000 ____D () C:\ProgramData\Google 2015-05-16 21:26 - 2015-05-16 21:26 - 00000000 ____D () C:\ProgramData\FolderView 2015-05-16 21:25 - 2015-05-17 08:25 - 00000000 ____D () C:\Users\Home 2015-05-16 21:25 - 2015-05-17 05:51 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite 2015-05-16 21:25 - 2015-05-16 21:25 - 00000020 ___SH () C:\Users\Home\ntuser.ini 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\Vorlagen 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\Startmenü 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\Netzwerkumgebung 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\Lokale Einstellungen 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\Eigene Dateien 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\Druckumgebung 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\Documents\Eigene Musik 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\Documents\Eigene Bilder 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\AppData\Local\Verlauf 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\AppData\Local\Anwendungsdaten 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 _SHDL () C:\Users\Home\Anwendungsdaten 2015-05-16 21:25 - 2015-05-16 21:25 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Intel 2015-05-16 21:25 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-05-16 21:25 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-04-19 14:20 - 2015-04-19 14:20 - 00005872 _____ () C:\Users\Home\AppData\Roaming\MVOEXDWo ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-17 08:48 - 2011-04-09 20:58 - 00000000 ____D () C:\Program Files (x86)\ASUS 2015-05-17 08:36 - 2011-04-11 14:38 - 00438430 _____ () C:\Windows\system32\perfh001.dat 2015-05-17 08:36 - 2011-04-11 14:38 - 00079916 _____ () C:\Windows\system32\perfc001.dat 2015-05-17 08:36 - 2011-03-17 14:23 - 00678144 _____ () C:\Windows\system32\perfh019.dat 2015-05-17 08:36 - 2011-03-17 14:23 - 00132644 _____ () C:\Windows\system32\perfc019.dat 2015-05-17 08:36 - 2011-02-19 11:46 - 00358086 _____ () C:\Windows\system32\perfh00D.dat 2015-05-17 08:36 - 2011-02-19 11:46 - 00070026 _____ () C:\Windows\system32\perfc00D.dat 2015-05-17 08:36 - 2011-02-19 11:40 - 00552564 _____ () C:\Windows\system32\perfh008.dat 2015-05-17 08:36 - 2011-02-19 11:40 - 00089672 _____ () C:\Windows\system32\perfc008.dat 2015-05-17 08:36 - 2011-02-19 11:34 - 00390160 _____ () C:\Windows\system32\prfh0404.dat 2015-05-17 08:36 - 2011-02-19 11:34 - 00107320 _____ () C:\Windows\system32\prfc0404.dat 2015-05-17 08:36 - 2011-02-19 11:29 - 00681496 _____ () C:\Windows\system32\prfh0816.dat 2015-05-17 08:36 - 2011-02-19 11:29 - 00134338 _____ () C:\Windows\system32\prfc0816.dat 2015-05-17 08:36 - 2011-02-19 11:24 - 00692768 _____ () C:\Windows\system32\perfh013.dat 2015-05-17 08:36 - 2011-02-19 11:24 - 00133360 _____ () C:\Windows\system32\perfc013.dat 2015-05-17 08:36 - 2011-02-19 11:18 - 00691422 _____ () C:\Windows\system32\perfh010.dat 2015-05-17 08:36 - 2011-02-19 11:18 - 00127758 _____ () C:\Windows\system32\perfc010.dat 2015-05-17 08:36 - 2011-02-19 11:13 - 00696366 _____ () C:\Windows\system32\perfh00C.dat 2015-05-17 08:36 - 2011-02-19 11:13 - 00130822 _____ () C:\Windows\system32\perfc00C.dat 2015-05-17 08:36 - 2011-02-19 11:08 - 00655278 _____ () C:\Windows\system32\perfh007.dat 2015-05-17 08:36 - 2011-02-19 11:08 - 00130146 _____ () C:\Windows\system32\perfc007.dat 2015-05-17 08:36 - 2011-02-19 11:02 - 00695412 _____ () C:\Windows\system32\perfh00A.dat 2015-05-17 08:36 - 2011-02-19 11:02 - 00137456 _____ () C:\Windows\system32\perfc00A.dat 2015-05-17 08:36 - 2009-07-14 07:13 - 08503202 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-17 08:36 - 2009-07-14 06:45 - 00009712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-17 08:36 - 2009-07-14 06:45 - 00009712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-17 08:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\he-IL 2015-05-17 08:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA 2015-05-17 08:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-17 08:28 - 2009-07-14 06:51 - 00051363 _____ () C:\Windows\setupact.log 2015-05-17 08:24 - 2011-04-09 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park 2015-05-17 08:24 - 2011-04-09 20:41 - 00000000 ____D () C:\ProgramData\Partner 2015-05-17 08:24 - 2009-07-14 06:45 - 00289728 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-17 08:23 - 2011-04-09 21:02 - 00000000 ____D () C:\ProgramData\Trend Micro 2015-05-17 08:23 - 2011-04-09 21:01 - 00000000 ____D () C:\Program Files\Trend Micro 2015-05-17 08:23 - 2009-07-14 09:45 - 00000000 ___RD () C:\Users\Public\Recorded TV 2015-05-17 08:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL 2015-05-17 08:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA 2015-05-17 08:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-05-17 08:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2015-05-17 06:21 - 2011-04-09 20:01 - 00008442 _____ () C:\Windows\AsRecoveryHD.log 2015-05-17 06:21 - 2011-04-09 20:00 - 00162996 _____ () C:\Windows\AsFac.log 2015-05-17 06:21 - 2009-07-29 08:00 - 00000000 ____D () C:\Windows\ASUS 2015-05-17 06:00 - 2009-07-29 08:00 - 00000000 ____D () C:\Windows\Log 2015-05-17 06:00 - 2009-07-14 06:46 - 00005075 _____ () C:\Windows\DtcInstall.log 2015-05-17 06:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep 2015-05-17 05:44 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-05-17 05:42 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2015-05-17 05:26 - 2009-07-29 07:55 - 00008134 _____ () C:\Windows\TSSysprep.log 2015-05-17 05:22 - 2011-04-09 20:02 - 00115574 _____ () C:\Windows\PFRO.log 2015-05-16 23:06 - 2011-04-09 20:40 - 00000000 ____D () C:\Program Files (x86)\Google 2015-05-16 23:03 - 2009-07-29 08:52 - 00000000 ____D () C:\Windows\Panther 2015-05-16 22:36 - 2011-04-09 20:40 - 00000000 ____D () C:\Program Files\Google 2015-05-16 21:40 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore 2015-05-16 21:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2015-05-16 21:29 - 2011-04-09 21:00 - 00000000 ____D () C:\ProgramData\ChangeFolderView 2015-05-16 21:26 - 2011-04-09 20:25 - 03026410 _____ () C:\Windows\AsDebug.log 2015-05-16 21:26 - 2011-04-09 20:25 - 00003472 _____ () C:\Windows\PQArecord.log 2015-05-16 21:26 - 2011-02-18 23:05 - 00352468 _____ () C:\Windows\AsCDProc.log 2015-05-16 21:23 - 2009-07-29 07:58 - 00000000 __SHD () C:\Recovery ==================== Files in the root of some directories ======= 2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Home\AppData\Roaming\MVOEXDWo 2011-04-09 20:59 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe 2015-05-17 05:50 - 2015-05-17 05:51 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2015-05-17 05:50 - 2015-05-17 05:50 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Some content of TEMP: ==================== C:\Users\Home\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2009-07-29 07:52 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Home at 2015-05-17 09:02:12
Running from C:\Users\Home\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3273513408-1347916941-2385951518-500 - Administrator - Disabled)
Gast (S-1-5-21-3273513408-1347916941-2385951518-501 - Limited - Disabled)
Home (S-1-5-21-3273513408-1347916941-2385951518-1000 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-3273513408-1347916941-2385951518-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Trend Micro Titanium Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Trend Micro Titanium Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.85.3 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.14 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0007 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
Asus_PSeries_Screensaver (HKLM-x32\...\Asus_PSeries_Screensaver) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Avira (HKLM-x32\...\{022ef99f-0db2-4efc-964d-5dd2da3151f6}) (Version: 1.1.37.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.37.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: - Oberon Media Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cooking Dash (HKLM-x32\...\Cooking Dash) (Version: - Oberon Media Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.6.1622 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.6.1622 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 8.0.5.3_WHQL (HKLM\...\Elantech) (Version: 8.0.5.3 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker (HKLM-x32\...\Governor of Poker) (Version: - Oberon Media Inc.)
Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version: - Oberon Media Inc.)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2405 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Jewel Quest 3 (HKLM-x32\...\Jewel Quest 3) (Version: - Oberon Media Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Luxor 3 (HKLM-x32\...\Luxor 3) (Version: - Oberon Media Inc.)
Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version: - Oberon Media Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version: - Oberon Media Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6373 - Realtek Semiconductor Corp.)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.8 - ASUS)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
Trend Micro Titanium Internet Security (Version: 3.00 - Trend Micro Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
World of Goo (HKLM-x32\...\World of Goo) (Version: - Oberon Media Inc.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
16-05-2015 21:40:33 Windows Update
16-05-2015 21:59:30 Windows Update
16-05-2015 22:32:17 Free Antivirus - 16.05.2015 22:32
16-05-2015 22:44:11 Removed Fast Boot
17-05-2015 08:16:36 Wiederherstellungsvorgang
17-05-2015 08:32:31 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {22E44078-87D2-49D9-B755-F61E447AB0F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {35981CFC-03FC-4FED-93BB-DE9292AF06CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17] (Google Inc.)
Task: {4520BB44-D419-4A9C-B5DC-2E61EBCC30EE} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {8C87AA70-11E2-413C-B214-18F82EB50F31} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {C16E98E7-0BA1-4029-AC70-C1C7FBD43746} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17] (Google Inc.)
Task: {C20FF9D8-F022-4E16-8612-AF4C8116B095} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS)
Task: {C5586580-6AB5-499A-BC1F-76F4E011C98F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-08-31] (ASUSTeK Computer Inc.)
Task: {DDDA8F55-2B0F-419B-8FB8-B902C55D19E1} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2011-05-11] (ASUSTek Computer Inc.)
Task: {E6E8236F-5577-4AC4-BA77-8FC232684F92} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2011-01-24] ()
Task: {EC3D91E6-C5B5-45FA-935C-E97E291C6471} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-04-09 21:02 - 2010-09-17 10:52 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2011-04-09 21:02 - 2010-09-17 10:52 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2011-09-06 05:29 - 2011-05-24 02:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-01-24 19:55 - 2011-01-24 19:55 - 00541696 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-06-10 19:49 - 2011-06-10 19:49 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2011-05-30 22:48 - 2011-05-30 22:48 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2015-05-07 16:37 - 2015-05-07 16:37 - 00245760 _____ () C:\Program Files (x86)\Avira\Launcher\System.ComponentModel.Composition.dll
2011-08-31 15:33 - 2011-08-31 15:33 - 00208384 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3273513408-1347916941-2385951518-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3273513408-1347916941-2385951518-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Nuance PDF Reader-reminder => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3C51E572-9DD9-42BE-8F50-5C1FBE65910F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AFEB488A-6CB3-49BE-AD06-FED46773247E}] => (Allow) LPort=2869
FirewallRules: [{F4C150B8-79EC-444D-A0D5-A496EFC3C5DF}] => (Allow) LPort=1900
FirewallRules: [{B74AC126-EBF4-4978-8E45-1E7DE72765A4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{42515D95-CD7D-408D-A722-56E648E59E5C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{AB23BD05-DBA7-47E0-A2D9-C2764B41BF88}] => (Allow) LPort=5353
FirewallRules: [{A4801B41-FDD4-4800-8688-17CD76B0EF98}] => (Allow) LPort=8182
FirewallRules: [{DB684519-4E88-4698-A168-AA24CA77B458}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{AA9634AF-0595-42DB-9FD2-5F9B6E46BFF6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Intel(R) Centrino(R) Wireless-N 1030
Description: Intel(R) Centrino(R) Wireless-N 1030
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/17/2015 08:29:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.1.0.51, Zeitstempel: 0x4d6e5ab8
Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.1.0.51, Zeitstempel: 0x4d6e5ab8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001aade
ID des fehlerhaften Prozesses: 0x980
Startzeit der fehlerhaften Anwendung: 0xobexsrv.exe0
Pfad der fehlerhaften Anwendung: obexsrv.exe1
Pfad des fehlerhaften Moduls: obexsrv.exe2
Berichtskennung: obexsrv.exe3
Error: (05/17/2015 08:26:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.1.0.51, Zeitstempel: 0x4d6e5ab8
Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.1.0.51, Zeitstempel: 0x4d6e5ab8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001aade
ID des fehlerhaften Prozesses: 0x80c
Startzeit der fehlerhaften Anwendung: 0xobexsrv.exe0
Pfad der fehlerhaften Anwendung: obexsrv.exe1
Pfad des fehlerhaften Moduls: obexsrv.exe2
Berichtskennung: obexsrv.exe3
Error: (05/16/2015 10:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.1.0.51, Zeitstempel: 0x4d6e5ab8
Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.1.0.51, Zeitstempel: 0x4d6e5ab8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001aade
ID des fehlerhaften Prozesses: 0x8bc
Startzeit der fehlerhaften Anwendung: 0xobexsrv.exe0
Pfad der fehlerhaften Anwendung: obexsrv.exe1
Pfad des fehlerhaften Moduls: obexsrv.exe2
Berichtskennung: obexsrv.exe3
Error: (05/16/2015 09:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421, Zeitstempel: 0x4d76255d
Name des fehlerhaften Moduls: SeaNote.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4d55f072
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72870fd0
ID des fehlerhaften Prozesses: 0x1668
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (05/16/2015 09:25:33 PM) (Source: Google Update) (EventID: 20) (User: NT-AUTORITÄT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://tools.google.com/service/update2
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
System errors:
=============
Error: (05/17/2015 08:35:17 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}
Error: (05/17/2015 08:30:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/17/2015 08:26:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/17/2015 08:25:37 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst EvtEng erreicht.
Error: (05/17/2015 08:11:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (05/16/2015 10:56:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 258
Error: (05/16/2015 10:56:35 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst EvtEng erreicht.
Error: (05/16/2015 10:39:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/16/2015 10:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IHProtect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/16/2015 10:33:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WindowsMangerProtect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (05/17/2015 08:29:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: obexsrv.exe1.1.0.514d6e5ab8obexsrv.exe1.1.0.514d6e5ab8c00000050001aade98001d0906acb6cb51aC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe1cdb3de3-fc5e-11e4-ad33-ac728977c2a1
Error: (05/17/2015 08:26:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: obexsrv.exe1.1.0.514d6e5ab8obexsrv.exe1.1.0.514d6e5ab8c00000050001aade80c01d0906a34b5947aC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe9c359983-fc5d-11e4-aac0-ac728977c2a1
Error: (05/16/2015 10:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: obexsrv.exe1.1.0.514d6e5ab8obexsrv.exe1.1.0.514d6e5ab8c00000050001aade8bc01d09018140bec41C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe9a4a6613-fc0b-11e4-b6b5-ac728977c2a1
Error: (05/16/2015 09:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.164214d76255dSeaNote.dll_unloaded0.0.0.04d55f072c000000572870fd0166801d09010337cbff7C:\Program Files (x86)\Internet Explorer\iexplore.exeSeaNote.dlla1d984e6-fc03-11e4-bc1c-5404a636141e
Error: (05/16/2015 09:25:33 PM) (Source: Google Update) (EventID: 20) (User: NT-AUTORITÄT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://tools.google.com/service/update2
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 49%
Total physical RAM: 4008.17 MB
Available physical RAM: 2016.6 MB
Total Pagefile: 14026.54 MB
Available Pagefile: 11155.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:125.03 GB) (Free:80.08 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:148.06 GB) (Free:144.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 496B9619)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=125 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
17.05.2015, 12:21
| #4 |
| Ruhe in Frieden † 2019 | Crossrider etc. Hallo, du bist mit total veralteten Softwarekomponenten unterwegs... das ist nicht gut. Wieso hast du zwei AVs, schmeiss am besten beide runter und hol dir Avast! (kostenlos) oder Emsisoft (da gibt es auch für TB-User Rabatt). Registrycleaner nutzt man am Besten gar nicht. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 4 Starte noch einmal FRST.
|
|
| Themen zu Crossrider etc. |
| avira, c:\windows, ccleaner, code, falsch, install, install.exe, internet, laptop, log, löschen, malwarebytes, microsoft, neu, neustart, quarantäne, schutz, services, software, system32, temp, uninstall.exe, webseiten, windows, windows 7, yahoo |
Linear-Darstellung
