Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7: Mozilla voll mit Werbung (https://www.trojaner-board.de/164031-windows-7-mozilla-voll-werbung.html)

Weck 15.02.2015 12:07
Windows 7: Mozilla voll mit Werbung
 
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo,
mein Mozilla ist voll mit Werbung und auch mein Chrome hat sehr an Geschwindigkeit eingebüst.
Der einzige Browser der noch "normal" funktioniert ist mein uralter Opera (12.17), der ist aber schon von Haus aus nicht gerade der schnellste. Ich hatte nun den Verdacht, mein PC sei von einem Schädling befallen und habe genau nach Anleitung Defogger, FRST und GMER laufen lassen. Im folgenden die Log. Dateien:
Defogger:
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:44 on 15/02/2015 (******** N. *****)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST.txt
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by ******** N. ***** (administrator) on ******** on 15-02-2015 10:47:10
Running from C:\Users\******** N. *****\Desktop
Loaded Profiles: ******** N. ***** (Available profiles: ******** N. *****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files\V-bates\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Spotify Ltd) C:\Users\******** N. *****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2723624 2011-03-28] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\Run: [MyDefragReminder] => C:\Program Files (x86)\FixCleanRepair\DefragReminder.exe
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\Run: [Spotify Web Helper] => C:\Users\******** N. *****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\Run: [GoogleChromeAutoLaunch_FF2926C14F0EE0991A80295B0C691949] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [898376 2015-02-04] (Google Inc.)
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\RunOnce: [Uninstall C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\RunOnce: [Uninstall C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727"
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\RunOnce: [Uninstall C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\RunOnce: [Uninstall C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\MountPoints2: {77cc3519-5d44-11e1-b0b2-386077e72a8b} - E:\SISetup.exe
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\MountPoints2: {7bd9f764-b90e-11e1-9350-386077e72a8b} - E:\AutoRun.exe
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\MountPoints2: {7bd9f771-b90e-11e1-9350-386077e72a8b} - E:\AutoRun.exe
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\MountPoints2: {9416fe63-cff7-11e1-92a9-386077e72a8b} - G:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [257808 2015-02-02] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [221968 2015-02-02] (Client Connect LTD)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M7F0D54C3-D55D-431B-8FE0-747225637601&SearchSource=55&CUI=&UM=5&UP=SPF3344EE7-0722-4A73-AECF-D07DFF4109C9&SSPV=
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=44444&tt=gc_&babsrc=HP_ss_gin2g&mntrId=528916DE2BF55E45
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M7F0D54C3-D55D-431B-8FE0-747225637601&SearchSource=58&CUI=&UM=5&UP=SPF3344EE7-0722-4A73-AECF-D07DFF4109C9&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M7F0D54C3-D55D-431B-8FE0-747225637601&SearchSource=58&CUI=&UM=5&UP=SPF3344EE7-0722-4A73-AECF-D07DFF4109C9&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=44444&tt=gc_&babsrc=SP_ss&mntrId=528916DE2BF55E45
BHO: V-bates -> {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} -> C:\Program Files\V-bates\Extension64.dll ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: V-bates -> {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} -> C:\Program Files\V-bates\Extension32.dll ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: smartdownloader Class -> {F1AF26F8-1828-4279-ABCE-074EF3235BD7} -> C:\Program Files (x86)\SockshareDownloader\smarterdownloader.dll (TODO: <Company name>)
Toolbar: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D933FD45-73D2-4FA8-B40F-270645B2990B}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M7F0D54C3-D55D-431B-8FE0-747225637601&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPF3344EE7-0722-4A73-AECF-D07DFF4109C9
FF DefaultSearchEngine: Trovi
FF SelectedSearchEngine: Trovi
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-1110688070-1918160584-1403940281-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\******** N. *****\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF user.js: detected! => C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\user.js
FF SearchPlugin: C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\searchplugins\trovi.xml
FF Extension: Avira Browser Safety - C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\abs@avira.com [2015-02-14]
FF Extension: Flash and Video Download - C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-02-14]
FF Extension: Adblock Plus - C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-08-13]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: V-bates - C:\Program Files\V-bates\Firefox [2014-04-05]
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox

Chrome:
=======
CHR Profile: C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-03]
CHR Extension: (Google Docs) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-03]
CHR Extension: (Google Drive) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-03]
CHR Extension: (YouTube) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-03]
CHR Extension: (Adblock Plus) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-03]
CHR Extension: (Google-Suche) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-03]
CHR Extension: (Google Tabellen) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-03]
CHR Extension: (Simple Speed Dial) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdpldlbafdmhlmcdllcjgoigmpjonfc [2015-01-03]
CHR Extension: (Google Wallet) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-03]
CHR Extension: (Socksharedownloader) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm [2015-02-09]
CHR Extension: (Google Mail) - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ohlfohjgijhjlpidbbnmcdooegafnnnm] - C:\Program Files (x86)\SockshareDownloader\SockshareDownloader10.crx [2012-11-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3557136 2015-02-02] (Client Connect LTD)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [209408 2014-02-26] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-23] (Avira Operations GmbH & Co. KG)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Marvell Semiconductor, Inc.)
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 10:47 - 2015-02-15 10:48 - 00024083 _____ () C:\Users\******** N. *****\Desktop\FRST.txt
2015-02-15 10:46 - 2015-02-15 10:47 - 00000000 ____D () C:\FRST
2015-02-15 10:44 - 2015-02-15 10:44 - 00000496 _____ () C:\Users\******** N. *****\Desktop\defogger_disable.log
2015-02-15 10:44 - 2015-02-15 10:44 - 00000000 _____ () C:\Users\******** N. *****\defogger_reenable
2015-02-15 10:31 - 2015-02-15 10:31 - 00380416 _____ () C:\Users\******** N. *****\Desktop\Gmer-19357.exe
2015-02-15 10:28 - 2015-02-15 10:28 - 02134528 _____ (Farbar) C:\Users\******** N. *****\Desktop\FRST64.exe
2015-02-15 10:26 - 2015-02-15 10:26 - 00050477 _____ () C:\Users\******** N. *****\Desktop\Defogger.exe
2015-02-12 04:19 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 04:19 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 04:19 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 04:19 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 10:27 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 10:27 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 10:26 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 10:26 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 10:26 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 10:26 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 10:26 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 10:26 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 10:26 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 10:26 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 10:26 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 10:26 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 10:26 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 10:26 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 10:26 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 10:26 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 10:26 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 10:26 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 10:26 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 10:26 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 10:26 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 10:26 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 10:26 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 10:26 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 10:26 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 10:26 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 10:26 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 10:26 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 10:26 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 10:26 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 10:26 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 10:26 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 10:26 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 10:26 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 10:26 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 10:26 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 10:26 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 10:26 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 10:26 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 10:26 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 10:26 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 10:26 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 10:26 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 10:26 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 10:26 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 10:26 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 10:26 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 10:26 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 10:25 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 10:25 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 10:25 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 10:25 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 10:25 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 10:25 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 10:25 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 10:25 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 10:25 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 10:25 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 10:25 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 10:25 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 10:25 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 10:25 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 10:25 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 10:25 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 10:25 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 10:25 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 10:25 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 10:24 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 10:24 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 10:24 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 10:24 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 10:24 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 10:24 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 10:24 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 10:23 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 10:23 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 10:23 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 10:23 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 10:23 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 10:23 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 10:23 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 10:23 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 17:49 - 2015-02-10 17:50 - 131115372 _____ () C:\Users\******** N. *****\Downloads\150205_1945_Dahoam-is-Dahoam_DiD-Folge-1459-Kunst-am-Kiosk.mp4
2015-02-10 17:49 - 2015-02-10 17:50 - 130909589 _____ () C:\Users\******** N. *****\Downloads\150204_1945_Dahoam-is-Dahoam_DiD-Folge-1458-Wirtsverstaerkung.mp4
2015-02-10 17:49 - 2015-02-10 17:49 - 129571707 _____ () C:\Users\******** N. *****\Downloads\150209_1945_Dahoam-is-Dahoam_DiD-Folge-1460-Ein-schlechter-guter-Tausch.mp4
2015-02-10 10:51 - 2015-02-10 17:44 - 00000000 ____D () C:\Users\******** N. *****\AppData\Local\avaxvyyvyf
2015-02-10 10:51 - 2015-02-10 10:51 - 00003538 _____ () C:\Windows\System32\Tasks\avaxvyyvyf
2015-02-09 23:21 - 2015-02-09 23:15 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-09 23:21 - 2015-02-09 23:15 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-09 23:21 - 2015-02-09 23:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-09 23:20 - 2015-02-09 23:18 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-02-09 23:20 - 2015-02-09 23:18 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-02-09 23:20 - 2015-02-09 23:18 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-07 16:38 - 2015-02-07 16:48 - 00000000 ____D () C:\Users\******** N. *****\AppData\Roaming\namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00450683 _____ () C:\Users\******** N. *****\Downloads\Namexif.exe
2015-02-07 16:37 - 2015-02-07 16:37 - 00000959 _____ () C:\Users\******** N. *****\Desktop\Namexif.lnk
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\Users\******** N. *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Namexif
2015-02-03 23:50 - 2015-02-03 23:52 - 130232661 _____ () C:\Users\******** N. *****\Downloads\150202_1945_Dahoam-is-Dahoam_DiD-Folge-1456-Preissinger-Braeu.mp4
2015-02-03 23:50 - 2015-02-03 23:52 - 129051455 _____ () C:\Users\******** N. *****\Downloads\150203_1945_Dahoam-is-Dahoam_DiD-Folge-1457-Familienangelegenheiten.mp4
2015-01-30 09:34 - 2015-01-30 09:35 - 132496755 _____ () C:\Users\******** N. *****\Downloads\150128_1945_Dahoam-is-Dahoam_DiD-Folge-1453-Monis-Laenderspiel.mp4
2015-01-30 09:33 - 2015-01-30 09:35 - 131642079 _____ () C:\Users\******** N. *****\Downloads\150129_1945_Dahoam-is-Dahoam_DiD-Folge-1455-Rosi-und-der-Unbekannte.mp4
2015-01-28 10:12 - 2015-01-28 10:14 - 132902506 _____ () C:\Users\******** N. *****\Downloads\150127_1945_Dahoam-is-Dahoam_DiD-Folge-1453-Ein-schoener-Gerstl.mp4
2015-01-28 10:12 - 2015-01-28 10:14 - 130621447 _____ () C:\Users\******** N. *****\Downloads\150126_1945_Dahoam-is-Dahoam_DiD-Folge-1452-Ende-eines-Arbeitslebens.mp4
2015-01-23 10:08 - 2015-01-23 10:11 - 131597558 _____ () C:\Users\******** N. *****\Downloads\150114_1945_Dahoam-is-Dahoam_DiD-Folge-1446-Sucht-Gefahr.mp4
2015-01-23 10:07 - 2015-01-23 10:11 - 130007194 _____ () C:\Users\******** N. *****\Downloads\150119_1945_Dahoam-is-Dahoam_DiD-Folge-1448-Schockstarre.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 133603299 _____ () C:\Users\******** N. *****\Downloads\150120_1945_Dahoam-is-Dahoam_DiD-Folge-1449-Politische-Wurst-Phobie.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 131794112 _____ () C:\Users\******** N. *****\Downloads\150121_1945_Dahoam-is-Dahoam_DiD-Folge-1450-Verratene-Enden.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 131238060 _____ () C:\Users\******** N. *****\Downloads\150115_1945_Dahoam-is-Dahoam_DiD-Folge-1447-Rauchende-Kuesse.mp4
2015-01-23 10:06 - 2015-01-23 10:07 - 130627946 _____ () C:\Users\******** N. *****\Downloads\150122_1945_Dahoam-is-Dahoam_DiD-Folge-1451-Theres-mit-Television.mp4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 10:44 - 2012-01-29 08:20 - 00000000 ____D () C:\Users\******** N. *****
2015-02-15 10:40 - 2015-01-03 21:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 10:38 - 2015-01-03 21:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 10:31 - 2014-08-20 01:37 - 00000000 ____D () C:\Users\******** N. *****\AppData\Local\Adobe
2015-02-15 10:25 - 2013-05-18 09:20 - 00000976 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000UA.job
2015-02-15 10:25 - 2013-05-18 09:20 - 00000954 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000Core.job
2015-02-15 10:24 - 2014-05-09 08:34 - 00036856 _____ () C:\Windows\setupact.log
2015-02-15 10:24 - 2011-12-21 02:38 - 01450684 _____ () C:\Windows\WindowsUpdate.log
2015-02-14 23:51 - 2012-01-29 09:18 - 00000000 ____D () C:\Users\******** N. *****\AppData\Roaming\vlc
2015-02-14 21:59 - 2012-08-08 01:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-14 21:18 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-14 21:18 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-14 21:08 - 2012-01-29 08:27 - 00000000 ____D () C:\ProgramData\clear.fi
2015-02-14 21:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-14 21:04 - 2012-08-05 16:14 - 00000000 ____D () C:\Users\******** N. *****\AppData\Roaming\Spotify
2015-02-14 21:04 - 2012-08-05 16:14 - 00000000 ____D () C:\Users\******** N. *****\AppData\Local\Spotify
2015-02-12 04:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 04:04 - 2009-07-14 05:45 - 05253832 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 04:02 - 2014-05-09 08:34 - 00050106 _____ () C:\Windows\PFRO.log
2015-02-12 03:59 - 2014-12-11 03:42 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 03:59 - 2014-05-07 02:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 03:35 - 2012-02-09 13:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 03:29 - 2013-08-02 02:03 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 03:08 - 2012-02-19 15:42 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 23:47 - 2014-08-05 10:09 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-10 23:46 - 2013-03-06 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-10 23:46 - 2013-03-06 13:57 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-10 10:51 - 2014-04-05 13:48 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2015-02-09 23:22 - 2014-02-27 17:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-09 23:22 - 2013-06-24 10:07 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-09 23:21 - 2014-02-23 23:18 - 00000000 ____D () C:\Program Files\Java
2015-02-09 23:18 - 2014-02-23 23:20 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-02-09 23:15 - 2014-08-08 13:58 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-09 23:15 - 2014-02-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-09 23:08 - 2012-04-01 16:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 23:08 - 2011-11-03 14:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 16:28 - 2012-01-29 09:46 - 00000000 ____D () C:\Users\******** N. *****\AppData\Roaming\Adobe
2015-02-07 15:42 - 2011-12-21 11:26 - 00714474 _____ () C:\Windows\system32\perfh007.dat
2015-02-07 15:42 - 2011-12-21 11:26 - 00154526 _____ () C:\Windows\system32\perfc007.dat
2015-02-07 15:42 - 2009-07-14 06:13 - 01649664 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 18:23 - 2012-08-08 18:47 - 00000000 ____D () C:\Users\******** N. *****\Downloads\Pns
2015-02-04 09:35 - 2015-01-03 21:52 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 09:35 - 2015-01-03 21:52 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-27 15:20 - 2014-06-03 09:11 - 00000000 ___RD () C:\Users\******** N. *****\Desktop\Rewe

==================== Files in the root of some directories =======

2012-02-14 18:14 - 2014-12-26 14:20 - 0000132 _____ () C:\Users\******** N. *****\AppData\Roaming\Adobe BMP Format CS5 Prefs
2014-02-17 14:54 - 2014-02-17 14:54 - 0000132 _____ () C:\Users\******** N. *****\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-08-12 12:10 - 2015-01-03 20:40 - 0000132 _____ () C:\Users\******** N. *****\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-01-04 21:04 - 2013-01-19 17:49 - 0000356 _____ () C:\Users\******** N. *****\AppData\Roaming\burnaware.ini
2012-02-23 14:09 - 2012-02-23 14:58 - 0006656 _____ () C:\Users\******** N. *****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-03 09:09 - 2012-08-03 09:09 - 0001430 _____ () C:\Users\******** N. *****\AppData\Local\RecConfig.xml
2012-07-03 23:00 - 2012-07-03 23:00 - 0007605 _____ () C:\Users\******** N. *****\AppData\Local\Resmon.ResmonCfg
2012-07-05 18:39 - 2012-07-07 14:59 - 0017408 _____ () C:\Users\******** N. *****\AppData\Local\WebpageIcons.db
2011-12-21 02:58 - 2011-12-21 03:03 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log
2012-02-17 20:37 - 2013-02-10 20:58 - 0002568 _____ () C:\ProgramData\hpzinstall.log
2012-07-20 20:48 - 2012-07-20 20:48 - 0000032 _____ () C:\ProgramData\Temp.log

Some content of TEMP:
====================
C:\Users\******** N. *****\AppData\Local\Temp\avgnt.exe
C:\Users\******** N. *****\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\******** N. *****\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\******** N. *****\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\******** N. *****\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\******** N. *****\AppData\Local\Temp\SPSetup.exe
C:\Users\******** N. *****\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-12 04:45

==================== End Of Log ============================
Additional.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2015
Ran by ******** N. ***** at 2015-02-15 10:50:18
Running from C:\Users\******** N. *****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0530.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{3605D89A-BD66-F5C5-779B-BE9110B41077}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
B109a-m (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
ChangeFileName 2005 (HKLM-x32\...\{7DE4DD7B-36A3-4233-A6C9-92DC9E56EDC6}) (Version: 2.2.0.0 - www.letsgosoftware.de)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
ClipGrab 3.4.3 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Crescendo Music Notation Editor (HKLM-x32\...\Crescendo) (Version:  - NCH Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dojotech Spotify Recorder (HKLM-x32\...\{D149DB2E-392E-48CC-8036-88BECC09C50A}) (Version: 3.2 - Dojotech Software)
DVDx 4.0 Open Edition (HKLM-x32\...\DVDx 4.0 Open Edition) (Version: 4.0 (Open Edition) - labDV)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Countdown Timer 2.3.0 (HKLM-x32\...\{404245D0-E836-4737-9C12-D4D0034540F5}_is1) (Version: 2.3 - Comfort Software Group)
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version:  - Jodix Technologies Ltd.)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
FreeOCR v4.2 (HKLM-x32\...\freeocr_is1) (Version:  - )
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotogràfica (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Photosmart B109a-m All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{61CF2C86-8E46-4210-A115-E4D6C65AF369}) (Version: 13.0 - HP)
HP Scanjet G3110 (HKLM\...\{6F0EFDE0-EFEB-41CA-9446-ACB7A942911E}) (Version: 14.5 - HP)
hpg3110 (x32 Version: 140.000.000.000 - Ihr Firmenname) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
MAGIX Music Maker 2008 13.0.3.2 (D) (HKLM-x32\...\MAGIX Music Maker 2008 D) (Version: 13.0.3.2 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
Media Player Codec Pack 4.1.9 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.1.9 - Media Player Codec Pack)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PE Builder 3.1.10a (HKLM-x32\...\PE Builder_is1) (Version:  - Bart Lagerweij)
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PS_AIO_06_B109a-m_SW_Min (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{6D172D0A-B9F1-4046-AFAB-8599288545BF}) (Version: 5.34.55.3 - Apple Inc.)
Samsung PC Studio II 2.0 Image Editor (HKLM-x32\...\{8148F35A-B15C-465B-80C2-DC0E1234EC20}) (Version: 1.00.000 - )
Scan (x32 Version: 14.0.1.0 - Hewlett-Packard) Hidden
Scribus 1.4.1 (HKLM-x32\...\Scribus 1.4.1) (Version: 1.4.1 - The Scribus Team)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.20.11.17 - Client Connect LTD) <==== ATTENTION
Shape Collage (HKLM-x32\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SockshareDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - SockshareDownloader.com) <==== ATTENTION
Spotify (HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.17.5 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version:  - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
V-bates 2.0.0.438 (HKLM\...\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1) (Version: 2.0.0.438 - Wajamu) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video DVD Maker v3.32.0.80 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}) (Version:  - )
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
WarrantyExtension (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Hewlett-Packard Image  (05/15/2008 11.5.0.116) (HKLM\...\686C8894C4A74C54EDA40E74ED1AFDB17CF9C474) (Version: 05/15/2008 11.5.0.116 - Hewlett-Packard)
Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3528.0331 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1110688070-1918160584-1403940281-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

30-01-2015 19:10:18 Windows Update
03-02-2015 17:52:43 Windows Update
10-02-2015 12:23:02 Windows Update
12-02-2015 03:02:36 Windows Update
13-02-2015 03:00:55 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0594AD8F-156B-4959-A7FA-25823EE689D1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000Core => C:\Users\******** N. *****\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-18] (Facebook Inc.)
Task: {0AB774BB-A2F7-4386-BF6E-E3CD822263A7} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {0BA46FE8-7B55-4B5C-B39F-7D82993A73BB} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {16A74EEC-F383-4079-9F18-DDE09684A5B6} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {504C2B04-FEF7-4A61-B5DB-2BD74F3CC689} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03] (Google Inc.)
Task: {58E0EEFA-949A-4888-A95A-8F4C2231EAEB} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {65DDC590-60FB-40D5-9726-DEF52A1A73E1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000UA => C:\Users\******** N. *****\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-18] (Facebook Inc.)
Task: {79489BF1-219F-490E-B297-9B5307EC059C} - System32\Tasks\AdobeAAMUpdater-1.0-********-******** N. ***** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {8CBA1C07-C37F-4607-96BF-5CDA0D7AEA73} - System32\Tasks\{1AA72E98-6D2D-45BC-AED5-6080ADBBB0FB} => pcalua.exe -a D:\setup.exe -d D:\
Task: {90CE7407-9CE8-41DD-BD6B-9131E04A3B5A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {99DD0F4B-F6B1-42FD-AB2B-F97B55F5FB42} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {B774AAC0-7878-4C6C-927D-33BC1AAA1BBD} - System32\Tasks\Google Updater and Installer => C:\Users\******** N. *****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {D4B90D9D-F4F1-4E95-8FE7-16E03C10A28A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DE7B37F9-12AE-42FE-8EEA-3C3775D39448} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {E5F1579F-2C87-4F0A-A58A-62DCCADD8F9E} - System32\Tasks\avaxvyyvyf => C:\Users\******** N. *****\AppData\Local\avaxvyyvyf\avaxvyyvyf.exe [2015-02-02] ()
Task: {E71080E8-B568-4426-9B2C-2D17D84509F5} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {EA774276-2C7F-4CBE-A0D5-59C7B14872BC} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-08-09] (Acer)
Task: {EDF4344D-A2E9-4403-8D9E-626A39FB0DD1} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {F8E4FABE-87CC-4869-99C6-065A1C7B2879} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Task: {FAC16774-F265-44C0-B96A-82B9B524C5EA} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {FF8F7607-2A4A-43B6-AACD-F136227A6E4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03] (Google Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000Core.job => C:\Users\******** N. *****\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000UA.job => C:\Users\******** N. *****\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-02-24 17:22 - 2010-03-04 16:56 - 00289280 _____ () C:\Windows\System32\HP1100LM.DLL
2012-02-24 17:24 - 2010-03-04 16:56 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2014-04-05 13:48 - 2014-02-26 14:31 - 00209408 _____ () C:\Program Files\V-bates\ExtensionUpdaterService.exe
2015-02-06 17:32 - 2015-02-04 09:53 - 01450312 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 17:32 - 2015-02-04 09:53 - 00205128 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 17:32 - 2015-02-04 09:53 - 10864456 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2015-02-06 17:32 - 2015-02-04 09:53 - 26771784 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-05 14:22 - 2012-01-05 14:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 14:22 - 2012-01-05 14:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 14:22 - 2012-01-05 14:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00835584 _____ () C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00093696 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00094208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00057344 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00096256 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00062976 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00067072 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00158208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00312832 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00038912 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00073728 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
2012-04-01 16:49 - 2014-05-03 08:58 - 00101888 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\******** N. *****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\startupfolder: C:^Users^******** N. *****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: Facebook Update => "C:\Users\******** N. *****\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreeCT => C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe -autorun
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: MRT => "C:\Windows\system32\MRT.exe" /R
MSCONFIG\startupreg: Spotify => "C:\Users\******** N. *****\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\******** N. *****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Accounts: =============================

Administrator (S-1-5-21-1110688070-1918160584-1403940281-500 - Administrator - Disabled)
Gast (S-1-5-21-1110688070-1918160584-1403940281-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1110688070-1918160584-1403940281-1002 - Limited - Enabled)
******** N. ***** (S-1-5-21-1110688070-1918160584-1403940281-1000 - Administrator - Enabled) => C:\Users\******** N. *****

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2015 10:24:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37853565

Error: (02/15/2015 10:24:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37853565

Error: (02/15/2015 10:24:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/14/2015 11:53:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9594

Error: (02/14/2015 11:53:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9594

Error: (02/14/2015 11:53:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/14/2015 11:53:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6583

Error: (02/14/2015 11:53:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6583

Error: (02/14/2015 11:53:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/14/2015 11:53:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5538


System errors:
=============
Error: (02/14/2015 08:42:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AntiVirSchedulerService erreicht.

Error: (02/13/2015 11:21:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/13/2015 11:21:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Search Protect Service erreicht.

Error: (02/13/2015 11:20:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Search Protect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 20000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/13/2015 11:17:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AntiVirSchedulerService erreicht.

Error: (02/12/2015 04:00:51 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Modules Installer konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (02/12/2015 03:57:43 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (02/12/2015 03:32:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/12/2015 03:32:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (02/09/2015 10:45:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (08/24/2013 06:45:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 714204 seconds with 600 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 60%
Total physical RAM: 3817.9 MB
Available physical RAM: 1496.84 MB
Total Pagefile: 7633.99 MB
Available Pagefile: 4244.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:157.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0553432A)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Bitte helft mit:crazy:
P.S. Sorry das GMER Log war zu lang muss es nun leider anhängen

schrauber 15.02.2015 12:41
hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Bundled software uninstaller

    Search Protect

    SockshareDownloader

    V-bates 2.0.0.438


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Weck 15.02.2015 13:29
Hallo und danke für die schnelle Antwort,

Ich habe nun nach Anleitung mit "Revo uninstaller"
Search Protect und
Sockshare Downloader
entfernt.
V-bates 2.0.0.438 konnte ich im Uninstallerfeld nicht finden.
Der Bundled Software Uninstaller tauchte zwar auf konnte aber nicht entfernt werden. Fehlermeldung: "Unistall fehlgeschalgen! Vermutlich ungültiger deinstall Befehl!"
Soll ich nun trotzdem mit Combofix fortfahren?

schrauber 15.02.2015 19:22
Bei der MEldung einfach ok klicken, dann macht Revo weiter.

Dann direkt weiter mit Combofix.

Weck 15.02.2015 21:56
Hi,
das wäre dann geschafft! Im folgenden nun die Log. Datei:
Code:
ComboFix 15-02-13.02 - ******** N. ***** 15.02.2015  21:18:05.1.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3818.1608 [GMT 1:00]
ausgeführt von:: c:\users\******** N. *****\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\V-bates\ExTEnsion64.dll
c:\users\******** N. *****\AppData\Local\TempDIR
c:\users\******** N. *****\AppData\Local\TempDIR\Offercast2810_NDV_.exe
c:\users\******** N. *****\AppData\Roaming\Microsoft\~DFK48fba939.tmp
c:\users\******** N. *****\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\******** N. *****\AppData\Roaming\Microsoft\bass.dll
c:\users\******** N. *****\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\******** N. *****\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\******** N. *****\AppData\Roaming\Microsoft\peaadje.dll
c:\users\******** N. *****\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\******** N. *****\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\searchplugins\trovi-search.xml
c:\users\******** N. *****\Documents\~WRL3516.tmp
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
(((((((((((((((((((((((  Dateien erstellt von 2015-01-15 bis 2015-02-15  ))))))))))))))))))))))))))))))
.
.
2015-02-15 20:32 . 2015-02-15 20:32        --------        d-----w-        c:\users\Default\AppData\Local\temp
2015-02-15 20:05 . 2015-02-15 20:05        75888        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{1BDBC559-E2B7-4CF5-AF3F-F685C207211B}\offreg.dll
2015-02-15 11:53 . 2015-02-15 11:53        --------        d-----w-        c:\program files (x86)\VS Revo Group
2015-02-15 09:46 . 2015-02-15 09:52        --------        d-----w-        C:\FRST
2015-02-13 22:32 . 2014-12-02 10:26        11870360        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{1BDBC559-E2B7-4CF5-AF3F-F685C207211B}\mpengine.dll
2015-02-12 03:19 . 2015-01-23 03:43        620032        ----a-w-        c:\windows\SysWow64\jscript9diag.dll
2015-02-12 03:19 . 2015-01-23 03:17        4300800        ----a-w-        c:\windows\SysWow64\jscript9.dll
2015-02-12 03:19 . 2015-01-23 04:42        814080        ----a-w-        c:\windows\system32\jscript9diag.dll
2015-02-12 03:19 . 2015-01-23 04:41        6041600        ----a-w-        c:\windows\system32\jscript9.dll
2015-02-11 09:27 . 2015-02-04 03:16        609280        ----a-w-        c:\windows\system32\generaltel.dll
2015-02-11 09:27 . 2015-02-04 03:16        762368        ----a-w-        c:\windows\system32\invagent.dll
2015-02-11 09:27 . 2015-02-04 03:16        414720        ----a-w-        c:\windows\system32\devinv.dll
2015-02-11 09:27 . 2015-02-04 03:16        894976        ----a-w-        c:\windows\system32\appraiser.dll
2015-02-11 09:27 . 2015-02-04 03:16        227328        ----a-w-        c:\windows\system32\aepdu.dll
2015-02-11 09:27 . 2015-02-04 03:13        1098752        ----a-w-        c:\windows\system32\aeinv.dll
2015-02-11 09:27 . 2015-01-27 23:36        1239720        ----a-w-        c:\windows\system32\aitstatic.exe
2015-02-11 09:27 . 2015-02-04 03:16        192000        ----a-w-        c:\windows\system32\aepic.dll
2015-02-11 09:25 . 2015-01-13 03:10        1424384        ----a-w-        c:\windows\system32\WindowsCodecs.dll
2015-02-11 09:24 . 2014-11-26 03:53        861696        ----a-w-        c:\windows\system32\oleaut32.dll
2015-02-11 09:24 . 2014-11-26 03:32        571904        ----a-w-        c:\windows\SysWow64\oleaut32.dll
2015-02-11 09:24 . 2014-10-04 02:10        3722752        ----a-w-        c:\windows\system32\mstscax.dll
2015-02-11 09:24 . 2014-10-04 01:42        3221504        ----a-w-        c:\windows\SysWow64\mstscax.dll
2015-02-11 09:24 . 2014-10-04 01:42        131584        ----a-w-        c:\windows\SysWow64\aaclient.dll
2015-02-11 09:24 . 2014-12-08 03:09        406528        ----a-w-        c:\windows\system32\scesrv.dll
2015-02-11 09:24 . 2014-12-08 02:46        308224        ----a-w-        c:\windows\SysWow64\scesrv.dll
2015-02-11 09:23 . 2015-01-14 06:09        5554112        ----a-w-        c:\windows\system32\ntoskrnl.exe
2015-02-11 09:23 . 2015-01-14 05:44        3972544        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 09:23 . 2015-01-14 05:44        3917760        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2015-02-11 09:23 . 2015-01-14 06:05        503808        ----a-w-        c:\windows\system32\srcore.dll
2015-02-11 09:23 . 2015-01-14 06:05        50176        ----a-w-        c:\windows\system32\srclient.dll
2015-02-11 09:23 . 2015-01-14 06:04        296960        ----a-w-        c:\windows\system32\rstrui.exe
2015-02-11 09:23 . 2015-01-14 05:41        43008        ----a-w-        c:\windows\SysWow64\srclient.dll
2015-02-11 09:23 . 2015-01-09 02:03        3201536        ----a-w-        c:\windows\system32\win32k.sys
2015-02-09 22:21 . 2015-02-09 22:15        98216        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-02-09 22:20 . 2015-02-09 22:18        111016        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll
2015-02-09 22:20 . 2015-02-09 22:18        191400        ----a-w-        c:\windows\system32\javaw.exe
2015-02-09 22:20 . 2015-02-09 22:18        190888        ----a-w-        c:\windows\system32\java.exe
2015-02-09 22:20 . 2015-02-09 22:20        --------        d-----w-        c:\program files (x86)\Common Files\Java
2015-02-07 15:38 . 2015-02-07 15:48        --------        d-----w-        c:\users\******** N. *****\AppData\Roaming\namexif
2015-02-07 15:37 . 2015-02-07 15:37        --------        d-----w-        c:\program files (x86)\Namexif
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-12 02:08 . 2012-02-19 14:42        116773704        ----a-w-        c:\windows\system32\MRT.exe
2015-02-09 22:18 . 2014-02-23 22:20        319912        ----a-w-        c:\windows\system32\javaws.exe
2015-02-09 22:08 . 2012-04-01 15:47        701616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-09 22:08 . 2011-11-03 13:06        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-11 16:38 . 2015-01-11 16:43        3533800        ----a-w-        c:\users\********
2015-01-06 03:36 . 2010-11-21 03:27        298120        ------w-        c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-14 20:03        210432        ----a-w-        c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 20:03        141312        ----a-w-        c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 20:03        52736        ----a-w-        c:\windows\system32\TSWbPrxy.exe
2014-12-06 04:17 . 2015-01-14 20:03        303616        ----a-w-        c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 20:03        52224        ----a-w-        c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 20:03        156672        ----a-w-        c:\windows\SysWow64\ncsi.dll
2014-11-18 13:56 . 2014-11-18 13:56        1202848        ----a-w-        c:\windows\SysWow64\FM20.DLL
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
2014-02-26 13:31        193024        ----a-w-        c:\program files\V-bates\Extension32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}]
2012-11-15 17:30        244328        ----a-w-        c:\program files (x86)\SockshareDownloader\smarterdownloader.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-07 21:12        223432        ----a-w-        c:\users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-07 21:12        223432        ----a-w-        c:\users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-07 21:12        223432        ----a-w-        c:\users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\******** N. *****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-12-11 1676344]
"GoogleChromeAutoLaunch_FF2926C14F0EE0991A80295B0C691949"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-02-04 898376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-26 152392]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-01-19 126712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 V-bates Updater;V-bates Updater;c:\program files\V-bates\ExtensionUpdaterService.exe;c:\program files\V-bates\ExtensionUpdaterService.exe [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S4 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - avipbb
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000Core.job
- c:\users\******** N. *****\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-18 08:20]
.
2015-02-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000UA.job
- c:\users\******** N. *****\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-18 08:20]
.
2015-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 20:52]
.
2015-02-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-03 20:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-05-07 21:12        262344        ----a-w-        c:\users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-05-07 21:12        262344        ----a-w-        c:\users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-05-07 21:12        262344        ----a-w-        c:\users\******** N. *****\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M7F0D54C3-D55D-431B-8FE0-747225637601&SearchSource=55&CUI=&UM=5&UP=SPF3344EE7-0722-4A73-AECF-D07DFF4109C9&SSPV=
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Web-Suche - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{D933FD45-73D2-4FA8-B40F-270645B2990B}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{D933FD45-73D2-4FA8-B40F-270645B2990B}\75C414E4D2036434330333: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\
FF - prefs.js: browser.search.selectedEngine - Trovi
FF - prefs.js: browser.startup.homepage - google.de
FF - user.js: extensions.autoDisableScopes - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-MyDefragReminder - c:\program files (x86)\FixCleanRepair\DefragReminder.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-bi_uninstaller - c:\users\******** N. *****\Local Settings\Application Data\Bundled software uninstaller\biclient.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1110688070-1918160584-1403940281-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{1631550F-191D-4826-B069-D9439253D926}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,4a,22,
  0e,2a,4c,41,0d,ac,65,9b,03,93,19,9d,32
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,17,cc,
  00,9a,bd,e4,07,b9,9a,b8,17,8d,64,f9,d7
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,3b,1b,71,2e,96,
  6a,f2,65,45,08,ab,f5,49,fc,1c,72,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,cb,23,
  88,35,19,d8,0f,92,c0,13,24,77,42,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1f,db,
  c3,72,f1,3c,06,a0,78,de,65,c0,8f,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,3b,1b,f1,05,47,
  32,c1,0e,02,03,b4,af,8d,e9,66,64,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,3b,1b,21,81,16,
  e7,6d,99,49,0b,a3,37,d4,a9,28,9c,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,3b,1b,6f,c1,f9,
  a5,52,97,b7,54,a0,e1,42,e0,c8,40,f1,1b
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,88,07,
  6e,c7,83,4b,03,aa,e7,96,9a,f0,93,69,57
"{F1AF26F8-1828-4279-ABCE-074EF3235BD7}"=hex:51,66,7a,6c,4c,1d,3b,1b,e8,39,bc,
  e9,1f,4d,1e,07,b7,c2,45,0e,f2,69,1f,c3
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,24,3e,
  55,89,3c,1d,02,8c,f9,bf,9b,04,7f,3d,61
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-02-15  21:37:25
ComboFix-quarantined-files.txt  2015-02-15 20:37
.
Vor Suchlauf: 11 Verzeichnis(se), 196.138.016.768 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 196.025.536.512 Bytes frei
.
- - End Of File - - 4C4B44EC97FC6E48422190171D635B89
A36C5E4F47E84449FF07ED3517B43A31
Und tausend dank für deine Hilfe!

schrauber 16.02.2015 17:56
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Weck 17.02.2015 13:58
Hallo,
habe nun alles nach Vorschrift erledigt. Im folgenden habe ich alle Dateien aufgelitet:

MBAM:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 17.02.2015
Suchlauf-Zeit: 11:51:49
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.17.06
Rootkit Datenbank: v2015.02.03.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ******** N. *****

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 369582
Verstrichene Zeit: 40 Min, 53 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\ExtensionUpdaterService.exe, 2024, Löschen bei Neustart, [9bef958a85050e289da37666689b9967]

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 24
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [692152cd03871c1a250af1511ee519e7],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [692152cd03871c1a250af1511ee519e7],
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, In Quarantäne, [3b4fff20820842f408b730dea063619f],
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, In Quarantäne, [3b4fff20820842f408b730dea063619f],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [91f9ec333c4e7abc14dec345c2415da3],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [008a23fc9feb0a2cbe067197ce35a858],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [8505f728c8c2e1554c2998aa2cd7f907],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [d0ba7ba4a3e7c0765c1a86bc778cd52b],
PUP.Optional.VbatesHelper.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\V-bates Updater, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, HKLM\SOFTWARE\V-bates, In Quarantäne, [d6b4be61f89261d53b07fae2976c27d9],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [a5e57ea1b4d685b1c490a915d82b5ba5],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [5337be61ddadce68247226b5ab589e62],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SweetIM, In Quarantäne, [1e6c928d236763d37c97821712f108f8],
PUP.Optional.VbatesHelper.A, HKLM\SOFTWARE\WOW6432NODE\V-bates, In Quarantäne, [f19946d9dcaef5411e24a63610f3bf41],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jcdgjdiieiljkfkdcloehkohchhpekkn, In Quarantäne, [f793c758c9c182b44b18c1f8c83ba25e],
PUP.Optional.SockshareDownloader.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ohlfohjgijhjlpidbbnmcdooegafnnnm, In Quarantäne, [dcaeed324a402d0913e13e50847f9070],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [c1c945da8505a3935913e20e1ee624dc],
PUP.Optional.Delta.A, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\delta LTD, In Quarantäne, [1575041b008adb5bdc3c4ba7f70d6799],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [0288af70137772c4dcbbc516f80bda26],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, In Quarantäne, [1872160907838da98b1a95055ba88a76],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, In Quarantäne, [5d2de43bb0da033368aaefaaa45f6f91],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, In Quarantäne, [98f2100f3c4e57df14471a84c3405fa1],
PUP.Optional.BProtector.A, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, In Quarantäne, [a7e368b74e3cdb5b605322d1030131cf],

Registrierungswerte: 7
PUP.Optional.VBates, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, In Quarantäne, [3b4fff20820842f408b730dea063619f]
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, In Quarantäne, [3b4fff20820842f408b730dea063619f]
PUP.Optional.VBates, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, In Quarantäne, [a7e38897a5e5072f1fa053bb6a996997],
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, In Quarantäne, [4644c659b9d18babebd432dce71cf10f],
PUP.Optional.VBates, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}_IS1|UninstallString, "C:\Program Files\V-bates\unins000.exe", In Quarantäne, [b4d641ded8b2bb7bdfdc6ba650b5cb35]
PUP.BProtector, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://search.babylon.com/?affID=44444&tt=gc_&babsrc=HP_ss_gin2g&mntrId=528916DE2BF55E45, In Quarantäne, [1179d14e4941300697d7e8081be94cb4]
PUP.BProtector, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [4a40a57a52383bfbfe71cf21be4641bf]

Registrierungsdaten: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-1110688070-1918160584-1403940281-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M7F0D54C3-D55D-431B-8FE0-747225637601&SearchSource=55&CUI=&UM=5&UP=SPF3344EE7-0722-4A73-AECF-D07DFF4109C9&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M7F0D54C3-D55D-431B-8FE0-747225637601&SearchSource=55&CUI=&UM=5&UP=SPF3344EE7-0722-4A73-AECF-D07DFF4109C9&SSPV=),Ersetzt,[602a2ef12466ab8bd89d7247c93cf808]

Ordner: 24
PUP.Optional.SmartDownloader.A, C:\Users\******** N. *****\AppData\LocalLow\smartdownloader, In Quarantäne, [8901011e9ded55e104b87e1817ec6f91],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates, Löschen bei Neustart, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\content, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\content\libraries, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\content\resources, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\locale, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\locale\en-US, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\skin, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\defaults, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\defaults\preferences, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\libraries, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\resources, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.Iminent.A, C:\Users\******** N. *****\AppData\Roaming\Iminent\Mediator, In Quarantäne, [7317e13e7b0f4aeceb31aaacc043d52b],
PUP.Optional.Iminent.A, C:\Users\******** N. *****\AppData\Roaming\Iminent\Mediator\Datas, In Quarantäne, [7317e13e7b0f4aeceb31aaacc043d52b],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\html, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\images, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\js, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.SockShareDownloader.A, C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\jetpack\socksharedownloader@socksharedownloader.com, In Quarantäne, [95f5fd224b3f3501a05265f6c53e13ed],
PUP.Optional.SockShareDownloader.A, C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\jetpack\socksharedownloader@socksharedownloader.com\simple-storage, In Quarantäne, [95f5fd224b3f3501a05265f6c53e13ed],
PUP.Optional.SockshareDownloader.A, C:\Users\******** N. *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SockshareDownloader.com, In Quarantäne, [eb9f3ae53a50a98d74edb2d3e1227090],

Dateien: 46
PUP.Optional.VBates, C:\Program Files\V-bates\Extension32.dll, In Quarantäne, [3b4fff20820842f408b730dea063619f],
PUP.Optional.Trovi.A, C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\searchplugins\trovi.xml, In Quarantäne, [aedc819e008ac274b80c325f0ff4e818],
PUP.Optional.SmartDownloader.A, C:\Users\******** N. *****\AppData\LocalLow\smartdownloader\manifest.xml, In Quarantäne, [8901011e9ded55e104b87e1817ec6f91],
PUP.Optional.SmartDownloader.A, C:\Users\******** N. *****\AppData\LocalLow\smartdownloader\background.html, In Quarantäne, [8901011e9ded55e104b87e1817ec6f91],
PUP.Optional.SmartDownloader.A, C:\Users\******** N. *****\AppData\LocalLow\smartdownloader\ex.js, In Quarantäne, [8901011e9ded55e104b87e1817ec6f91],
PUP.Optional.SmartDownloader.A, C:\Users\******** N. *****\AppData\LocalLow\smartdownloader\jquery.js, In Quarantäne, [8901011e9ded55e104b87e1817ec6f91],
PUP.Optional.SmartDownloader.A, C:\Users\******** N. *****\AppData\LocalLow\smartdownloader\utr.js, In Quarantäne, [8901011e9ded55e104b87e1817ec6f91],
PUP.Optional.AZLyrics.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage, In Quarantäne, [ec9e79a6c1c9033383cb1c7f38cb2ed2],
PUP.Optional.AZLyrics.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal, In Quarantäne, [afdb35eaed9de056c5890f8c3cc737c9],
PUP.Optional.SweetIM.A, C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\searchplugins\sweetim.xml, In Quarantäne, [038757c839511224b75a794b2dd6d828],
PUP.Optional.Babylon.A, C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\searchplugins\babylon.xml, In Quarantäne, [aedcde417317d4629d5c10bf659e12ee],
PUP.Optional.BProtector.A, C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\bProtector_extensions.sqlite, In Quarantäne, [2e5c1d0202883df98e77d5fb48bb9769],
PUP.Optional.BProtector.A, C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\bprotector_prefs.js, In Quarantäne, [810950cfd1b901358d79983841c245bb],
PUP.Optional.Delta.A, C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\searchplugins\delta.xml, In Quarantäne, [7c0e6bb484061e182a02517fe61d37c9],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\source.crx, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\DGChrome.exe, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\ExtensionUpdaterService.exe, Löschen bei Neustart, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\InstallerHelper.dll, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\NMHClient.exe, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\NMHClient.json, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\PrefHelper.exe, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\unins000.dat, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\unins000.exe, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome.manifest, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\icon.png, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\install.rdf, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\content\main.js, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\content\main.xul, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\content\libraries\DataExchangeScript.js, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\content\resources\LocalScript.js, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\locale\en-US\overlay.dtd, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\chrome\skin\overlay.css, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\Firefox\defaults\preferences\defaults.js, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\libraries\DataExchangeScript.js, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.VbatesHelper.A, C:\Program Files\V-bates\resources\LocalScript.js, In Quarantäne, [9bef958a85050e289da37666689b9967],
PUP.Optional.Iminent.A, C:\Users\******** N. *****\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat, In Quarantäne, [7317e13e7b0f4aeceb31aaacc043d52b],
PUP.Optional.Iminent.A, C:\Users\******** N. *****\AppData\Roaming\Iminent\Mediator\Datas\user.dat, In Quarantäne, [7317e13e7b0f4aeceb31aaacc043d52b],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\manifest.json, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\html\background.html, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\images\icon.16.png, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\images\icon.48.png, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\images\icon.64.png, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\js\background.js, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\js\ex.js, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.CrossRider.A, C:\Users\******** N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\js\jquery.js, In Quarantäne, [f1991708820892a4ca43b4a6847f14ec],
PUP.Optional.SockShareDownloader.A, C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\jetpack\socksharedownloader@socksharedownloader.com\simple-storage\store.json, In Quarantäne, [95f5fd224b3f3501a05265f6c53e13ed],

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
AdwCleaner:

Code:
# AdwCleaner v4.110 - Bericht erstellt 17/02/2015 um 12:56:30
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-14.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : ******** N. ***** - ********
# Gestarted von : C:\Users\******** N. *****\Desktop\AdwCleaner_4.110.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\PC Drivers HeadQuarters
Ordner Gelöscht : C:\Program Files (x86)\SockshareDownloader
Ordner Gelöscht : C:\Program Files (x86)\PC Drivers HeadQuarters
Ordner Gelöscht : C:\Users\******** N. *****\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\******** N. *****\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\******** N. *****\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\******** N. *****\AppData\Roaming\Iminent
Datei Gelöscht : C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\in*****idprefs.js
Datei Gelöscht : C:\Users\******** N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\user.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\5e4d6d0b339bf45
Schlüssel Gelöscht : HKLM\SOFTWARE\5e4d6d0b339bf45
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{162E06EC-4E38-4809-AE76-BF2400D34334}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1AF26F8-1828-4279-ABCE-074EF3235BD7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v31.0 (x86 de)

[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultenginename", "Trovi");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "Trovi");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.admin", false);
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.aflt", "babsst");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.dfltLng", "en");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.excTlbr", false);
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.id", "528975c400000000000016de2bf55e45");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.instlDay", "15847");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.instlRef", "sst");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.newTab", false);
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.prdct", "delta");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.rvrt", "false");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.smplGrp", "none");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.tlbrId", "base");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.515:14:14");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta_i.babExt", "");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=44444&tt=gc_");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_partn_time_primeshare.tv", "not set");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_partn_time_search.conduit.com", "not set");
[6hyy18nw.default\prefs.js] - Zeile Gelöscht : user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_whiteListSearch", "{\"isearch.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"se[...]

-\\ Google Chrome v40.0.2214.111


*************************

AdwCleaner[R0].txt - [15464 Bytes] - [17/02/2015 12:49:47]
AdwCleaner[S0].txt - [15269 Bytes] - [17/02/2015 12:56:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15329  Bytes] ##########
JRT:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by ******** N. ***** on 17.02.2015 at 13:09:16,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\******** N. *****\appdata\local\pc_drivers_headquarters"
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{0069A8D4-217F-461A-AA8C-E86E4BF0A0A5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{01AA1511-0228-465A-BFEC-0828927154E3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{01F603F6-EBF8-4D3A-9F35-9388D15C67B1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{02692433-840F-415F-B004-86B07AD45A1B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{028FEE0F-E50C-448B-AC97-63600829C396}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{031F0BCD-C170-47D8-85E3-43AB7C67F13C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{03784B6A-A119-4A77-8BE2-E335EB8CB2D1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{054074FB-803A-462B-B255-A59F5E666C77}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{054B4518-6F66-456D-A4F7-FA71D3941FFA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{05BE3B65-00DC-4DC9-B6A5-A6A04A1E1BF8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{06DDC614-C809-432B-BC84-3B2837C9DE6E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{08CEE919-309B-4505-A131-12C9AEB76A5A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{0AC33CA8-BDD5-40DB-AE96-06CF920E2582}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{0BA7D6DE-A14A-403A-BE95-61E08A3C851D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{0FB095AD-BA27-4AA1-8CD3-A5027F11AA8D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{111721AA-1773-4F74-A795-BB27C13E24FB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{12ABFE34-1A03-4B6D-9897-E9390948D4AB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{131129B6-4CF2-4004-9F86-B12ED303F7D3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1392F431-0065-455C-B86D-CE815A71B0D6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{13EB3DFE-7D98-415C-89FD-04FE09772358}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{15DC4A87-3A98-44B7-9D0A-559A7311D7DC}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{16A11BD5-ECA6-4360-BBF2-067C69224B70}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{16F3E1B4-9B87-4EBC-9989-6EC47F5C8754}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{17A26176-32A8-493B-A43B-FB51023F67B7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1876A715-CAEC-427C-B12D-E7150382A944}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1905492B-3252-48C6-9CF7-4FE168FE078F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1A8CBA42-BD7F-4E7D-87C6-4E5B458D87D4}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1B06F895-FE73-4737-AC14-BD5CD275FA09}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1D6017CC-E579-449D-9229-C9D7A29B4167}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1F33BF53-9FA9-4800-B512-2826317AF320}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1F3EA231-81BE-445D-B0FA-4BB448DA32C4}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1FE09C2C-5996-4885-A2DE-B728147FE472}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{2005A93C-80DC-47A4-988C-63E0E9A24411}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{202E8B0C-5EAC-4830-BF9D-21032083DE6D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{208D9C0B-5CA9-4E93-A834-AF301A9EBA31}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{22537C4A-A5A7-4B1C-BE49-5D1E36B1B397}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{23228667-9BF8-4209-AA68-EDD43EF786EF}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{235949E5-9FE6-4D62-94BB-42C889D62311}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{25116577-E914-433A-82E2-4923350A5D93}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{254C8D47-79CA-4922-984B-2B8235B50F98}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{27701829-63CE-43AC-BC22-E66D16AEE947}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{27C4C3C5-EC5C-42D3-B2D2-CF3D808AE586}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{2A581DE7-10AE-4A4B-A4C2-F70C2BB715B4}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{2AD69C11-8BFE-435A-B41B-3750E3C4C54D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{2C066BEE-FD1D-4AB7-9699-0762E68B62DF}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{2D5C981A-E024-4901-BA14-684373E28693}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{30C0D16A-334D-49CB-9E5D-1D3C8EA6A9BB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{31BA6F7D-5ED9-4DB9-974F-818460E07B73}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{327DDDB1-A0B3-4E28-821F-CB9D7CEC1B1B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{33210404-CAF1-4F8F-B650-A7A06C10419F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{347A6013-7FCF-416F-9518-5BD06390AE60}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{34C0CBAA-A18A-4467-B60E-C18B8A4F9AA7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{359CFD00-498F-4186-80E6-B52ECBEBF254}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{35DFF252-3527-4325-B211-B5794D29A647}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{36A08279-D181-4F8E-8FB3-39592EC54802}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{3855CFF2-A6C9-40AB-A9DD-5BF72CDCAA20}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{38793FC4-5277-45A6-A2C3-ADACCEC7B75B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{38F2D2B5-EDA4-42B7-A347-A9DEAF8E8E2E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{392AD823-978A-4CA8-B31A-17DED48F3D05}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{396EB52B-F086-4074-AB1A-68551127A7B9}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{39C83B45-9F54-4F08-815D-95E90159B868}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{39CA5A05-9E0C-4095-9322-4C80B04A946E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{3BBBA918-D26D-4A96-BFBC-9621733D9923}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{3EB4EB04-FCF1-4272-A5BF-500209E5EAEA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{3EDB8BF8-D8A6-4C62-AB5E-CFACE4634A8D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{3FCA682F-AE3B-4315-B423-2B048FD38A2B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{40AF7881-550F-4EFF-955C-B0C0DED8A8B0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{412FF67A-BBE6-418E-8FFF-84C29CC20176}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{41D7F081-5D61-4851-B808-4BFCEE3A82B0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{41D7F34B-6DD7-41AA-9C9C-309225B7EE54}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4269CFC4-2932-459E-9F41-323CE54C70A1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{42BFAE00-9DF0-4967-8A35-A05C020B5EA3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{44B4B77C-358A-4277-BBD5-D406571C7262}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{45032485-EA8A-47DA-A7B3-E94D6B87F552}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{458C19DF-54F3-4C58-A8D6-555F54E68B89}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{46DB8B9A-D013-42AD-BB98-ADA72B70CC38}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{479742BD-AF3D-4A09-8999-3C2AAA3F5C2E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{486DDF86-1C7D-46C9-97AC-16AD73E35287}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{48A49002-455D-485C-8809-C8AB8C345E55}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{493151D0-1C96-41F9-8CD9-55CA20A7BF72}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4A0EC9FA-6513-43F4-B777-DEC1571A8FE0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4CE12D06-268F-4A07-A98B-2D3FCE4DB9FA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4CE1CE80-7FC4-4159-9C62-068EA5A12CEA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4DE83334-01FC-40AB-A623-1261002B6486}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4F705529-2F14-49D5-8727-C5297CBDEFF5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{50145472-6BE3-4D34-AB59-E6AD9AA63BD1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{512AF738-A88F-4E33-BABE-9C3C560D3394}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{525006E1-90DC-4EC4-9EE1-50FAD587D8DE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{546B8AFC-A557-4B30-8B8A-0CDDE38358DA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{560EA1A2-9B77-46E5-9F7E-8964289BF2E7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{56E3578A-AE1E-4D92-888E-93BA520A34D5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{577AAEC5-14BF-4645-9024-29C0B737327D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{577F2F86-5B42-4FA3-BC6F-ADF0B334B45F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{589795AF-1323-4836-9981-445333FBC2BF}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{59282A1B-00E8-4C48-B5A8-A5BBD0222DDA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{592C36DC-035A-476A-BA39-17292AAEC3BF}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5950FEB4-BCD7-411D-AFE8-DF9D0BE9A3E6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5A38D9F9-CA5B-4D8E-9B8F-563A3FA1707D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5B74CFCC-3B47-4011-BC71-8799403AECCE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5B7A0CE8-09D7-44C7-9313-C8AFC6D23A43}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5E6A1969-2274-4A7A-8EB0-A9ACEB6BD061}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5E93ADF9-DC12-4E19-B0D3-6828B2CB36DB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5F661C50-F501-4B2D-9F6F-C863A8327503}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{60C8BA36-C629-426A-8B0B-3442FF2ADEF7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{60FC2DCE-B1EA-4B28-9A8F-FAD80EFF4F46}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{61145512-FDAB-47D9-B770-ADC8538DDABE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{621C985B-11C7-44AE-964D-859EF14E1EC6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{62ECE4BF-B98D-411E-9FB5-384AACA7064D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{63C6DE56-7B03-4F86-9F6A-9DBF615AC096}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{642CA414-BBBB-4CF3-A4B6-968A3757533E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{648F8563-7756-41AE-94EB-6E1E0939B16A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{65071CFD-7FB4-4494-A797-58AEF44EC263}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{66A2608E-E50F-4362-8CC7-0B003F945B3C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{66A310C3-75D1-4AF6-B8F9-40B719F81D20}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{67BEA1B3-E823-4AB5-8F6B-83F765286A26}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6820BCB5-7B05-4DE2-9D43-31DC44136D2B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6832BC11-E2DE-49E5-882A-E9C84A95FC31}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6858633D-C62F-467B-8852-ADAF5FC11B40}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{69761B79-F0E0-47C0-93E7-8DDC46C78F3A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6AD8FD59-B444-4D4B-B411-2B20115FA0E7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6ADBE56D-E793-4F9C-ACDD-424726AAAA27}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6BAB3A8F-6650-4AC5-8306-288A29C68074}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6BFEE0F1-6F11-4910-8C29-79990DE279A2}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6C479D4F-F9D9-4321-AF1B-76301589C399}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6C4F4DB9-A05C-4D25-99A3-DF5A2440D5D8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6E3F9CC1-DFD7-4244-987D-F717CE4C5E74}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6E6FFF0B-21B7-42B0-9680-AA374B55CAC8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6F4BCA39-8529-42C8-BE23-5CEB49C38B28}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{71C381C0-598A-4588-A923-D3616ADCDD65}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7222593F-05DA-478E-B67F-E72D25817DAD}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{73BE7B03-F9FF-47AC-82F3-97984C52C10A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{73DF6B0F-D681-42C8-8FA6-DB52C8397DEE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{73EDE767-22A2-4BA1-AED4-D0EAE962A358}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{75C2B290-00ED-483D-BC04-0878E0284659}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{76E16407-1552-4E2E-9CB7-A15354D5C8E5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{778CD8BE-9CBD-47BE-9FCA-D1353E5E3C58}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{77D124DD-665E-488B-95C3-3B0123C60A93}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{788BEE38-FF72-4162-B744-5816FEBC4D53}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{78A68F66-5969-40DB-B4F2-9F5A6B6C2C87}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7972B0AC-B1BE-4C83-A445-B7645F2A1E58}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7B65D1AE-AAC8-4057-BA37-9CCB8F63B4F8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7B7E2322-0137-4A9E-9894-75FCB3BDBB2B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7C5BDAA0-51E0-4DD0-AB01-3D854FAA58FB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7E23CEF5-3B5B-425C-B559-AE1B6D9A49D0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{81FA18DA-36F0-4C5D-B609-5F86725AC290}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{83D46C61-0204-424D-BDE8-316FEC0A95CA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{85BB8185-3F51-46E7-8C88-77BDAE3642CC}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{86610655-1096-44DD-9D01-B904C4DA50E3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{87045963-F33F-4FD6-86DC-BE15723418D8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8A0D803F-C2E3-4F87-8788-A16014FB1D0E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8AB63853-F26F-4C0C-BCE4-494F56EBFECC}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8C2B8689-A52A-4F51-9DD8-CDE73FC13DAA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8C540EFD-67F0-471D-B880-3B1BDFFB92D9}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8CC60E07-9542-43E1-950A-7B3141FC0D74}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8D8A7C69-D6DF-498B-B8C2-21EBE9B81F45}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8FA0A35D-C023-4C5F-91B4-EDBA14B4CE41}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8FDD0FEC-2B96-4145-882A-7EB9807AFEA6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{91E89A01-A167-4EEA-8935-D059364A65A5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{94D17996-412C-4BC6-B523-511E635652AA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{96E0CA71-FEA5-42B6-BEFB-8921A813E1C9}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{977C741A-41A0-4BD3-8421-65F2932812BE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9786DBC3-251E-4C62-95F0-BE5B856F59A8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9902BDF2-4114-4FAC-8F13-6DAE8C81EF86}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9B126FF7-6FA9-43E7-9E45-97ADB8D14A95}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9B54D09F-932F-4D4D-B0CC-2701E1FA604C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9CF6A441-CCB9-4E0D-BCA5-2C03894BF57A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9E2298CD-FE91-4130-9560-E1B11338F3A1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9FA040FD-4D14-40EF-B398-EB87254FDDA6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A0CB6C78-E55A-4886-A1CD-4BE18E19772C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A1FC6822-9DA7-4B2C-A56E-EEA4E5EA5EF7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A20192E7-A73B-45E1-94D8-397A4C6F0C0F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A26462DA-B3A9-418E-9324-ADDD09BE0A5A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A31328C6-4819-4490-AB93-C5A377A0C3F0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A3853A95-9B04-4CDD-86C6-E48E2464B98D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A44E9753-1D4C-4631-83D1-7EC3B00C8E79}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A5A281E3-4D98-4564-BF69-8E6673A9802D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AB065DCE-59B8-475F-905C-447CDF4F248B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{ABECBCAE-C5DC-4358-AA45-E1155BCC4BA1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AD243E25-4AE6-4BE6-A26F-EEB42F3DCB68}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AD3CEA9A-AE8C-432E-A259-E65C0F550933}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AD6BA6E3-8A40-4480-9E64-724B65EFE803}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AE30FE2D-25DE-4B47-BDC7-5929063E7013}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AEA7344B-6705-4068-8888-72ADA6CBDC6B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AF79DB85-E055-476F-ABB7-6C04BB582CEC}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AFA0EE32-A45D-4B8A-BF90-E7862DD83111}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B06B89BC-43EC-4FB1-B118-D8929D2D2932}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B1B3F792-3082-4CA2-993A-93271A8A148D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B2730892-B1B8-46F4-8C4F-6B2586EA2918}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B391B641-EBC5-431D-BB93-85EFA609AEBE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B4A52DBF-2CA5-4303-9826-B4D3B2846328}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B4ED8EC7-941D-4F33-B79B-9EAA7A4E9B67}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B573AFE6-79D9-468B-B38F-2ED4FB9896DE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B65C2260-C1B7-4E33-A970-125258C83F58}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B6A5E202-2453-4FD3-9F4E-F5813212A8BE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B7A5B496-5B89-4E0D-82F7-3E8FAFAFBB2E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B849A2BF-56B3-4BFC-8D74-8E610869731E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BA760EB2-9A90-4F90-932C-92095C6F9A89}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BB1C7AC6-D6CD-4F65-9E22-CBA978AFA7DB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BBC2F74E-2CCD-40B0-8993-4D5A67AE53BB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BC7AB7F5-B590-40BC-8B32-B40C94AF3568}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BE8A20ED-0C14-4B81-AA78-6E1654D71963}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BED161EB-3535-4BD8-BBE2-591FACF5713C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BF0CC7DB-A7F7-490D-A072-1172D029307F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BF7B1620-A733-4EBB-9FCF-B524A8C1A06D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C026D5C3-E12B-4C27-90AE-C1AA331B56F3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C268B966-0DCE-4D70-8A56-7E8EA7C69CE0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C43BB5DB-EFC4-4A56-A1EA-71B172F5DC77}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C4AF0524-8016-4306-81BD-DB9145D6CE17}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C5DB888A-CCCF-4451-A4F2-EAD5D6327516}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C85895B2-83A5-48B1-AFA5-0EC04444349D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C8608341-5C27-4F5D-8DEC-DA20D701041B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C8D3AAEC-FA0C-4367-B316-BFAE39B114DE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C9F3D74A-4845-4C4D-B7A1-2346C7AE33EA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CB5BB9E2-72DD-4B9B-A128-70CD65D35801}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CB7FFD19-BBDB-4CCE-96C1-3FC0BF691B4B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CB9144D3-71D9-40E8-85DD-10BB9B3A79DB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CBA297BE-826A-4155-BBC7-EEC960102653}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CCF74D58-79BB-413E-BAEA-D6DED9018127}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CD6C6B04-1DFF-4A2A-8B27-D21BB0CDA8D9}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CD92D612-B90A-4FAA-B662-3AE627528A5C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CE4B90B7-374D-438F-80C8-063B240AEA29}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CF64D01D-054A-4B77-A91A-7F4BB6012619}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D00DD37A-ECAE-4BE8-9164-C6568B6A2BDA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D01B7636-5D33-4754-8698-2EC1FA1C6781}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D1E66B78-88B1-419D-A613-47B5E77D078D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D246D0E1-774D-44A0-9483-D567899B997D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D29FB887-FDE6-44C0-91B1-E37C7347FFBA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D2E33DE6-6ED6-4A18-A36A-CC3C8179FB47}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D379215F-A342-4852-9713-B6D42FFF86F1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D3821347-7E87-44F7-A1FE-BB8475F9A967}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D4CB8A4F-9E6C-4931-BE42-BFEC7109696B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D4EB0E9B-5DD4-4B96-A91A-9C75E07421E4}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D6130681-4096-4A1A-8203-DC40893AA17F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D8D08DA4-1D1A-45B7-B450-D45280E88506}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DA39DFD3-C3B6-4722-80AE-DB94A5877744}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DAA631CD-3218-46F6-ACBF-97598E06E5FB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DB4387C6-4FC4-4A0A-9A97-8B479640F84D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DB83D81A-FADD-4D02-A3F7-93D57C6E073C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DC8D4F03-DF6B-43F9-97E2-92D570D2B578}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DF354408-17DC-45FE-B98F-48F1906849B1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DF830B10-3BAA-4721-BBC7-201402C9214A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E0F36CF3-D121-4F0E-8375-F386886EA238}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E1A08CD7-5532-4F55-99FC-7A91DFDEDA90}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E27E8BB7-04D1-4C61-A074-F00A4AD92BEB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E39E0118-C075-440C-B285-EA33D4DBBCAA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E4B97CFE-C902-4CE2-AE3A-342D25D71C83}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E4E34940-4646-451F-91B3-83C73907EDAD}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E509536A-54BD-42F3-92A0-5C0E350A20B6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E5CF891D-A34C-4B31-9690-5DD64032DEE1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E6C25D05-9B79-42F2-8D2D-E0C005CBAED3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E7877C13-3A47-4137-B870-33B444FC422C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E7B7C4C5-ED7F-4947-B3B6-B2D47D96F12D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E86F7A21-B610-47D4-AF93-BE47EF94807E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{EAAA5045-CCD1-4D79-AA51-8D34696F9147}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{EB2577FC-A599-428F-9CA3-83BFC3ABAAEF}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{EBCFEF6D-BDF7-4C1E-A5E1-26FD004C638F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{EC7A5595-2557-4DA1-A6E8-36B970459EB8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{EF95627F-A0C7-4EE7-886C-A004F7852656}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F13AC0F3-2E04-44C2-8AF7-B22D5854955F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F1F54F33-FD3B-45FD-86DC-BE7FE2905972}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F36E8E89-43D8-44C0-96C6-D2C71AFD1977}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F420E318-A4C8-49DD-B38B-540597FE6C6F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F509CBC5-8875-4503-B4BA-6EDB18C0B810}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F55B2EF1-E352-4456-B2F4-3533907A5E17}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F58C4AF4-CCE3-4E7E-A11F-89AA04482CEA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F602B005-F0A3-4419-99EB-029469C2791A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F6B82E1F-9522-42F0-AD96-31A9EB00991D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F739C575-B6DF-49BA-8F74-2EEF43B438E5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F86631CC-03FD-4950-8AAC-D3EE796DE95E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FA73A53C-54C8-4DC0-B703-BF501BD4A133}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FAA107DA-5729-4E58-BB00-404D5869A166}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FB2F42D6-2703-41A2-AD42-B05135F19660}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FC7C577F-D578-49E0-A7DA-C7DEAD98293A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FD02569C-DF8F-4B47-AA47-7DD7C27A233E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FE2864DA-7CEE-4E88-84F5-70B661D33020}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FF014A0A-9F10-4E31-83A4-59A99B84A0C9}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FF291369-7340-459F-9E13-F866C221F084}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FF74F137-9B8E-43D7-93FE-30527BF7837B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FF8AA234-BC27-4760-9B0C-C7E753A7DB64}



~~~ FireFox

Failed to delete: [Folder] C:\Users\******** N. *****\AppData\Roaming\mozilla\firefox\profiles\6hyy18nw.default\extensions\staged
Successfully deleted the following from C:\Users\******** N. *****\AppData\Roaming\mozilla\firefox\profiles\6hyy18nw.default\prefs.js

user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_executeCode", "var VBATES_IsValidUrl=function(currentUrl,currentBrowser,queryParam){try{var urlParts=curren
user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_partners", "{_&&_www.brandalley.co.uk_&&_:_&&_www.awin1.com/awclick.php?mid=3676&id=178119_&&_,_&&_www.curr
Emptied folder: C:\Users\******** N. *****\AppData\Roaming\mozilla\firefox\profiles\6hyy18nw.default\minidumps [20 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.02.2015 at 13:22:07,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Das neue FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by ********* N. ***** (administrator) on ********* on 17-02-2015 13:31:50
Running from C:\Users\********* N. *****\Desktop
Loaded Profiles: ********* N. ***** (Available profiles: ********* N. *****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Spotify Ltd) C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2723624 2011-03-28] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\Run: [Spotify Web Helper] => C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\Run: [GoogleChromeAutoLaunch_FF2926C14F0EE0991A80295B0C691949] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [898376 2015-02-04] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D933FD45-73D2-4FA8-B40F-270645B2990B}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default
FF NewTab: about:newtab
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-1110688070-1918160584-1403940281-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\********* N. *****\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Avira Browser Safety - C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\abs@avira.com [2015-02-14]
FF Extension: Flash and Video Download - C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-02-14]
FF Extension: Adblock Plus - C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-08-13]
FF Extension: No Name - C:\Program Files\V-bates\Firefox [Not Found]

Chrome:
=======
CHR Profile: C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-03]
CHR Extension: (Google Docs) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-03]
CHR Extension: (Google Drive) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-03]
CHR Extension: (YouTube) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-03]
CHR Extension: (Adblock Plus) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-03]
CHR Extension: (Google-Suche) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-03]
CHR Extension: (Google Tabellen) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-03]
CHR Extension: (Simple Speed Dial) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdpldlbafdmhlmcdllcjgoigmpjonfc [2015-01-03]
CHR Extension: (Google Wallet) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-03]
CHR Extension: (Google Mail) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-04] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-02-04] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Marvell Semiconductor, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-17 13:22 - 2015-02-17 13:22 - 00034426 _____ () C:\Users\********* N. *****\Desktop\JRT.txt
2015-02-17 13:07 - 2015-02-17 13:07 - 01388274 _____ (Thisisu) C:\Users\********* N. *****\Desktop\JRT.exe
2015-02-17 13:05 - 2015-02-17 13:03 - 00015596 _____ () C:\Users\********* N. *****\Desktop\AdwCleaner[S0].txt
2015-02-17 12:49 - 2015-02-17 12:56 - 00000000 ____D () C:\AdwCleaner
2015-02-17 12:48 - 2015-02-17 12:48 - 02112512 _____ () C:\Users\********* N. *****\Desktop\AdwCleaner_4.110.exe
2015-02-17 12:45 - 2015-02-17 12:45 - 00018841 _____ () C:\Users\********* N. *****\Desktop\mbam.txt
2015-02-17 11:50 - 2015-02-17 13:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-17 11:50 - 2015-02-17 11:50 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-17 11:50 - 2015-02-17 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-17 11:49 - 2015-02-17 11:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-17 11:49 - 2015-02-17 11:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-17 11:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-17 11:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-17 11:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-17 11:42 - 2015-02-17 11:42 - 00024949 _____ () C:\Users\********* N. *****\Desktop\ComboFix.txt
2015-02-17 11:41 - 2015-02-17 11:41 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\********* N. *****\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-15 23:52 - 2015-02-15 23:50 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-15 21:49 - 2015-02-15 21:49 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Avira
2015-02-15 21:46 - 2015-02-04 17:51 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-15 21:46 - 2015-02-04 17:51 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-15 21:46 - 2015-02-04 17:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-02-15 21:37 - 2015-02-15 21:37 - 00024949 _____ () C:\ComboFix.txt
2015-02-15 21:14 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-15 21:14 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-15 21:14 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-15 21:07 - 2015-02-15 21:08 - 160782960 _____ () C:\Users\********* N. *****\Desktop\avira_free_antivirus_de_15.0.8.624.exe
2015-02-15 20:54 - 2015-02-15 21:37 - 00000000 ____D () C:\Qoobox
2015-02-15 20:53 - 2015-02-15 21:33 - 00000000 ____D () C:\Windows\erdnt
2015-02-15 20:24 - 2015-02-15 20:24 - 05611771 ____R (Swearware) C:\Users\********* N. *****\Desktop\ComboFix.exe
2015-02-15 12:53 - 2015-02-15 12:53 - 00001232 _____ () C:\Users\********* N. *****\Desktop\Revo Uninstaller.lnk
2015-02-15 12:53 - 2015-02-15 12:53 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-15 12:49 - 2015-02-15 12:49 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\********* N. *****\Desktop\revosetup95.exe
2015-02-15 11:25 - 2015-02-15 11:36 - 00040251 _____ () C:\Users\********* N. *****\Desktop\Gmer.txt
2015-02-15 10:50 - 2015-02-15 10:57 - 00036294 _____ () C:\Users\********* N. *****\Desktop\Addition.txt
2015-02-15 10:47 - 2015-02-17 13:31 - 00016780 _____ () C:\Users\********* N. *****\Desktop\FRST.txt
2015-02-15 10:46 - 2015-02-17 13:31 - 00000000 ____D () C:\FRST
2015-02-15 10:44 - 2015-02-15 10:44 - 00000496 _____ () C:\Users\********* N. *****\Desktop\defogger_disable.log
2015-02-15 10:44 - 2015-02-15 10:44 - 00000000 _____ () C:\Users\********* N. *****\defogger_reenable
2015-02-15 10:31 - 2015-02-15 10:31 - 00380416 _____ () C:\Users\********* N. *****\Desktop\Gmer-19357.exe
2015-02-15 10:28 - 2015-02-15 10:28 - 02134528 _____ (Farbar) C:\Users\********* N. *****\Desktop\FRST64.exe
2015-02-15 10:26 - 2015-02-15 10:26 - 00050477 _____ () C:\Users\********* N. *****\Desktop\Defogger.exe
2015-02-12 04:19 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 04:19 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 04:19 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 04:19 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 10:27 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 10:27 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 10:26 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 10:26 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 10:26 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 10:26 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 10:26 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 10:26 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 10:26 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 10:26 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 10:26 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 10:26 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 10:26 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 10:26 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 10:26 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 10:26 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 10:26 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 10:26 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 10:26 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 10:26 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 10:26 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 10:26 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 10:26 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 10:26 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 10:26 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 10:26 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 10:26 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 10:26 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 10:26 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 10:26 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 10:26 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 10:26 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 10:26 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 10:26 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 10:26 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 10:26 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 10:26 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 10:26 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 10:26 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 10:26 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 10:26 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 10:26 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 10:26 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 10:26 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 10:26 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 10:26 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 10:26 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 10:26 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 10:25 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 10:25 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 10:25 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 10:25 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 10:25 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 10:25 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 10:25 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 10:25 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 10:25 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 10:25 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 10:25 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 10:25 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 10:25 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 10:25 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 10:25 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 10:25 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 10:25 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 10:25 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 10:25 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 10:24 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 10:24 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 10:24 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 10:24 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 10:24 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 10:24 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 10:24 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 10:23 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 10:23 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 10:23 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 10:23 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 10:23 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 10:23 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 10:23 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 10:23 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 17:49 - 2015-02-10 17:50 - 131115372 _____ () C:\Users\********* N. *****\Downloads\150205_1945_Dahoam-is-Dahoam_DiD-Folge-1459-Kunst-am-Kiosk.mp4
2015-02-10 17:49 - 2015-02-10 17:50 - 130909589 _____ () C:\Users\********* N. *****\Downloads\150204_1945_Dahoam-is-Dahoam_DiD-Folge-1458-Wirtsverstaerkung.mp4
2015-02-10 17:49 - 2015-02-10 17:49 - 129571707 _____ () C:\Users\********* N. *****\Downloads\150209_1945_Dahoam-is-Dahoam_DiD-Folge-1460-Ein-schlechter-guter-Tausch.mp4
2015-02-09 23:21 - 2015-02-09 23:15 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-09 23:21 - 2015-02-09 23:15 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-09 23:21 - 2015-02-09 23:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-09 23:20 - 2015-02-09 23:18 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-02-09 23:20 - 2015-02-09 23:18 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-02-09 23:20 - 2015-02-09 23:18 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-07 16:38 - 2015-02-07 16:48 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00450683 _____ () C:\Users\********* N. *****\Downloads\Namexif.exe
2015-02-07 16:37 - 2015-02-07 16:37 - 00000959 _____ () C:\Users\********* N. *****\Desktop\Namexif.lnk
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Namexif
2015-02-03 23:50 - 2015-02-03 23:52 - 130232661 _____ () C:\Users\********* N. *****\Downloads\150202_1945_Dahoam-is-Dahoam_DiD-Folge-1456-Preissinger-Braeu.mp4
2015-02-03 23:50 - 2015-02-03 23:52 - 129051455 _____ () C:\Users\********* N. *****\Downloads\150203_1945_Dahoam-is-Dahoam_DiD-Folge-1457-Familienangelegenheiten.mp4
2015-01-30 09:34 - 2015-01-30 09:35 - 132496755 _____ () C:\Users\********* N. *****\Downloads\150128_1945_Dahoam-is-Dahoam_DiD-Folge-1453-Monis-Laenderspiel.mp4
2015-01-30 09:33 - 2015-01-30 09:35 - 131642079 _____ () C:\Users\********* N. *****\Downloads\150129_1945_Dahoam-is-Dahoam_DiD-Folge-1455-Rosi-und-der-Unbekannte.mp4
2015-01-28 10:12 - 2015-01-28 10:14 - 132902506 _____ () C:\Users\********* N. *****\Downloads\150127_1945_Dahoam-is-Dahoam_DiD-Folge-1453-Ein-schoener-Gerstl.mp4
2015-01-28 10:12 - 2015-01-28 10:14 - 130621447 _____ () C:\Users\********* N. *****\Downloads\150126_1945_Dahoam-is-Dahoam_DiD-Folge-1452-Ende-eines-Arbeitslebens.mp4
2015-01-23 10:08 - 2015-01-23 10:11 - 131597558 _____ () C:\Users\********* N. *****\Downloads\150114_1945_Dahoam-is-Dahoam_DiD-Folge-1446-Sucht-Gefahr.mp4
2015-01-23 10:07 - 2015-01-23 10:11 - 130007194 _____ () C:\Users\********* N. *****\Downloads\150119_1945_Dahoam-is-Dahoam_DiD-Folge-1448-Schockstarre.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 133603299 _____ () C:\Users\********* N. *****\Downloads\150120_1945_Dahoam-is-Dahoam_DiD-Folge-1449-Politische-Wurst-Phobie.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 131794112 _____ () C:\Users\********* N. *****\Downloads\150121_1945_Dahoam-is-Dahoam_DiD-Folge-1450-Verratene-Enden.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 131238060 _____ () C:\Users\********* N. *****\Downloads\150115_1945_Dahoam-is-Dahoam_DiD-Folge-1447-Rauchende-Kuesse.mp4
2015-01-23 10:06 - 2015-01-23 10:07 - 130627946 _____ () C:\Users\********* N. *****\Downloads\150122_1945_Dahoam-is-Dahoam_DiD-Folge-1451-Theres-mit-Television.mp4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-17 13:25 - 2013-05-18 09:20 - 00000976 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000UA.job
2015-02-17 13:07 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-17 13:07 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-17 12:59 - 2012-01-29 08:27 - 00000000 ____D () C:\ProgramData\clear.fi
2015-02-17 12:58 - 2015-01-03 21:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-17 12:58 - 2014-05-09 08:34 - 00241834 _____ () C:\Windows\PFRO.log
2015-02-17 12:58 - 2014-05-09 08:34 - 00037304 _____ () C:\Windows\setupact.log
2015-02-17 12:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-17 12:57 - 2011-12-21 02:38 - 01594420 _____ () C:\Windows\WindowsUpdate.log
2015-02-17 12:40 - 2015-01-03 21:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-17 11:52 - 2013-05-18 09:20 - 00000954 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000Core.job
2015-02-17 02:17 - 2012-01-29 09:18 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\vlc
2015-02-17 02:00 - 2014-08-20 01:37 - 00000000 ____D () C:\Users\********* N. *****\AppData\Local\Adobe
2015-02-17 01:07 - 2012-08-05 16:14 - 00000000 ____D () C:\Users\********* N. *****\AppData\Local\Spotify
2015-02-17 00:09 - 2012-08-05 16:14 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Spotify
2015-02-15 21:47 - 2013-03-06 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-15 21:46 - 2013-03-06 13:57 - 00000000 ____D () C:\ProgramData\Avira
2015-02-15 21:46 - 2013-03-06 13:57 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-15 21:37 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-15 21:32 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-15 13:36 - 2012-08-08 01:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-15 10:44 - 2012-01-29 08:20 - 00000000 ____D () C:\Users\********* N. *****
2015-02-12 04:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 04:04 - 2009-07-14 05:45 - 05253832 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 03:59 - 2014-12-11 03:42 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 03:59 - 2014-05-07 02:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 03:35 - 2012-02-09 13:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 03:29 - 2013-08-02 02:03 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 03:08 - 2012-02-19 15:42 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 23:47 - 2014-08-05 10:09 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 23:22 - 2014-02-27 17:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-09 23:22 - 2013-06-24 10:07 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-09 23:21 - 2014-02-23 23:18 - 00000000 ____D () C:\Program Files\Java
2015-02-09 23:18 - 2014-02-23 23:20 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-02-09 23:15 - 2014-08-08 13:58 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-09 23:15 - 2014-02-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-09 23:08 - 2012-04-01 16:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 23:08 - 2011-11-03 14:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 16:28 - 2012-01-29 09:46 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Adobe
2015-02-07 15:42 - 2011-12-21 11:26 - 00714474 _____ () C:\Windows\system32\perfh007.dat
2015-02-07 15:42 - 2011-12-21 11:26 - 00154526 _____ () C:\Windows\system32\perfc007.dat
2015-02-07 15:42 - 2009-07-14 06:13 - 01649664 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 18:23 - 2012-08-08 18:47 - 00000000 ____D () C:\Users\********* N. *****\Downloads\Pns
2015-02-04 09:35 - 2015-01-03 21:52 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 09:35 - 2015-01-03 21:52 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-27 15:20 - 2014-06-03 09:11 - 00000000 ___RD () C:\Users\********* N. *****\Desktop\Rewe

==================== Files in the root of some directories =======

2012-02-14 18:14 - 2014-12-26 14:20 - 0000132 _____ () C:\Users\********* N. *****\AppData\Roaming\Adobe BMP Format CS5 Prefs
2014-02-17 14:54 - 2014-02-17 14:54 - 0000132 _____ () C:\Users\********* N. *****\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-08-12 12:10 - 2015-01-03 20:40 - 0000132 _____ () C:\Users\********* N. *****\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-01-04 21:04 - 2013-01-19 17:49 - 0000356 _____ () C:\Users\********* N. *****\AppData\Roaming\burnaware.ini
2012-02-23 14:09 - 2012-02-23 14:58 - 0006656 _____ () C:\Users\********* N. *****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-03 09:09 - 2012-08-03 09:09 - 0001430 _____ () C:\Users\********* N. *****\AppData\Local\RecConfig.xml
2012-07-03 23:00 - 2012-07-03 23:00 - 0007605 _____ () C:\Users\********* N. *****\AppData\Local\Resmon.ResmonCfg
2012-07-05 18:39 - 2012-07-07 14:59 - 0017408 _____ () C:\Users\********* N. *****\AppData\Local\WebpageIcons.db
2011-12-21 02:58 - 2011-12-21 03:03 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log
2012-02-17 20:37 - 2013-02-10 20:58 - 0002568 _____ () C:\ProgramData\hpzinstall.log
2012-07-20 20:48 - 2012-07-20 20:48 - 0000032 _____ () C:\ProgramData\Temp.log

Some content of TEMP:
====================
C:\Users\********* N. *****\AppData\Local\Temp\avgnt.exe
C:\Users\********* N. *****\AppData\Local\Temp\Quarantine.exe
C:\Users\********* N. *****\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-12 04:45

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Weck 17.02.2015 13:59
JRT:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by ******** N. ***** on 17.02.2015 at 13:09:16,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\******** N. *****\appdata\local\pc_drivers_headquarters"
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{0069A8D4-217F-461A-AA8C-E86E4BF0A0A5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{01AA1511-0228-465A-BFEC-0828927154E3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{01F603F6-EBF8-4D3A-9F35-9388D15C67B1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{02692433-840F-415F-B004-86B07AD45A1B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{028FEE0F-E50C-448B-AC97-63600829C396}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{031F0BCD-C170-47D8-85E3-43AB7C67F13C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{03784B6A-A119-4A77-8BE2-E335EB8CB2D1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{054074FB-803A-462B-B255-A59F5E666C77}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{054B4518-6F66-456D-A4F7-FA71D3941FFA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{05BE3B65-00DC-4DC9-B6A5-A6A04A1E1BF8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{06DDC614-C809-432B-BC84-3B2837C9DE6E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{08CEE919-309B-4505-A131-12C9AEB76A5A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{0AC33CA8-BDD5-40DB-AE96-06CF920E2582}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{0BA7D6DE-A14A-403A-BE95-61E08A3C851D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{0FB095AD-BA27-4AA1-8CD3-A5027F11AA8D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{111721AA-1773-4F74-A795-BB27C13E24FB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{12ABFE34-1A03-4B6D-9897-E9390948D4AB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{131129B6-4CF2-4004-9F86-B12ED303F7D3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1392F431-0065-455C-B86D-CE815A71B0D6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{13EB3DFE-7D98-415C-89FD-04FE09772358}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{15DC4A87-3A98-44B7-9D0A-559A7311D7DC}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{16A11BD5-ECA6-4360-BBF2-067C69224B70}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{16F3E1B4-9B87-4EBC-9989-6EC47F5C8754}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{17A26176-32A8-493B-A43B-FB51023F67B7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1876A715-CAEC-427C-B12D-E7150382A944}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1905492B-3252-48C6-9CF7-4FE168FE078F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1A8CBA42-BD7F-4E7D-87C6-4E5B458D87D4}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1B06F895-FE73-4737-AC14-BD5CD275FA09}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1D6017CC-E579-449D-9229-C9D7A29B4167}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1F33BF53-9FA9-4800-B512-2826317AF320}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1F3EA231-81BE-445D-B0FA-4BB448DA32C4}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{1FE09C2C-5996-4885-A2DE-B728147FE472}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{2005A93C-80DC-47A4-988C-63E0E9A24411}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{202E8B0C-5EAC-4830-BF9D-21032083DE6D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{208D9C0B-5CA9-4E93-A834-AF301A9EBA31}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{22537C4A-A5A7-4B1C-BE49-5D1E36B1B397}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{23228667-9BF8-4209-AA68-EDD43EF786EF}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{235949E5-9FE6-4D62-94BB-42C889D62311}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{25116577-E914-433A-82E2-4923350A5D93}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{254C8D47-79CA-4922-984B-2B8235B50F98}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{27701829-63CE-43AC-BC22-E66D16AEE947}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{27C4C3C5-EC5C-42D3-B2D2-CF3D808AE586}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{2A581DE7-10AE-4A4B-A4C2-F70C2BB715B4}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{2AD69C11-8BFE-435A-B41B-3750E3C4C54D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{2C066BEE-FD1D-4AB7-9699-0762E68B62DF}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{2D5C981A-E024-4901-BA14-684373E28693}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{30C0D16A-334D-49CB-9E5D-1D3C8EA6A9BB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{31BA6F7D-5ED9-4DB9-974F-818460E07B73}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{327DDDB1-A0B3-4E28-821F-CB9D7CEC1B1B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{33210404-CAF1-4F8F-B650-A7A06C10419F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{347A6013-7FCF-416F-9518-5BD06390AE60}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{34C0CBAA-A18A-4467-B60E-C18B8A4F9AA7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{359CFD00-498F-4186-80E6-B52ECBEBF254}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{35DFF252-3527-4325-B211-B5794D29A647}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{36A08279-D181-4F8E-8FB3-39592EC54802}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{3855CFF2-A6C9-40AB-A9DD-5BF72CDCAA20}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{38793FC4-5277-45A6-A2C3-ADACCEC7B75B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{38F2D2B5-EDA4-42B7-A347-A9DEAF8E8E2E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{392AD823-978A-4CA8-B31A-17DED48F3D05}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{396EB52B-F086-4074-AB1A-68551127A7B9}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{39C83B45-9F54-4F08-815D-95E90159B868}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{39CA5A05-9E0C-4095-9322-4C80B04A946E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{3BBBA918-D26D-4A96-BFBC-9621733D9923}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{3EB4EB04-FCF1-4272-A5BF-500209E5EAEA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{3EDB8BF8-D8A6-4C62-AB5E-CFACE4634A8D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{3FCA682F-AE3B-4315-B423-2B048FD38A2B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{40AF7881-550F-4EFF-955C-B0C0DED8A8B0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{412FF67A-BBE6-418E-8FFF-84C29CC20176}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{41D7F081-5D61-4851-B808-4BFCEE3A82B0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{41D7F34B-6DD7-41AA-9C9C-309225B7EE54}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4269CFC4-2932-459E-9F41-323CE54C70A1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{42BFAE00-9DF0-4967-8A35-A05C020B5EA3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{44B4B77C-358A-4277-BBD5-D406571C7262}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{45032485-EA8A-47DA-A7B3-E94D6B87F552}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{458C19DF-54F3-4C58-A8D6-555F54E68B89}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{46DB8B9A-D013-42AD-BB98-ADA72B70CC38}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{479742BD-AF3D-4A09-8999-3C2AAA3F5C2E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{486DDF86-1C7D-46C9-97AC-16AD73E35287}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{48A49002-455D-485C-8809-C8AB8C345E55}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{493151D0-1C96-41F9-8CD9-55CA20A7BF72}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4A0EC9FA-6513-43F4-B777-DEC1571A8FE0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4CE12D06-268F-4A07-A98B-2D3FCE4DB9FA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4CE1CE80-7FC4-4159-9C62-068EA5A12CEA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4DE83334-01FC-40AB-A623-1261002B6486}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{4F705529-2F14-49D5-8727-C5297CBDEFF5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{50145472-6BE3-4D34-AB59-E6AD9AA63BD1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{512AF738-A88F-4E33-BABE-9C3C560D3394}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{525006E1-90DC-4EC4-9EE1-50FAD587D8DE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{546B8AFC-A557-4B30-8B8A-0CDDE38358DA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{560EA1A2-9B77-46E5-9F7E-8964289BF2E7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{56E3578A-AE1E-4D92-888E-93BA520A34D5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{577AAEC5-14BF-4645-9024-29C0B737327D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{577F2F86-5B42-4FA3-BC6F-ADF0B334B45F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{589795AF-1323-4836-9981-445333FBC2BF}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{59282A1B-00E8-4C48-B5A8-A5BBD0222DDA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{592C36DC-035A-476A-BA39-17292AAEC3BF}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5950FEB4-BCD7-411D-AFE8-DF9D0BE9A3E6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5A38D9F9-CA5B-4D8E-9B8F-563A3FA1707D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5B74CFCC-3B47-4011-BC71-8799403AECCE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5B7A0CE8-09D7-44C7-9313-C8AFC6D23A43}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5E6A1969-2274-4A7A-8EB0-A9ACEB6BD061}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5E93ADF9-DC12-4E19-B0D3-6828B2CB36DB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{5F661C50-F501-4B2D-9F6F-C863A8327503}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{60C8BA36-C629-426A-8B0B-3442FF2ADEF7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{60FC2DCE-B1EA-4B28-9A8F-FAD80EFF4F46}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{61145512-FDAB-47D9-B770-ADC8538DDABE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{621C985B-11C7-44AE-964D-859EF14E1EC6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{62ECE4BF-B98D-411E-9FB5-384AACA7064D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{63C6DE56-7B03-4F86-9F6A-9DBF615AC096}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{642CA414-BBBB-4CF3-A4B6-968A3757533E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{648F8563-7756-41AE-94EB-6E1E0939B16A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{65071CFD-7FB4-4494-A797-58AEF44EC263}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{66A2608E-E50F-4362-8CC7-0B003F945B3C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{66A310C3-75D1-4AF6-B8F9-40B719F81D20}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{67BEA1B3-E823-4AB5-8F6B-83F765286A26}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6820BCB5-7B05-4DE2-9D43-31DC44136D2B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6832BC11-E2DE-49E5-882A-E9C84A95FC31}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6858633D-C62F-467B-8852-ADAF5FC11B40}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{69761B79-F0E0-47C0-93E7-8DDC46C78F3A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6AD8FD59-B444-4D4B-B411-2B20115FA0E7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6ADBE56D-E793-4F9C-ACDD-424726AAAA27}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6BAB3A8F-6650-4AC5-8306-288A29C68074}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6BFEE0F1-6F11-4910-8C29-79990DE279A2}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6C479D4F-F9D9-4321-AF1B-76301589C399}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6C4F4DB9-A05C-4D25-99A3-DF5A2440D5D8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6E3F9CC1-DFD7-4244-987D-F717CE4C5E74}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6E6FFF0B-21B7-42B0-9680-AA374B55CAC8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{6F4BCA39-8529-42C8-BE23-5CEB49C38B28}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{71C381C0-598A-4588-A923-D3616ADCDD65}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7222593F-05DA-478E-B67F-E72D25817DAD}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{73BE7B03-F9FF-47AC-82F3-97984C52C10A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{73DF6B0F-D681-42C8-8FA6-DB52C8397DEE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{73EDE767-22A2-4BA1-AED4-D0EAE962A358}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{75C2B290-00ED-483D-BC04-0878E0284659}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{76E16407-1552-4E2E-9CB7-A15354D5C8E5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{778CD8BE-9CBD-47BE-9FCA-D1353E5E3C58}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{77D124DD-665E-488B-95C3-3B0123C60A93}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{788BEE38-FF72-4162-B744-5816FEBC4D53}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{78A68F66-5969-40DB-B4F2-9F5A6B6C2C87}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7972B0AC-B1BE-4C83-A445-B7645F2A1E58}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7B65D1AE-AAC8-4057-BA37-9CCB8F63B4F8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7B7E2322-0137-4A9E-9894-75FCB3BDBB2B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7C5BDAA0-51E0-4DD0-AB01-3D854FAA58FB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{7E23CEF5-3B5B-425C-B559-AE1B6D9A49D0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{81FA18DA-36F0-4C5D-B609-5F86725AC290}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{83D46C61-0204-424D-BDE8-316FEC0A95CA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{85BB8185-3F51-46E7-8C88-77BDAE3642CC}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{86610655-1096-44DD-9D01-B904C4DA50E3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{87045963-F33F-4FD6-86DC-BE15723418D8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8A0D803F-C2E3-4F87-8788-A16014FB1D0E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8AB63853-F26F-4C0C-BCE4-494F56EBFECC}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8C2B8689-A52A-4F51-9DD8-CDE73FC13DAA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8C540EFD-67F0-471D-B880-3B1BDFFB92D9}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8CC60E07-9542-43E1-950A-7B3141FC0D74}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8D8A7C69-D6DF-498B-B8C2-21EBE9B81F45}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8FA0A35D-C023-4C5F-91B4-EDBA14B4CE41}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{8FDD0FEC-2B96-4145-882A-7EB9807AFEA6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{91E89A01-A167-4EEA-8935-D059364A65A5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{94D17996-412C-4BC6-B523-511E635652AA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{96E0CA71-FEA5-42B6-BEFB-8921A813E1C9}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{977C741A-41A0-4BD3-8421-65F2932812BE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9786DBC3-251E-4C62-95F0-BE5B856F59A8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9902BDF2-4114-4FAC-8F13-6DAE8C81EF86}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9B126FF7-6FA9-43E7-9E45-97ADB8D14A95}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9B54D09F-932F-4D4D-B0CC-2701E1FA604C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9CF6A441-CCB9-4E0D-BCA5-2C03894BF57A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9E2298CD-FE91-4130-9560-E1B11338F3A1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{9FA040FD-4D14-40EF-B398-EB87254FDDA6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A0CB6C78-E55A-4886-A1CD-4BE18E19772C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A1FC6822-9DA7-4B2C-A56E-EEA4E5EA5EF7}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A20192E7-A73B-45E1-94D8-397A4C6F0C0F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A26462DA-B3A9-418E-9324-ADDD09BE0A5A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A31328C6-4819-4490-AB93-C5A377A0C3F0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A3853A95-9B04-4CDD-86C6-E48E2464B98D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A44E9753-1D4C-4631-83D1-7EC3B00C8E79}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{A5A281E3-4D98-4564-BF69-8E6673A9802D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AB065DCE-59B8-475F-905C-447CDF4F248B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{ABECBCAE-C5DC-4358-AA45-E1155BCC4BA1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AD243E25-4AE6-4BE6-A26F-EEB42F3DCB68}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AD3CEA9A-AE8C-432E-A259-E65C0F550933}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AD6BA6E3-8A40-4480-9E64-724B65EFE803}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AE30FE2D-25DE-4B47-BDC7-5929063E7013}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AEA7344B-6705-4068-8888-72ADA6CBDC6B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AF79DB85-E055-476F-ABB7-6C04BB582CEC}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{AFA0EE32-A45D-4B8A-BF90-E7862DD83111}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B06B89BC-43EC-4FB1-B118-D8929D2D2932}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B1B3F792-3082-4CA2-993A-93271A8A148D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B2730892-B1B8-46F4-8C4F-6B2586EA2918}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B391B641-EBC5-431D-BB93-85EFA609AEBE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B4A52DBF-2CA5-4303-9826-B4D3B2846328}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B4ED8EC7-941D-4F33-B79B-9EAA7A4E9B67}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B573AFE6-79D9-468B-B38F-2ED4FB9896DE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B65C2260-C1B7-4E33-A970-125258C83F58}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B6A5E202-2453-4FD3-9F4E-F5813212A8BE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B7A5B496-5B89-4E0D-82F7-3E8FAFAFBB2E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{B849A2BF-56B3-4BFC-8D74-8E610869731E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BA760EB2-9A90-4F90-932C-92095C6F9A89}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BB1C7AC6-D6CD-4F65-9E22-CBA978AFA7DB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BBC2F74E-2CCD-40B0-8993-4D5A67AE53BB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BC7AB7F5-B590-40BC-8B32-B40C94AF3568}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BE8A20ED-0C14-4B81-AA78-6E1654D71963}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BED161EB-3535-4BD8-BBE2-591FACF5713C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BF0CC7DB-A7F7-490D-A072-1172D029307F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{BF7B1620-A733-4EBB-9FCF-B524A8C1A06D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C026D5C3-E12B-4C27-90AE-C1AA331B56F3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C268B966-0DCE-4D70-8A56-7E8EA7C69CE0}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C43BB5DB-EFC4-4A56-A1EA-71B172F5DC77}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C4AF0524-8016-4306-81BD-DB9145D6CE17}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C5DB888A-CCCF-4451-A4F2-EAD5D6327516}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C85895B2-83A5-48B1-AFA5-0EC04444349D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C8608341-5C27-4F5D-8DEC-DA20D701041B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C8D3AAEC-FA0C-4367-B316-BFAE39B114DE}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{C9F3D74A-4845-4C4D-B7A1-2346C7AE33EA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CB5BB9E2-72DD-4B9B-A128-70CD65D35801}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CB7FFD19-BBDB-4CCE-96C1-3FC0BF691B4B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CB9144D3-71D9-40E8-85DD-10BB9B3A79DB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CBA297BE-826A-4155-BBC7-EEC960102653}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CCF74D58-79BB-413E-BAEA-D6DED9018127}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CD6C6B04-1DFF-4A2A-8B27-D21BB0CDA8D9}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CD92D612-B90A-4FAA-B662-3AE627528A5C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CE4B90B7-374D-438F-80C8-063B240AEA29}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{CF64D01D-054A-4B77-A91A-7F4BB6012619}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D00DD37A-ECAE-4BE8-9164-C6568B6A2BDA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D01B7636-5D33-4754-8698-2EC1FA1C6781}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D1E66B78-88B1-419D-A613-47B5E77D078D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D246D0E1-774D-44A0-9483-D567899B997D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D29FB887-FDE6-44C0-91B1-E37C7347FFBA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D2E33DE6-6ED6-4A18-A36A-CC3C8179FB47}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D379215F-A342-4852-9713-B6D42FFF86F1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D3821347-7E87-44F7-A1FE-BB8475F9A967}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D4CB8A4F-9E6C-4931-BE42-BFEC7109696B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D4EB0E9B-5DD4-4B96-A91A-9C75E07421E4}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D6130681-4096-4A1A-8203-DC40893AA17F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{D8D08DA4-1D1A-45B7-B450-D45280E88506}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DA39DFD3-C3B6-4722-80AE-DB94A5877744}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DAA631CD-3218-46F6-ACBF-97598E06E5FB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DB4387C6-4FC4-4A0A-9A97-8B479640F84D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DB83D81A-FADD-4D02-A3F7-93D57C6E073C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DC8D4F03-DF6B-43F9-97E2-92D570D2B578}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DF354408-17DC-45FE-B98F-48F1906849B1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{DF830B10-3BAA-4721-BBC7-201402C9214A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E0F36CF3-D121-4F0E-8375-F386886EA238}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E1A08CD7-5532-4F55-99FC-7A91DFDEDA90}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E27E8BB7-04D1-4C61-A074-F00A4AD92BEB}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E39E0118-C075-440C-B285-EA33D4DBBCAA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E4B97CFE-C902-4CE2-AE3A-342D25D71C83}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E4E34940-4646-451F-91B3-83C73907EDAD}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E509536A-54BD-42F3-92A0-5C0E350A20B6}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E5CF891D-A34C-4B31-9690-5DD64032DEE1}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E6C25D05-9B79-42F2-8D2D-E0C005CBAED3}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E7877C13-3A47-4137-B870-33B444FC422C}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E7B7C4C5-ED7F-4947-B3B6-B2D47D96F12D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{E86F7A21-B610-47D4-AF93-BE47EF94807E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{EAAA5045-CCD1-4D79-AA51-8D34696F9147}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{EB2577FC-A599-428F-9CA3-83BFC3ABAAEF}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{EBCFEF6D-BDF7-4C1E-A5E1-26FD004C638F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{EC7A5595-2557-4DA1-A6E8-36B970459EB8}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{EF95627F-A0C7-4EE7-886C-A004F7852656}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F13AC0F3-2E04-44C2-8AF7-B22D5854955F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F1F54F33-FD3B-45FD-86DC-BE7FE2905972}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F36E8E89-43D8-44C0-96C6-D2C71AFD1977}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F420E318-A4C8-49DD-B38B-540597FE6C6F}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F509CBC5-8875-4503-B4BA-6EDB18C0B810}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F55B2EF1-E352-4456-B2F4-3533907A5E17}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F58C4AF4-CCE3-4E7E-A11F-89AA04482CEA}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F602B005-F0A3-4419-99EB-029469C2791A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F6B82E1F-9522-42F0-AD96-31A9EB00991D}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F739C575-B6DF-49BA-8F74-2EEF43B438E5}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{F86631CC-03FD-4950-8AAC-D3EE796DE95E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FA73A53C-54C8-4DC0-B703-BF501BD4A133}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FAA107DA-5729-4E58-BB00-404D5869A166}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FB2F42D6-2703-41A2-AD42-B05135F19660}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FC7C577F-D578-49E0-A7DA-C7DEAD98293A}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FD02569C-DF8F-4B47-AA47-7DD7C27A233E}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FE2864DA-7CEE-4E88-84F5-70B661D33020}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FF014A0A-9F10-4E31-83A4-59A99B84A0C9}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FF291369-7340-459F-9E13-F866C221F084}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FF74F137-9B8E-43D7-93FE-30527BF7837B}
Successfully deleted: [Empty Folder] C:\Users\******** N. *****\appdata\local\{FF8AA234-BC27-4760-9B0C-C7E753A7DB64}



~~~ FireFox

Failed to delete: [Folder] C:\Users\******** N. *****\AppData\Roaming\mozilla\firefox\profiles\6hyy18nw.default\extensions\staged
Successfully deleted the following from C:\Users\******** N. *****\AppData\Roaming\mozilla\firefox\profiles\6hyy18nw.default\prefs.js

user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_executeCode", "var VBATES_IsValidUrl=function(currentUrl,currentBrowser,queryParam){try{var urlParts=curren
user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_VBATES_partners", "{_&&_www.brandalley.co.uk_&&_:_&&_www.awin1.com/awclick.php?mid=3676&id=178119_&&_,_&&_www.curr
Emptied folder: C:\Users\******** N. *****\AppData\Roaming\mozilla\firefox\profiles\6hyy18nw.default\minidumps [20 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.02.2015 at 13:22:07,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Das neue FRST:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by ********* N. ***** (administrator) on ********* on 17-02-2015 13:31:50
Running from C:\Users\********* N. *****\Desktop
Loaded Profiles: ********* N. ***** (Available profiles: ********* N. *****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Spotify Ltd) C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2723624 2011-03-28] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\Run: [Spotify Web Helper] => C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\Run: [GoogleChromeAutoLaunch_FF2926C14F0EE0991A80295B0C691949] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [898376 2015-02-04] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D933FD45-73D2-4FA8-B40F-270645B2990B}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default
FF NewTab: about:newtab
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-1110688070-1918160584-1403940281-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\********* N. *****\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Avira Browser Safety - C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\abs@avira.com [2015-02-14]
FF Extension: Flash and Video Download - C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-02-14]
FF Extension: Adblock Plus - C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-08-13]
FF Extension: No Name - C:\Program Files\V-bates\Firefox [Not Found]

Chrome:
=======
CHR Profile: C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-03]
CHR Extension: (Google Docs) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-03]
CHR Extension: (Google Drive) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-03]
CHR Extension: (YouTube) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-03]
CHR Extension: (Adblock Plus) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-03]
CHR Extension: (Google-Suche) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-03]
CHR Extension: (Google Tabellen) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-03]
CHR Extension: (Simple Speed Dial) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdpldlbafdmhlmcdllcjgoigmpjonfc [2015-01-03]
CHR Extension: (Google Wallet) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-03]
CHR Extension: (Google Mail) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-04] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-02-04] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Marvell Semiconductor, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-17 13:22 - 2015-02-17 13:22 - 00034426 _____ () C:\Users\********* N. *****\Desktop\JRT.txt
2015-02-17 13:07 - 2015-02-17 13:07 - 01388274 _____ (Thisisu) C:\Users\********* N. *****\Desktop\JRT.exe
2015-02-17 13:05 - 2015-02-17 13:03 - 00015596 _____ () C:\Users\********* N. *****\Desktop\AdwCleaner[S0].txt
2015-02-17 12:49 - 2015-02-17 12:56 - 00000000 ____D () C:\AdwCleaner
2015-02-17 12:48 - 2015-02-17 12:48 - 02112512 _____ () C:\Users\********* N. *****\Desktop\AdwCleaner_4.110.exe
2015-02-17 12:45 - 2015-02-17 12:45 - 00018841 _____ () C:\Users\********* N. *****\Desktop\mbam.txt
2015-02-17 11:50 - 2015-02-17 13:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-17 11:50 - 2015-02-17 11:50 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-17 11:50 - 2015-02-17 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-17 11:49 - 2015-02-17 11:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-17 11:49 - 2015-02-17 11:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-17 11:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-17 11:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-17 11:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-17 11:42 - 2015-02-17 11:42 - 00024949 _____ () C:\Users\********* N. *****\Desktop\ComboFix.txt
2015-02-17 11:41 - 2015-02-17 11:41 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\********* N. *****\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-15 23:52 - 2015-02-15 23:50 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-15 21:49 - 2015-02-15 21:49 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Avira
2015-02-15 21:46 - 2015-02-04 17:51 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-15 21:46 - 2015-02-04 17:51 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-15 21:46 - 2015-02-04 17:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-02-15 21:37 - 2015-02-15 21:37 - 00024949 _____ () C:\ComboFix.txt
2015-02-15 21:14 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-15 21:14 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-15 21:14 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-15 21:07 - 2015-02-15 21:08 - 160782960 _____ () C:\Users\********* N. *****\Desktop\avira_free_antivirus_de_15.0.8.624.exe
2015-02-15 20:54 - 2015-02-15 21:37 - 00000000 ____D () C:\Qoobox
2015-02-15 20:53 - 2015-02-15 21:33 - 00000000 ____D () C:\Windows\erdnt
2015-02-15 20:24 - 2015-02-15 20:24 - 05611771 ____R (Swearware) C:\Users\********* N. *****\Desktop\ComboFix.exe
2015-02-15 12:53 - 2015-02-15 12:53 - 00001232 _____ () C:\Users\********* N. *****\Desktop\Revo Uninstaller.lnk
2015-02-15 12:53 - 2015-02-15 12:53 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-15 12:49 - 2015-02-15 12:49 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\********* N. *****\Desktop\revosetup95.exe
2015-02-15 11:25 - 2015-02-15 11:36 - 00040251 _____ () C:\Users\********* N. *****\Desktop\Gmer.txt
2015-02-15 10:50 - 2015-02-15 10:57 - 00036294 _____ () C:\Users\********* N. *****\Desktop\Addition.txt
2015-02-15 10:47 - 2015-02-17 13:31 - 00016780 _____ () C:\Users\********* N. *****\Desktop\FRST.txt
2015-02-15 10:46 - 2015-02-17 13:31 - 00000000 ____D () C:\FRST
2015-02-15 10:44 - 2015-02-15 10:44 - 00000496 _____ () C:\Users\********* N. *****\Desktop\defogger_disable.log
2015-02-15 10:44 - 2015-02-15 10:44 - 00000000 _____ () C:\Users\********* N. *****\defogger_reenable
2015-02-15 10:31 - 2015-02-15 10:31 - 00380416 _____ () C:\Users\********* N. *****\Desktop\Gmer-19357.exe
2015-02-15 10:28 - 2015-02-15 10:28 - 02134528 _____ (Farbar) C:\Users\********* N. *****\Desktop\FRST64.exe
2015-02-15 10:26 - 2015-02-15 10:26 - 00050477 _____ () C:\Users\********* N. *****\Desktop\Defogger.exe
2015-02-12 04:19 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 04:19 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 04:19 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 04:19 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 10:27 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 10:27 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 10:26 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 10:26 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 10:26 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 10:26 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 10:26 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 10:26 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 10:26 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 10:26 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 10:26 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 10:26 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 10:26 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 10:26 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 10:26 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 10:26 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 10:26 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 10:26 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 10:26 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 10:26 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 10:26 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 10:26 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 10:26 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 10:26 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 10:26 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 10:26 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 10:26 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 10:26 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 10:26 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 10:26 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 10:26 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 10:26 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 10:26 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 10:26 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 10:26 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 10:26 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 10:26 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 10:26 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 10:26 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 10:26 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 10:26 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 10:26 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 10:26 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 10:26 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 10:26 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 10:26 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 10:26 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 10:26 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 10:25 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 10:25 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 10:25 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 10:25 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 10:25 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 10:25 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 10:25 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 10:25 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 10:25 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 10:25 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 10:25 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 10:25 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 10:25 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 10:25 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 10:25 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 10:25 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 10:25 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 10:25 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 10:25 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 10:24 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 10:24 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 10:24 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 10:24 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 10:24 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 10:24 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 10:24 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 10:23 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 10:23 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 10:23 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 10:23 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 10:23 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 10:23 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 10:23 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 10:23 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 17:49 - 2015-02-10 17:50 - 131115372 _____ () C:\Users\********* N. *****\Downloads\150205_1945_Dahoam-is-Dahoam_DiD-Folge-1459-Kunst-am-Kiosk.mp4
2015-02-10 17:49 - 2015-02-10 17:50 - 130909589 _____ () C:\Users\********* N. *****\Downloads\150204_1945_Dahoam-is-Dahoam_DiD-Folge-1458-Wirtsverstaerkung.mp4
2015-02-10 17:49 - 2015-02-10 17:49 - 129571707 _____ () C:\Users\********* N. *****\Downloads\150209_1945_Dahoam-is-Dahoam_DiD-Folge-1460-Ein-schlechter-guter-Tausch.mp4
2015-02-09 23:21 - 2015-02-09 23:15 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-09 23:21 - 2015-02-09 23:15 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-09 23:21 - 2015-02-09 23:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-09 23:20 - 2015-02-09 23:18 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-02-09 23:20 - 2015-02-09 23:18 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-02-09 23:20 - 2015-02-09 23:18 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-07 16:38 - 2015-02-07 16:48 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00450683 _____ () C:\Users\********* N. *****\Downloads\Namexif.exe
2015-02-07 16:37 - 2015-02-07 16:37 - 00000959 _____ () C:\Users\********* N. *****\Desktop\Namexif.lnk
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Namexif
2015-02-03 23:50 - 2015-02-03 23:52 - 130232661 _____ () C:\Users\********* N. *****\Downloads\150202_1945_Dahoam-is-Dahoam_DiD-Folge-1456-Preissinger-Braeu.mp4
2015-02-03 23:50 - 2015-02-03 23:52 - 129051455 _____ () C:\Users\********* N. *****\Downloads\150203_1945_Dahoam-is-Dahoam_DiD-Folge-1457-Familienangelegenheiten.mp4
2015-01-30 09:34 - 2015-01-30 09:35 - 132496755 _____ () C:\Users\********* N. *****\Downloads\150128_1945_Dahoam-is-Dahoam_DiD-Folge-1453-Monis-Laenderspiel.mp4
2015-01-30 09:33 - 2015-01-30 09:35 - 131642079 _____ () C:\Users\********* N. *****\Downloads\150129_1945_Dahoam-is-Dahoam_DiD-Folge-1455-Rosi-und-der-Unbekannte.mp4
2015-01-28 10:12 - 2015-01-28 10:14 - 132902506 _____ () C:\Users\********* N. *****\Downloads\150127_1945_Dahoam-is-Dahoam_DiD-Folge-1453-Ein-schoener-Gerstl.mp4
2015-01-28 10:12 - 2015-01-28 10:14 - 130621447 _____ () C:\Users\********* N. *****\Downloads\150126_1945_Dahoam-is-Dahoam_DiD-Folge-1452-Ende-eines-Arbeitslebens.mp4
2015-01-23 10:08 - 2015-01-23 10:11 - 131597558 _____ () C:\Users\********* N. *****\Downloads\150114_1945_Dahoam-is-Dahoam_DiD-Folge-1446-Sucht-Gefahr.mp4
2015-01-23 10:07 - 2015-01-23 10:11 - 130007194 _____ () C:\Users\********* N. *****\Downloads\150119_1945_Dahoam-is-Dahoam_DiD-Folge-1448-Schockstarre.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 133603299 _____ () C:\Users\********* N. *****\Downloads\150120_1945_Dahoam-is-Dahoam_DiD-Folge-1449-Politische-Wurst-Phobie.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 131794112 _____ () C:\Users\********* N. *****\Downloads\150121_1945_Dahoam-is-Dahoam_DiD-Folge-1450-Verratene-Enden.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 131238060 _____ () C:\Users\********* N. *****\Downloads\150115_1945_Dahoam-is-Dahoam_DiD-Folge-1447-Rauchende-Kuesse.mp4
2015-01-23 10:06 - 2015-01-23 10:07 - 130627946 _____ () C:\Users\********* N. *****\Downloads\150122_1945_Dahoam-is-Dahoam_DiD-Folge-1451-Theres-mit-Television.mp4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-17 13:25 - 2013-05-18 09:20 - 00000976 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000UA.job
2015-02-17 13:07 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-17 13:07 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-17 12:59 - 2012-01-29 08:27 - 00000000 ____D () C:\ProgramData\clear.fi
2015-02-17 12:58 - 2015-01-03 21:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-17 12:58 - 2014-05-09 08:34 - 00241834 _____ () C:\Windows\PFRO.log
2015-02-17 12:58 - 2014-05-09 08:34 - 00037304 _____ () C:\Windows\setupact.log
2015-02-17 12:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-17 12:57 - 2011-12-21 02:38 - 01594420 _____ () C:\Windows\WindowsUpdate.log
2015-02-17 12:40 - 2015-01-03 21:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-17 11:52 - 2013-05-18 09:20 - 00000954 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000Core.job
2015-02-17 02:17 - 2012-01-29 09:18 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\vlc
2015-02-17 02:00 - 2014-08-20 01:37 - 00000000 ____D () C:\Users\********* N. *****\AppData\Local\Adobe
2015-02-17 01:07 - 2012-08-05 16:14 - 00000000 ____D () C:\Users\********* N. *****\AppData\Local\Spotify
2015-02-17 00:09 - 2012-08-05 16:14 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Spotify
2015-02-15 21:47 - 2013-03-06 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-15 21:46 - 2013-03-06 13:57 - 00000000 ____D () C:\ProgramData\Avira
2015-02-15 21:46 - 2013-03-06 13:57 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-15 21:37 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-15 21:32 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-15 13:36 - 2012-08-08 01:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-15 10:44 - 2012-01-29 08:20 - 00000000 ____D () C:\Users\********* N. *****
2015-02-12 04:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 04:04 - 2009-07-14 05:45 - 05253832 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 03:59 - 2014-12-11 03:42 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 03:59 - 2014-05-07 02:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 03:35 - 2012-02-09 13:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 03:29 - 2013-08-02 02:03 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 03:08 - 2012-02-19 15:42 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 23:47 - 2014-08-05 10:09 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 23:22 - 2014-02-27 17:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-09 23:22 - 2013-06-24 10:07 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-09 23:21 - 2014-02-23 23:18 - 00000000 ____D () C:\Program Files\Java
2015-02-09 23:18 - 2014-02-23 23:20 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-02-09 23:15 - 2014-08-08 13:58 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-09 23:15 - 2014-02-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-09 23:08 - 2012-04-01 16:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 23:08 - 2011-11-03 14:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 16:28 - 2012-01-29 09:46 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Adobe
2015-02-07 15:42 - 2011-12-21 11:26 - 00714474 _____ () C:\Windows\system32\perfh007.dat
2015-02-07 15:42 - 2011-12-21 11:26 - 00154526 _____ () C:\Windows\system32\perfc007.dat
2015-02-07 15:42 - 2009-07-14 06:13 - 01649664 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 18:23 - 2012-08-08 18:47 - 00000000 ____D () C:\Users\********* N. *****\Downloads\Pns
2015-02-04 09:35 - 2015-01-03 21:52 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 09:35 - 2015-01-03 21:52 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-27 15:20 - 2014-06-03 09:11 - 00000000 ___RD () C:\Users\********* N. *****\Desktop\Rewe

==================== Files in the root of some directories =======

2012-02-14 18:14 - 2014-12-26 14:20 - 0000132 _____ () C:\Users\********* N. *****\AppData\Roaming\Adobe BMP Format CS5 Prefs
2014-02-17 14:54 - 2014-02-17 14:54 - 0000132 _____ () C:\Users\********* N. *****\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-08-12 12:10 - 2015-01-03 20:40 - 0000132 _____ () C:\Users\********* N. *****\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-01-04 21:04 - 2013-01-19 17:49 - 0000356 _____ () C:\Users\********* N. *****\AppData\Roaming\burnaware.ini
2012-02-23 14:09 - 2012-02-23 14:58 - 0006656 _____ () C:\Users\********* N. *****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-03 09:09 - 2012-08-03 09:09 - 0001430 _____ () C:\Users\********* N. *****\AppData\Local\RecConfig.xml
2012-07-03 23:00 - 2012-07-03 23:00 - 0007605 _____ () C:\Users\********* N. *****\AppData\Local\Resmon.ResmonCfg
2012-07-05 18:39 - 2012-07-07 14:59 - 0017408 _____ () C:\Users\********* N. *****\AppData\Local\WebpageIcons.db
2011-12-21 02:58 - 2011-12-21 03:03 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log
2012-02-17 20:37 - 2013-02-10 20:58 - 0002568 _____ () C:\ProgramData\hpzinstall.log
2012-07-20 20:48 - 2012-07-20 20:48 - 0000032 _____ () C:\ProgramData\Temp.log

Some content of TEMP:
====================
C:\Users\********* N. *****\AppData\Local\Temp\avgnt.exe
C:\Users\********* N. *****\AppData\Local\Temp\Quarantine.exe
C:\Users\********* N. *****\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-12 04:45

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 17.02.2015 20:22

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Weck 18.02.2015 17:52
Hallo,
nein :) kaum noch Probleme, die Werbung ist weg...leider ist mein PC immer noch etwas langsam aber vielleicht ist der auch jetzt schon ein bisschen in die Jahre gekommen. Jetzt hab ich ein Problem, denn nachdem ich den Security Check durchführen wollte hat sich sofort mein Editor mit folgendem Text geöffnet:
Code:
UNSUPPORTED OPERATING SYSTEM! ABORTED!
Was habe ich falsch gemacht?
Der Eset Scanner hat gut gearbeitet und auch zehn Dateien gefunden und entfernt...leider finde ich die Log. Datei nicht im angegebenen Dateipfad...habe 64 bit und auch im zugehörigen Pfad nachgesehen, aber die Datei ist leider nicht da. Wie soll ich vorgehen?
Liebe Grüße und vielen tausend Dank für deine Hilfe, echt freundlich!!!
Weck

schrauber 19.02.2015 07:09
poste einfach mal ein frisches FRST log bitte :)

Weck 20.02.2015 00:22
Hallo,
hier im folgenden das frische FRST.log


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by ********* N. ***** (administrator) on ********* on 20-02-2015 00:14:37
Running from C:\Users\********* N. *****\Desktop
Loaded Profiles: ********* N. ***** (Available profiles: ********* N. *****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Spotify Ltd) C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\********* N. *****\AppData\Roaming\Spotify\spotify.exe
() C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
(DVDVideoSoft Ltd.) C:\Users\VALENT~1.DRO\AppData\Local\Temp\is-27KN4.tmp\netlogger.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2723624 2011-03-28] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\Run: [Spotify Web Helper] => C:\Users\********* N. *****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\...\Run: [GoogleChromeAutoLaunch_FF2926C14F0EE0991A80295B0C691949] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [898376 2015-02-04] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1110688070-1918160584-1403940281-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D933FD45-73D2-4FA8-B40F-270645B2990B}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-1110688070-1918160584-1403940281-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\********* N. *****\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Avira Browser Safety - C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\abs@avira.com [2015-02-14]
FF Extension: Adblock Plus - C:\Users\********* N. *****\AppData\Roaming\Mozilla\Firefox\Profiles\6hyy18nw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-08-13]

Chrome:
=======
CHR Profile: C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-03]
CHR Extension: (Google Docs) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-03]
CHR Extension: (Google Drive) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-03]
CHR Extension: (YouTube) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-03]
CHR Extension: (Adblock Plus) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-03]
CHR Extension: (Google Search) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-03]
CHR Extension: (Google Sheets) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-03]
CHR Extension: (Simple Speed Dial) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdpldlbafdmhlmcdllcjgoigmpjonfc [2015-01-03]
CHR Extension: (Google Wallet) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-03]
CHR Extension: (Gmail) - C:\Users\********* N. *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-04] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-02-04] (Avira Operations GmbH & Co. KG)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Marvell Semiconductor, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 00:13 - 2015-02-20 00:13 - 00000000 ____D () C:\Users\********* N. *****\Desktop\FRST-OlderVersion
2015-02-18 18:26 - 2015-02-18 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-18 18:26 - 2015-02-18 18:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-18 18:26 - 2015-02-18 18:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-18 18:24 - 2015-02-18 18:24 - 00000000 ____D () C:\Users\********* N. *****\Downloads\Silverlight_5.1.30214
2015-02-18 18:23 - 2015-02-18 18:23 - 20008315 _____ () C:\Users\********* N. *****\Downloads\Silverlight_5.1.30214.zip
2015-02-18 18:21 - 2015-02-18 18:21 - 01203488 _____ () C:\Users\********* N. *****\Downloads\Microsoft Silverlight - CHIP-Installer.exe
2015-02-18 08:32 - 2015-02-18 08:32 - 00852594 _____ () C:\Users\********* N. *****\Desktop\SecurityCheck.exe
2015-02-17 21:22 - 2015-02-17 21:22 - 02347384 _____ (ESET) C:\Users\********* N. *****\Desktop\esetsmartinstaller_deu.exe
2015-02-17 13:22 - 2015-02-17 14:14 - 00034426 _____ () C:\Users\********* N. *****\Desktop\JRT.txt
2015-02-17 13:07 - 2015-02-17 13:07 - 01388274 _____ (Thisisu) C:\Users\********* N. *****\Desktop\JRT.exe
2015-02-17 13:05 - 2015-02-17 13:03 - 00015596 _____ () C:\Users\********* N. *****\Desktop\AdwCleaner[S0].txt
2015-02-17 12:49 - 2015-02-17 12:56 - 00000000 ____D () C:\AdwCleaner
2015-02-17 12:48 - 2015-02-17 12:48 - 02112512 _____ () C:\Users\********* N. *****\Desktop\AdwCleaner_4.110.exe
2015-02-17 12:45 - 2015-02-17 13:44 - 00018841 _____ () C:\Users\********* N. *****\Desktop\mbam.txt
2015-02-17 11:50 - 2015-02-17 13:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-17 11:50 - 2015-02-17 11:50 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-17 11:50 - 2015-02-17 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-17 11:49 - 2015-02-17 11:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-17 11:49 - 2015-02-17 11:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-17 11:49 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-17 11:49 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-17 11:49 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-17 11:42 - 2015-02-17 11:42 - 00024949 _____ () C:\Users\********* N. *****\Desktop\ComboFix.txt
2015-02-17 11:41 - 2015-02-17 11:41 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\********* N. *****\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-15 23:52 - 2015-02-15 23:50 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-15 21:49 - 2015-02-15 21:49 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Avira
2015-02-15 21:46 - 2015-02-04 17:51 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-15 21:46 - 2015-02-04 17:51 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-15 21:46 - 2015-02-04 17:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-02-15 21:37 - 2015-02-15 21:37 - 00024949 _____ () C:\ComboFix.txt
2015-02-15 21:14 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-15 21:14 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-15 21:14 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-15 21:14 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-15 21:07 - 2015-02-15 21:08 - 160782960 _____ () C:\Users\********* N. *****\Desktop\avira_free_antivirus_de_15.0.8.624.exe
2015-02-15 20:54 - 2015-02-15 21:37 - 00000000 ____D () C:\Qoobox
2015-02-15 20:53 - 2015-02-15 21:33 - 00000000 ____D () C:\Windows\erdnt
2015-02-15 20:24 - 2015-02-15 20:24 - 05611771 ____R (Swearware) C:\Users\********* N. *****\Desktop\ComboFix.exe
2015-02-15 12:53 - 2015-02-15 12:53 - 00001232 _____ () C:\Users\********* N. *****\Desktop\Revo Uninstaller.lnk
2015-02-15 12:53 - 2015-02-15 12:53 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-15 12:49 - 2015-02-15 12:49 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\********* N. *****\Desktop\revosetup95.exe
2015-02-15 11:25 - 2015-02-15 11:36 - 00040251 _____ () C:\Users\********* N. *****\Desktop\Gmer.txt
2015-02-15 10:50 - 2015-02-15 10:57 - 00036294 _____ () C:\Users\********* N. *****\Desktop\Addition.txt
2015-02-15 10:47 - 2015-02-20 00:14 - 00017557 _____ () C:\Users\********* N. *****\Desktop\FRST.txt
2015-02-15 10:46 - 2015-02-20 00:14 - 00000000 ____D () C:\FRST
2015-02-15 10:44 - 2015-02-15 10:44 - 00000496 _____ () C:\Users\********* N. *****\Desktop\defogger_disable.log
2015-02-15 10:44 - 2015-02-15 10:44 - 00000000 _____ () C:\Users\********* N. *****\defogger_reenable
2015-02-15 10:31 - 2015-02-15 10:31 - 00380416 _____ () C:\Users\********* N. *****\Desktop\Gmer-19357.exe
2015-02-15 10:28 - 2015-02-20 00:13 - 02086912 _____ (Farbar) C:\Users\********* N. *****\Desktop\FRST64.exe
2015-02-15 10:26 - 2015-02-15 10:26 - 00050477 _____ () C:\Users\********* N. *****\Desktop\Defogger.exe
2015-02-12 04:19 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 04:19 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 04:19 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 04:19 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 10:27 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 10:27 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 10:27 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 10:26 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 10:26 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 10:26 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 10:26 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 10:26 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 10:26 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 10:26 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 10:26 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 10:26 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 10:26 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 10:26 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 10:26 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 10:26 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 10:26 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 10:26 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 10:26 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 10:26 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 10:26 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 10:26 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 10:26 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 10:26 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 10:26 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 10:26 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 10:26 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 10:26 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 10:26 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 10:26 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 10:26 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 10:26 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 10:26 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 10:26 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 10:26 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 10:26 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 10:26 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 10:26 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 10:26 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 10:26 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 10:26 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 10:26 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 10:26 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 10:26 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 10:26 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 10:26 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 10:26 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 10:26 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 10:26 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 10:26 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 10:26 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 10:26 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 10:26 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 10:25 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 10:25 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 10:25 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 10:25 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 10:25 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 10:25 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 10:25 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 10:25 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 10:25 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 10:25 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 10:25 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 10:25 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 10:25 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 10:25 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 10:25 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 10:25 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 10:25 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 10:25 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 10:25 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 10:25 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 10:24 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 10:24 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 10:24 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 10:24 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 10:24 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 10:24 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 10:24 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 10:23 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 10:23 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 10:23 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 10:23 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 10:23 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 10:23 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 10:23 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 10:23 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 17:49 - 2015-02-10 17:50 - 131115372 _____ () C:\Users\********* N. *****\Downloads\150205_1945_Dahoam-is-Dahoam_DiD-Folge-1459-Kunst-am-Kiosk.mp4
2015-02-10 17:49 - 2015-02-10 17:50 - 130909589 _____ () C:\Users\********* N. *****\Downloads\150204_1945_Dahoam-is-Dahoam_DiD-Folge-1458-Wirtsverstaerkung.mp4
2015-02-10 17:49 - 2015-02-10 17:49 - 129571707 _____ () C:\Users\********* N. *****\Downloads\150209_1945_Dahoam-is-Dahoam_DiD-Folge-1460-Ein-schlechter-guter-Tausch.mp4
2015-02-09 23:21 - 2015-02-09 23:15 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-09 23:21 - 2015-02-09 23:15 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-09 23:21 - 2015-02-09 23:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-09 23:20 - 2015-02-09 23:18 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-02-09 23:20 - 2015-02-09 23:18 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-02-09 23:20 - 2015-02-09 23:18 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-02-07 16:38 - 2015-02-07 16:48 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00450683 _____ () C:\Users\********* N. *****\Downloads\Namexif.exe
2015-02-07 16:37 - 2015-02-07 16:37 - 00000959 _____ () C:\Users\********* N. *****\Desktop\Namexif.lnk
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Namexif
2015-02-07 16:37 - 2015-02-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Namexif
2015-02-03 23:50 - 2015-02-03 23:52 - 130232661 _____ () C:\Users\********* N. *****\Downloads\150202_1945_Dahoam-is-Dahoam_DiD-Folge-1456-Preissinger-Braeu.mp4
2015-02-03 23:50 - 2015-02-03 23:52 - 129051455 _____ () C:\Users\********* N. *****\Downloads\150203_1945_Dahoam-is-Dahoam_DiD-Folge-1457-Familienangelegenheiten.mp4
2015-01-30 09:34 - 2015-01-30 09:35 - 132496755 _____ () C:\Users\********* N. *****\Downloads\150128_1945_Dahoam-is-Dahoam_DiD-Folge-1453-Monis-Laenderspiel.mp4
2015-01-30 09:33 - 2015-01-30 09:35 - 131642079 _____ () C:\Users\********* N. *****\Downloads\150129_1945_Dahoam-is-Dahoam_DiD-Folge-1455-Rosi-und-der-Unbekannte.mp4
2015-01-28 10:12 - 2015-01-28 10:14 - 132902506 _____ () C:\Users\********* N. *****\Downloads\150127_1945_Dahoam-is-Dahoam_DiD-Folge-1453-Ein-schoener-Gerstl.mp4
2015-01-28 10:12 - 2015-01-28 10:14 - 130621447 _____ () C:\Users\********* N. *****\Downloads\150126_1945_Dahoam-is-Dahoam_DiD-Folge-1452-Ende-eines-Arbeitslebens.mp4
2015-01-23 10:08 - 2015-01-23 10:11 - 131597558 _____ () C:\Users\********* N. *****\Downloads\150114_1945_Dahoam-is-Dahoam_DiD-Folge-1446-Sucht-Gefahr.mp4
2015-01-23 10:07 - 2015-01-23 10:11 - 130007194 _____ () C:\Users\********* N. *****\Downloads\150119_1945_Dahoam-is-Dahoam_DiD-Folge-1448-Schockstarre.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 133603299 _____ () C:\Users\********* N. *****\Downloads\150120_1945_Dahoam-is-Dahoam_DiD-Folge-1449-Politische-Wurst-Phobie.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 131794112 _____ () C:\Users\********* N. *****\Downloads\150121_1945_Dahoam-is-Dahoam_DiD-Folge-1450-Verratene-Enden.mp4
2015-01-23 10:07 - 2015-01-23 10:10 - 131238060 _____ () C:\Users\********* N. *****\Downloads\150115_1945_Dahoam-is-Dahoam_DiD-Folge-1447-Rauchende-Kuesse.mp4
2015-01-23 10:06 - 2015-01-23 10:07 - 130627946 _____ () C:\Users\********* N. *****\Downloads\150122_1945_Dahoam-is-Dahoam_DiD-Folge-1451-Theres-mit-Television.mp4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-19 23:53 - 2012-08-05 16:14 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Spotify
2015-02-19 23:40 - 2015-01-03 21:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-19 22:25 - 2013-05-18 09:20 - 00000976 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000UA.job
2015-02-19 21:19 - 2012-08-05 16:14 - 00000000 ____D () C:\Users\********* N. *****\AppData\Local\Spotify
2015-02-19 21:03 - 2012-01-29 09:18 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\vlc
2015-02-19 18:04 - 2015-01-03 21:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-19 18:03 - 2013-05-18 09:20 - 00000954 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1110688070-1918160584-1403940281-1000Core.job
2015-02-19 17:51 - 2014-05-09 08:34 - 00037528 _____ () C:\Windows\setupact.log
2015-02-19 08:11 - 2011-12-21 02:38 - 01758426 _____ () C:\Windows\WindowsUpdate.log
2015-02-19 08:10 - 2014-08-20 01:37 - 00000000 ____D () C:\Users\********* N. *****\AppData\Local\Adobe
2015-02-17 13:07 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-17 13:07 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-17 12:59 - 2012-01-29 08:27 - 00000000 ____D () C:\ProgramData\clear.fi
2015-02-17 12:58 - 2014-05-09 08:34 - 00241834 _____ () C:\Windows\PFRO.log
2015-02-17 12:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 21:47 - 2013-03-06 13:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-15 21:46 - 2013-03-06 13:57 - 00000000 ____D () C:\ProgramData\Avira
2015-02-15 21:46 - 2013-03-06 13:57 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-15 21:37 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-15 21:32 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-15 13:36 - 2012-08-08 01:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-15 10:44 - 2012-01-29 08:20 - 00000000 ____D () C:\Users\********* N. *****
2015-02-12 04:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 04:04 - 2009-07-14 05:45 - 05253832 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 03:59 - 2014-12-11 03:42 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 03:59 - 2014-05-07 02:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 03:35 - 2012-02-09 13:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-12 03:29 - 2013-08-02 02:03 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 03:08 - 2012-02-19 15:42 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 23:47 - 2014-08-05 10:09 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 23:22 - 2014-02-27 17:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-09 23:22 - 2013-06-24 10:07 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-09 23:21 - 2014-02-23 23:18 - 00000000 ____D () C:\Program Files\Java
2015-02-09 23:18 - 2014-02-23 23:20 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-02-09 23:15 - 2014-08-08 13:58 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-09 23:15 - 2014-02-23 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-09 23:08 - 2012-04-01 16:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 23:08 - 2011-11-03 14:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 16:28 - 2012-01-29 09:46 - 00000000 ____D () C:\Users\********* N. *****\AppData\Roaming\Adobe
2015-02-07 15:42 - 2011-12-21 11:26 - 00714474 _____ () C:\Windows\system32\perfh007.dat
2015-02-07 15:42 - 2011-12-21 11:26 - 00154526 _____ () C:\Windows\system32\perfc007.dat
2015-02-07 15:42 - 2009-07-14 06:13 - 01649664 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 18:23 - 2012-08-08 18:47 - 00000000 ____D () C:\Users\********* N. *****\Downloads\Pns
2015-02-04 09:35 - 2015-01-03 21:52 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 09:35 - 2015-01-03 21:52 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-27 15:20 - 2014-06-03 09:11 - 00000000 ___RD () C:\Users\********* N. *****\Desktop\Rewe

==================== Files in the root of some directories =======

2012-02-14 18:14 - 2014-12-26 14:20 - 0000132 _____ () C:\Users\********* N. *****\AppData\Roaming\Adobe BMP Format CS5 Prefs
2014-02-17 14:54 - 2014-02-17 14:54 - 0000132 _____ () C:\Users\********* N. *****\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-08-12 12:10 - 2015-01-03 20:40 - 0000132 _____ () C:\Users\********* N. *****\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-01-04 21:04 - 2013-01-19 17:49 - 0000356 _____ () C:\Users\********* N. *****\AppData\Roaming\burnaware.ini
2012-02-23 14:09 - 2012-02-23 14:58 - 0006656 _____ () C:\Users\********* N. *****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-03 09:09 - 2012-08-03 09:09 - 0001430 _____ () C:\Users\********* N. *****\AppData\Local\RecConfig.xml
2012-07-03 23:00 - 2012-07-03 23:00 - 0007605 _____ () C:\Users\********* N. *****\AppData\Local\Resmon.ResmonCfg
2012-07-05 18:39 - 2012-07-07 14:59 - 0017408 _____ () C:\Users\********* N. *****\AppData\Local\WebpageIcons.db
2011-12-21 02:58 - 2011-12-21 03:03 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log
2012-02-17 20:37 - 2013-02-10 20:58 - 0002568 _____ () C:\ProgramData\hpzinstall.log
2012-07-20 20:48 - 2012-07-20 20:48 - 0000032 _____ () C:\ProgramData\Temp.log

Some content of TEMP:
====================
C:\Users\********* N. *****\AppData\Local\Temp\avgnt.exe
C:\Users\********* N. *****\AppData\Local\Temp\Quarantine.exe
C:\Users\********* N. *****\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-12 04:45

==================== End Of Log ============================
--- --- ---

schrauber 20.02.2015 14:08
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




wann genau ist der Rechner denn langsam?

Weck 21.02.2015 00:33
Hi,
das habe ich nun erledigt. Mein Computer ist besonders langsam beim ausführen von Maxdome, dort wird das Silverlight Plugin von Microsoft verwendet (welches bei mir auf dem neuesten Stand ist). An der Geschwindigkeit unseres Internets kann es nicht liegen, da es auf dem PC meiner Frau problemlos funktioniert. Liegt das an meinem veralteten PC oder hat das möglicherweisen noch eine andere Ursache?
Im folgenden das Log file:
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by ******** N. ***** at 2015-02-21 00:13:53 Run:1
Running from C:\Users\******** N. *****\Desktop
Loaded Profiles: ******** N. ***** (Available profiles: ******** N. *****)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Emptytemp:
*****************

EmptyTemp: => Removed 1 GB temporary data.


The system needed a reboot.

==== End of Fixlog 00:14:42 ====
Danke für deine Mühe und deine Zeit!
Liebe Grüße
Weck

schrauber 21.02.2015 14:15
In welchem Browser öffnest Du Maxdome?


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:52 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131