Code:
# AdwCleaner v4.201 - Bericht erstellt 22/04/2015 um 17:56:05
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-21.3 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Felix - FELIX
# Gestarted von : C:\Users\Felix\Downloads\adwcleaner_4.201.exe
# Option : Suchlauf
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
Task Gefunden : kong_games_notification_service
Task Gefunden : kong_games_updating_service
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OCS
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v37.0.2 (x86 de)
-\\ Google Chrome v42.0.2311.90
[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo2&babsrc=SP_ss&mntrId=42411E85DE79BA30
[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Default_Search_Provider_Data] : hxxps://www.google.de/search?q={searchTerms}?trackid=sp-006",
"usage_count": 0
}
},
"extensions": {
"known_disabled": null,
"settings": {
"ahfgeienlihckogmohjhadlkjgocpleb": {
"active_permissions": {
"api": [ "management", "system.display", "system.storage", "webstorePrivate", "system.cpu", "system.memory", "system.network" ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "t",
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13047724783692605",
"location": 5,
"manifest": {
"app": {
"launch": {
"web_url": "hxxps://chrome.google.com/webstore"
},
"urls": [ "hxxps://chrome.google.com/webstore" ]
},
"description": "Chrome Web Store",
"icons": {
"128": "webstore_icon_128.png",
"16": "webstore_icon_16.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB",
"name": "Store",
"permissions": [ "webstorePrivate", "management" ],
"version": "0.2"
},
"page_ordinal": "n",
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\web_store",
"preferences": {
},
"regular_only_preferences": {
},
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"ajdnlgehefnmaiighnbaibekhdfhnipd": {
"active_permissions": {
"api": [ "tabs", "webNavigation", "webRequest", "webRequestBlocking" ],
"explicit_host": [ "hxxp://*/*", "hxxps://*/*" ],
"manifest_permissions": [ ]
},
"creation_flags": 9,
"events": [ ],
"from_webstore": true,
"granted_permissions": {
"api": [ "tabs", "webNavigation", "webRequest", "webRequestBlocking", "webRequestInternal" ],
"explicit_host": [ "hxxp://*/*", "hxxps://*/*" ],
"scriptable_host": [ "hxxp://*/*", "hxxps://*/*" ]
},
"install_time": "13073320642900563",
"lastpingday": "13073295608495601",
"location": 1,
"manifest": {
"background": {
"scripts": [ "background.js" ]
},
"description": "ajdnlgehefnmaiighnbaibekhdfhnipd",
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC257s4IqD1GV7WZSXcBfBnlzCJbnqg/s0j08v3MrWKCA23msKYJiLVYdgISkgnA9i33F5RmfjHuFL+i9LPIiOLWM/0vZCwt9eVDRud/CeL71bQ+97HcR4xKtdCv/MgGOWd2ekzd183I5WXFMa7X3Asgzd+6fTsM/z9WAXnCdhbyQIDAQAB",
"manifest_version": 2,
"name": "ajdnlgehefnmaiighnbaibekhdfhnipd",
"permissions": [ "hxxp://*/*", "hxxps://*/*", "tabs", "webNavigation", "webRequest", "webRequestBlocking" ],
"update_url": "hxxps://clients2.google.com/service/update2/crx",
"version": "13712.16.4"
},
"path": "ajdnlgehefnmaiighnbaibekhdfhnipd\\13712.16.4_0",
"state": 1
},
"aohghmighlieiainnegkcijnfilokake": {
"ack_external": true,
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "w",
"commands": {
},
"content_settings": [ ],
"creation_flags": 137,
"events": [ ],
"from_bookmark": false,
"from_webstore": true,
"granted_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13073320651974211",
"lastpingday": "13073295608495601",
"location": 1,
"manifest": {
"api_console_project_id": "619683526622",
"app": {
"launch": {
"local_path": "main.html"
}
},
"container": "GOOGLE_DRIVE",
"current_locale": "de",
"default_locale": "en_US",
"description": "Dokumente erstellen und bearbeiten",
"icons": {
"128": "icon_128.png",
"16": "icon_16.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJhLK6fk/BWTEvJhywpk7jDe4A2r0bGXGOLZW4/AdBp3IiD9o9nx4YjLAtv0tIPxi7MvFd/GUUbQBwHT5wQWONJj1z/0Rc2qBkiJA0yqXh42p0snuA8dCfdlhOLsp7/XTMEwAVasjV5hC4awl78eKfJYlZ+8fM/UldLWJ/51iBQwIDAQAB",
"manifest_version": 2,
"name": "Google Docs",
"offline_enabled": true,
"update_url": "hxxps://clients2.google.com/service/update2/crx",
"version": "0.9"
},
"page_ordinal": "n",
"path": "aohghmighlieiainnegkcijnfilokake\\0.9_0",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": true,
"was_installed_by_oem": false
},
"apdfllckaahabafndbhieahigkjlhalf": {
"ack_external": true,
"active_permissions": {
"api": [ "background", "clipboardRead", "clipboardWrite", "notifications", "unlimitedStorage" ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "y",
"commands": {
},
"content_settings": [ ],
"creation_flags": 137,
"events": [ ],
"from_bookmark": false,
"from_webstore": true,
"granted_permissions": {
"api": [ "background", "clipboardRead", "clipboardWrite", "notifications", "unlimitedStorage" ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13073320652852123",
"lastpingday": "13073295608495601",
"location": 1,
"manifest": {
"app": {
"launch": {
"web_url": "hxxps://drive.google.com/?usp=chrome_app"
},
"urls": [ "hxxp://docs.google.com/", "hxxp://drive.google.com/", "hxxps://docs.google.com/", "hxxps://drive.google.com/" ]
},
"background": {
"allow_js_access": false
},
"current_locale": "de",
"default_locale": "en_US",
"description": "Google Drive: Alle Inhalte an einem Ort erstellen, teilen und speichern.",
"icons": {
"128": "128.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB",
"manifest_version": 2,
"name": "Google Drive",
"offline_enabled": true,
"options_page": "hxxps://drive.google.com/settings",
"permissions": [ "background", "clipboardRead", "clipboardWrite", "notifications", "unlimitedStorage" ],
"update_url": "hxxps://clients2.google.com/service/update2/crx",
"version": "6.4"
},
"page_ordinal": "n",
"path": "apdfllckaahabafndbhieahigkjlhalf\\6.4_0",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": true,
"was_installed_by_oem": false
},
"bepbmhgboaologfdajaanbcjmnhjmhfn": {
"disable_reasons": 1,
"state": 0
},
"blpcfgokakmgnkcojhhkbfbldkacnbeo": {
"ack_external": true,
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "yn",
"commands": {
},
"content_settings": [ ],
"creation_flags": 153,
"events": [ ],
"from_bookmark": true,
"from_webstore": true,
"granted_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13073320651501919",
"lastpingday": "13073295608495601",
"location": 1,
"manifest": {
"app": {
"launch": {
"container": "tab",
"web_url": "hxxp://www.youtube.com/?feature=ytca"
},
"web_content": {
"enabled": true,
"origin": "hxxp://www.youtube.com"
}
},
"current_locale": "de",
"default_locale": "en",
"description": "Die beliebteste Online-Video-Community der Welt",
"icons": {
"128": "128.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB",
"manifest_version": 2,
"name": "YouTube",
"update_url": "hxxp://clients2.google.com/service/update2/crx",
"version": "4.2.7"
},
"page_ordinal": "n",
"path": "blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": true,
"was_installed_by_oem": false
},
"booedmolknjekdopkepjjeckmjkdpfgl": {
"active_permissions": {
"api": [ "tabs", "webNavigation", "webRequest", "webRequestBlocking" ],
"explicit_host": [ "chrome://newtab/*", "chrome://settings-frame/*", "hxxp://*/*", "hxxps://*/*" ],
"manifest_permissions": [ ],
"scriptable_host": [ "chrome://settings-frame/*" ]
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13051051267998485",
"location": 5,
"manifest": {
"background": {
"persistent": true,
"scripts": [ "bk.js" ]
},
"content_scripts": [ {
"js": [ "cs.js" ],
"matches": [ "chrome://settings-frame/*" ]
} ],
"content_security_policy": "default-src 'self'; script-src chrome://resources 'self' chrome://settings-frame 'unsafe-eval'; frame-src 'self' chrome://settings-frame; style-src 'self' 'unsafe-inline';object-src 'self';",
"description": "Extutil",
"incognito": "spanning",
"key": "MIAfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+ea9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB",
"manifest_version": 2,
"name": "Extutil",
"permissions": [ "chrome://newtab/", "tabs", "webNavigation", "webRequest", "webRequestBlocking", "hxxp://*/*", "hxxps://*/*", "chrome://settings-frame/" ],
"version": "0.1"
},
"path": "C:\\Users\\Felix\\AppData\\Local\\Temp\\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B",
"preferences": {
},
"regular_only_preferences": {
},
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"coobgpohoikkiipiblmjeljniedjpjpf": {
"ack_external": true,
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "z",
"commands": {
},
"content_settings": [ ],
"creation_flags": 153,
"events": [ ],
"from_bookmark": true,
"from_webstore": true,
"granted_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13073320652403979",
"lastpingday": "13073295608495601",
"location": 1,
"manifest": {
"app": {
"launch": {
"web_url": "hxxp://www.google.com/webhp?source=search_app"
},
"urls": [ "*://www.google.com/search", "*://www.google.com/webhp", "*://www.google.com/imgres" ]
},
"current_locale": "de",
"default_locale": "en",
"description": "Die schnellste Suche im Web.",
"icons": {
"128": "128.png",
"16": "16.png",
"32": "32.png",
"48": "48.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB",
"manifest_version": 2,
"name": "Google-Suche",
"permissions": [ ],
"update_url": "hxxp://clients2.google.com/service/update2/crx",
"version": "0.0.0.30"
},
"page_ordinal": "n",
"path": "coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.30_0",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": true,
"was_installed_by_oem": false
},
"eemcgdkfndhakfknompkggombfjjjeno": {
"active_permissions": {
"api": [ "bookmarks", "bookmarkManagerPrivate", "metricsPrivate", "systemPrivate", "tabs" ],
"explicit_host": [ "chrome://favicon/*", "chrome://resources/*" ],
"manifest_permissions": [ ]
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13047724783691605",
"location": 5,
"manifest": {
"chrome_url_overrides": {
"bookmarks": "main.html"
},
"content_security_policy": "object-src 'none'; script-src chrome://resources 'self'",
"description": "Bookmark Manager",
"icons": {
},
"incognito": "split",
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+eN9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB",
"manifest_version": 2,
"name": "Bookmark Manager",
"permissions": [ "bookmarks", "bookmarkManagerPrivate", "metricsPrivate", "systemPrivate", "tabs", "chrome://favicon/", "chrome://resources/" ],
"version": "0.1"
},
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\bookmark_manager",
"preferences": {
},
"regular_only_preferences": {
},
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"ennkphjdgehloodpbhlhldgbnhmacadg": {
"active_permissions": {
"api": [ ],
"explicit_host": [ "chrome://settings-frame/*" ],
"manifest_permissions": [ ]
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ "app.runtime.onLaunched" ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13047724783694605",
"location": 5,
"manifest": {
"app": {
"background": {
"scripts": [ "settings_app.js" ]
}
},
"description": "Settings",
"display_in_launcher": false,
"icons": {
"128": "settings_app_icon_128.png",
"16": "settings_app_icon_16.png",
"32": "settings_app_icon_32.png",
"48": "settings_app_icon_48.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoVDPGX6fvKPVVgc+gnkYlGqHuuapgFDyKhsy4z7UzRLO/95zXPv8h8e5EacqbAQJLUbP6DERH5jowyNEYVxq9GJyntJMwP1ejvoz/52hnY3CCGGCmttmKzzpp5zwLuq3iZf8bslwywfflNUYtaCFSDa0TtrBZz0aOPrAAd/AhNwIDAQAB",
"manifest_version": 2,
"name": "Settings",
"permissions": [ "chrome://settings-frame/" ],
"version": "0.2"
},
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\settings_app",
"preferences": {
},
"regular_only_preferences": {
},
"running": false,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"flpcjncodpafbgdpnkljologafpionhb": {
"active_permissions": {
"api": [ "tabs", "webNavigation" ],
"explicit_host": [ "chrome://favicon/*", "chrome://resources/*", "chrome://settings-frame/*", "hxxp://*.conduit.com/*
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [65986 Bytes] - [12/04/2015 15:04:05]
AdwCleaner[R1].txt - [944 Bytes] - [12/04/2015 15:30:27]
AdwCleaner[R2].txt - [1002 Bytes] - [12/04/2015 15:47:09]
AdwCleaner[R3].txt - [21729 Bytes] - [22/04/2015 17:56:05]
AdwCleaner[S0].txt - [64009 Bytes] - [12/04/2015 15:05:08]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [21849 Bytes] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.0 (04.20.2015:1)
OS: Windows 8.1 x64
Ran by Felix on 22.04.2015 at 18:09:32,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-139508608-1474498159-1540305936-1002
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.04.2015 at 18:12:57,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Felix (administrator) on FELIX on 22-04-2015 18:14:33
Running from C:\Users\Felix\Downloads
Loaded Profiles: Felix (Available profiles: UpdatusUser & Felix)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSM32.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Reputation\fsorsp.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSM32.EXE [310312 2014-10-14] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Hoster (46271)] => C:\Program Files (x86)\Vodafone\Sicherheitscenter\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-04-12] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\Run: [Steam] => "D:\Steam2\steam.exe" -silent
HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\MountPoints2: {5c6a9973-ccc9-11e4-bf5a-08606e01042f} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\MountPoints2: {c8446d1e-73c4-11e4-bf48-08606e01042f} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\MountPoints2: {de316d3d-70ce-11e4-bf46-08606e01042f} - "F:\HTC_Sync_Manager_PC.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-06-14]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-16]
ShortcutTarget: Dropbox.lnk -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-04-07]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-139508608-1474498159-1540305936-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2015-04-15] (F-Secure Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2015-04-15] (F-Secure Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-139508608-1474498159-1540305936-1002: amazon.com/AmazonMP3DownloaderPlugin -> D:\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-139508608-1474498159-1540305936-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-02-28] ()
FF Extension: YouTube Unblocker - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844\Extensions\youtubeunblocker@unblocker.yt [2015-04-12]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844\Extensions\adblockpopups@jessehakanen.net.xpi [2015-04-12]
FF Extension: Adblock Plus - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-04-21]
FF HKLM-x32\...\Firefox\Extensions: [{97009068-f556-4ec1-8c38-9b28d77668b3}] - C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-12]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-01]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ajdnlgehefnmaiighnbaibekhdfhnipd) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajdnlgehefnmaiighnbaibekhdfhnipd [2015-04-12]
CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-25]
CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-25]
CHR Extension: (YouTube) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-25]
CHR Extension: (Google Search) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-12]
CHR Extension: (Google Wallet) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-20]
CHR Extension: (Gmail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-12]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/Vodafone/Sicherheitscenter/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-11-27]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-04-12] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 fshoster; C:\Program Files (x86)\Vodafone\Sicherheitscenter\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2014-10-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 Origin Client Service; D:\origin\OriginClientService.exe [1900400 2014-11-17] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-04-12] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-04-12] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-02-25] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-04-14] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-08-01] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42672 2013-07-12] ()
R3 fsni; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\fsni64.sys [90152 2015-04-15] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 mcdevice; C:\Windows\system32\DRIVERS\mcdevice.sys [334400 2011-05-19] (ShiningMorning Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-12] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-22 18:12 - 2015-04-22 18:12 - 00000725 _____ () C:\Users\Felix\Desktop\JRT.txt
2015-04-22 18:09 - 2015-04-22 18:09 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-FELIX-Windows-8.1-(64-bit).dat
2015-04-22 18:09 - 2015-04-22 18:09 - 00000000 ____D () C:\RegBackup
2015-04-22 18:07 - 2015-04-22 18:07 - 02685507 _____ (Thisisu) C:\Users\Felix\Downloads\JRT.exe
2015-04-21 19:10 - 2015-04-21 19:11 - 00044810 _____ () C:\Users\Felix\Downloads\Addition.txt
2015-04-21 19:09 - 2015-04-22 18:14 - 00021224 _____ () C:\Users\Felix\Downloads\FRST.txt
2015-04-21 19:09 - 2015-04-22 18:14 - 00000000 ____D () C:\FRST
2015-04-21 19:09 - 2015-04-21 19:09 - 02099712 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe
2015-04-21 17:43 - 2015-04-22 18:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 16:44 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 16:44 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 16:44 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 16:44 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 16:44 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 16:44 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 16:44 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 16:44 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 16:44 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 16:44 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 16:44 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 16:44 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 16:43 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 16:43 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 16:43 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 16:43 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 16:43 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 16:43 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 16:43 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 16:43 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 16:43 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-15 16:43 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-15 16:43 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 16:43 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 16:43 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 16:43 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 16:43 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 16:43 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 16:43 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 16:43 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 16:43 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 16:43 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 16:43 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 16:43 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 16:43 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 16:43 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 16:43 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 16:43 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 16:43 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 16:43 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 16:43 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 16:43 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 16:43 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 16:43 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 16:43 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 16:43 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 16:43 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 16:43 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 16:43 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 16:43 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 16:43 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 16:43 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 16:43 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 16:43 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 16:43 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 16:43 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 16:43 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 16:43 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 16:43 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 16:43 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 16:43 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 16:43 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 16:43 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 16:43 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 16:43 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 16:43 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 16:43 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 16:43 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 16:43 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 16:43 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 11:43 - 2015-04-21 18:19 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 11:43 - 2015-04-15 11:43 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-15 11:43 - 2015-04-15 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-15 11:43 - 2015-04-15 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-15 11:43 - 2015-04-15 11:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-15 11:43 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-15 11:43 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-15 11:43 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-15 11:41 - 2015-04-15 11:41 - 01203488 _____ () C:\Users\Felix\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-04-12 18:29 - 2015-04-12 18:29 - 00291192 _____ () C:\WINDOWS\Minidump\041215-28937-01.dmp
2015-04-12 18:29 - 2015-04-12 18:29 - 00000000 ____D () C:\WINDOWS\Minidump
2015-04-12 16:32 - 2015-04-12 16:32 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\AVAST Software
2015-04-12 16:31 - 2015-04-22 18:02 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-04-12 16:31 - 2015-04-12 16:34 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-04-12 16:31 - 2015-04-12 16:34 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-04-12 16:31 - 2015-04-12 16:31 - 00001940 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-12 16:31 - 2015-04-12 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-12 16:31 - 2015-04-12 16:30 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-04-12 16:31 - 2015-04-12 16:30 - 00441728 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-04-12 16:31 - 2015-04-12 16:30 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-04-12 16:31 - 2015-04-12 16:30 - 00268640 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-04-12 16:31 - 2015-04-12 16:30 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-04-12 16:31 - 2015-04-12 16:30 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-04-12 16:31 - 2015-04-12 16:30 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-04-12 16:31 - 2015-04-12 16:30 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-04-12 16:31 - 2015-04-12 16:30 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-04-12 16:30 - 2015-04-12 16:30 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-04-12 16:24 - 2015-04-12 16:29 - 147571744 _____ (Avast Software s.r.o.) C:\Users\Felix\Downloads\avast_free_antivirus_setup.exe
2015-04-12 16:07 - 2015-04-22 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-12 16:07 - 2015-04-12 16:07 - 00001173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-12 16:07 - 2015-04-12 16:07 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-12 16:06 - 2015-04-12 16:06 - 00243656 _____ () C:\Users\Felix\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-12 15:37 - 2015-04-12 15:37 - 00000000 ____D () C:\Users\Felix\Desktop\Alte Firefox-Daten
2015-04-12 15:04 - 2015-04-22 17:58 - 00000000 ____D () C:\AdwCleaner
2015-04-12 15:03 - 2015-04-12 15:03 - 02217984 _____ () C:\Users\Felix\Downloads\adwcleaner_4.201.exe
2015-04-12 14:27 - 2015-04-12 14:27 - 00000004 _____ () C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-06 00:39 - 2015-04-06 00:39 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-06 00:39 - 2015-04-06 00:39 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-04 12:08 - 2015-04-04 12:08 - 00000000 ____D () C:\Users\Felix\AppData\Local\Intel_Corporation
2015-04-01 11:54 - 2015-04-03 12:42 - 00000000 ____D () C:\Users\Felix\AppData\Local\Ori and the Blind Forest
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Felix\AppData\Roaming\DbNXDy5Q4IKtT8LP
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Felix\AppData\Roaming\hJzzSTN1rrrH5RhdAEej
2015-03-30 23:39 - 2015-04-10 15:15 - 00000000 ____D () C:\Users\Felix\Desktop\m7
2015-03-30 16:35 - 2015-03-30 16:35 - 00001323 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-03-30 16:35 - 2015-03-30 16:35 - 00000000 ____D () C:\WINDOWS\de
2015-03-30 16:34 - 2015-04-22 18:06 - 00005124 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for FELIX-Felix Felix
2015-03-30 16:34 - 2015-03-31 05:41 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-139508608-1474498159-1540305936-1002
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-22 18:14 - 2014-06-20 09:54 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-22 18:13 - 2014-10-29 16:22 - 00000000 ___RD () C:\Users\Felix\OneDrive
2015-04-22 18:05 - 2014-06-20 09:54 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-22 18:04 - 2014-10-29 15:46 - 01979203 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-22 18:03 - 2013-10-16 21:18 - 00000000 ___RD () C:\Users\Felix\Dropbox
2015-04-22 18:03 - 2013-10-16 21:13 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Dropbox
2015-04-22 18:01 - 2013-01-19 21:23 - 00000408 _____ () C:\Users\Felix\AppData\Roaming\sp_data.sys
2015-04-22 18:00 - 2014-09-23 23:06 - 00087764 _____ () C:\WINDOWS\PFRO.log
2015-04-22 18:00 - 2013-08-22 16:46 - 00366280 _____ () C:\WINDOWS\setupact.log
2015-04-22 18:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-22 18:00 - 2012-10-23 17:49 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-22 17:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-22 17:51 - 2014-12-01 14:08 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C69B8757-5BE9-4895-B358-6C05901986F7}
2015-04-22 17:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-22 08:38 - 2015-01-04 21:29 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-20 14:56 - 2013-06-14 14:04 - 00005052 _____ () C:\Users\Felix\AppData\Roaming\wklnhst.dat
2015-04-19 19:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-19 15:11 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-18 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-18 01:15 - 2014-06-20 09:59 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-17 10:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 23:08 - 2013-01-25 21:48 - 00114176 ___SH () C:\Users\Felix\Desktop\Thumbs.db
2015-04-15 17:15 - 2013-07-23 12:51 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 17:12 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-15 17:11 - 2013-01-21 16:48 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-15 17:04 - 2014-12-10 01:10 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 17:04 - 2014-09-24 09:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 16:42 - 2014-11-12 08:51 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-15 11:39 - 2015-01-04 21:29 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-14 01:24 - 2014-11-02 13:01 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-11-02 13:01 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 21:24 - 2014-10-29 15:52 - 00000000 ____D () C:\Users\Felix
2015-04-12 18:29 - 2013-05-16 11:08 - 931867784 _____ () C:\WINDOWS\MEMORY.DMP
2015-04-12 16:29 - 2013-01-25 15:03 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-12 15:59 - 2013-08-22 16:44 - 00514064 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-04-12 15:56 - 2013-11-11 10:01 - 00000000 ____D () C:\Program Files (x86)\eRightSoft
2015-04-09 11:42 - 2013-10-16 21:18 - 00001068 _____ () C:\Users\Felix\Desktop\Dropbox.lnk
2015-04-09 11:42 - 2013-10-16 21:16 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-07 13:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-04 11:42 - 2013-01-20 20:27 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Skype
2015-04-02 12:46 - 2014-09-24 08:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-02 12:46 - 2014-09-24 07:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-02 12:46 - 2014-09-24 07:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-01 15:46 - 2013-03-12 13:32 - 00000000 ____D () C:\Users\Felix\Desktop\Games
2015-03-30 17:41 - 2014-07-17 21:07 - 00000000 ____D () C:\ProgramData\StaxRip
2015-03-30 16:35 - 2013-04-18 17:31 - 00001392 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-03-30 16:34 - 2013-04-18 17:30 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-03-30 16:34 - 2013-02-16 14:17 - 00560057 _____ () C:\WINDOWS\DirectX.log
2015-03-30 11:23 - 2013-08-22 17:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2015-03-30 11:15 - 2014-09-24 08:00 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sppui
2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-30 11:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-03-30 11:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-03-30 11:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sppui
2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2015-03-30 11:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-03-30 11:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-03-30 11:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-03-30 11:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-03-30 11:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-30 11:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-03-30 11:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-03-26 13:01 - 2013-09-13 10:57 - 00000000 ____D () C:\Users\Felix\Desktop\Dokumente
==================== Files in the root of some directories =======
2014-07-17 12:52 - 2014-07-17 12:52 - 0000000 ___RH () C:\Users\Felix\AppData\Roaming\54126a93f534ad925e773cb8bd280ec62
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Felix\AppData\Roaming\DbNXDy5Q4IKtT8LP
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Felix\AppData\Roaming\hJzzSTN1rrrH5RhdAEej
2013-03-12 12:13 - 2013-03-16 14:01 - 0004104 _____ () C:\Users\Felix\AppData\Roaming\MassLaunch.log.txt
2013-01-19 21:23 - 2015-04-22 18:01 - 0000408 _____ () C:\Users\Felix\AppData\Roaming\sp_data.sys
2013-06-14 14:04 - 2015-04-20 14:56 - 0005052 _____ () C:\Users\Felix\AppData\Roaming\wklnhst.dat
2013-06-19 16:19 - 2013-12-11 10:47 - 0005632 _____ () C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-21 16:25 - 2015-02-19 20:56 - 0007606 _____ () C:\Users\Felix\AppData\Local\resmon.resmoncfg
2014-12-05 15:56 - 2014-12-05 15:56 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
Some content of TEMP:
====================
C:\Users\Felix\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi8rzk2.dll
C:\Users\Felix\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Felix\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Felix\AppData\Local\Temp\FreeYouTubeDownload.exe
C:\Users\Felix\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Felix\AppData\Local\Temp\Quarantine.exe
C:\Users\Felix\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Felix\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Felix\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Felix\AppData\Local\Temp\sqlite3.dll
C:\Users\Felix\AppData\Local\Temp\TUUUninstallHelper.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-16 06:41
==================== End Of Log ============================ --- --- ---
___
Vielen Dank! Ich glaube, das Problem wurde behoben :)
Gruß,
ShaoTse |