Trojaner-Board - Windows 8.1: Malware-Virus (eFix Pro/kong games)

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015

Ran by Felix (administrator) on FELIX on 21-04-2015 19:09:45

Running from C:\Users\Felix\Downloads

Loaded Profiles: Felix (Available profiles: UpdatusUser & Felix)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\fshoster32.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Reputation\fsorsp.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\fsgk32.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSMA32.EXE

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSHDLL64.EXE

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\fssm32.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe

(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe

(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Dropbox, Inc.) C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSM32.EXE

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\fshoster32.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)

HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)

HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSM32.EXE [310312 2014-10-14] (F-Secure Corporation)

HKLM-x32\...\Run: [F-Secure Hoster (46271)] => C:\Program Files (x86)\Vodafone\Sicherheitscenter\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-04-12] (Avast Software s.r.o.)

HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\7f1bc07d-cb5a-444c-ac9f-8070bd0a2add.exe [183232 2015-04-21] (AVAST Software)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\Run: [Steam] => "D:\Steam2\steam.exe" -silent

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\MountPoints2: {5c6a9973-ccc9-11e4-bf5a-08606e01042f} - "F:\HTC_Sync_Manager_PC.exe" 

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\MountPoints2: {c8446d1e-73c4-11e4-bf48-08606e01042f} - "F:\HTC_Sync_Manager_PC.exe" 

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\MountPoints2: {de316d3d-70ce-11e4-bf46-08606e01042f} - "F:\HTC_Sync_Manager_PC.exe" 

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-06-14]

ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-16]

ShortcutTarget: Dropbox.lnk -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-04-07]

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-12] (Avast Software s.r.o.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)

BHO: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2015-04-15] (F-Secure Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)

BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} ->  No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)

BHO-x32: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2015-04-15] (F-Secure Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844

FF Homepage: https://www.google.de/

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-10] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-139508608-1474498159-1540305936-1002: amazon.com/AmazonMP3DownloaderPlugin -> D:\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)

FF Plugin HKU\S-1-5-21-139508608-1474498159-1540305936-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-02-28] ()

FF Extension: YouTube Unblocker - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844\Extensions\youtubeunblocker@unblocker.yt [2015-04-12]

FF Extension: Adblock Plus Pop-up Addon - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844\Extensions\adblockpopups@jessehakanen.net.xpi [2015-04-12]

FF Extension: Adblock Plus - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-12]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-04-21]

FF HKLM-x32\...\Firefox\Extensions: [{97009068-f556-4ec1-8c38-9b28d77668b3}] - C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-12]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-01]

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-04-21] <==== ATTENTION (Points to *.cfg file)

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-04-21] <==== ATTENTION
 

Chrome: 

=======

CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"

CHR DefaultSearchKeyword: Default -> google

CHR DefaultSearchURL: Default -> https://www.google.de/search?q={searchTerms}?trackid=sp-006

CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?client=chrome&q={searchTerms}

CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (ajdnlgehefnmaiighnbaibekhdfhnipd) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajdnlgehefnmaiighnbaibekhdfhnipd [2015-04-12]

CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-25]

CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-25]

CHR Extension: (YouTube) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-25]

CHR Extension: (Google Search) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-25]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-12]

CHR Extension: (Google Wallet) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-20]

CHR Extension: (Gmail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-25]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-12]

CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/Vodafone/Sicherheitscenter/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-11-27]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-12] (Avast Software s.r.o.)

R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-04-12] (Avast Software)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)

R2 fshoster; C:\Program Files (x86)\Vodafone\Sicherheitscenter\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)

R3 FSMA; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2014-10-14] (F-Secure Corporation)

R2 FSORSPClient; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)

S3 Origin Client Service; D:\origin\OriginClientService.exe [1900400 2014-11-17] (Electronic Arts)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-12] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-12] (Avast Software s.r.o.)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-12] (Avast Software s.r.o.)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-12] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-12] (Avast Software s.r.o.)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-04-12] (Avast Software s.r.o.)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-12] (Avast Software s.r.o.)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-04-12] ()

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)

R3 F-Secure Gatekeeper; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-02-25] (F-Secure Corporation)

R1 F-Secure HIPS; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-04-14] (F-Secure Corporation)

R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-08-01] ()

R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42672 2013-07-12] ()

R3 fsni; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\fsni64.sys [90152 2015-04-15] (F-Secure Corporation)

R1 fsvista; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-21] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)

S3 mcdevice; C:\Windows\system32\DRIVERS\mcdevice.sys [334400 2011-05-19] (ShiningMorning Inc.)

R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-12] (Avast Software)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-21 19:09 - 2015-04-21 19:10 - 00025148 _____ () C:\Users\Felix\Downloads\FRST.txt

2015-04-21 19:09 - 2015-04-21 19:09 - 02099712 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe

2015-04-21 19:09 - 2015-04-21 19:09 - 00000000 ____D () C:\FRST

2015-04-21 17:43 - 2015-04-21 17:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-04-15 16:44 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-04-15 16:44 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-04-15 16:44 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll

2015-04-15 16:44 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-04-15 16:44 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll

2015-04-15 16:44 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll

2015-04-15 16:44 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll

2015-04-15 16:44 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll

2015-04-15 16:44 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe

2015-04-15 16:44 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe

2015-04-15 16:44 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll

2015-04-15 16:44 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll

2015-04-15 16:43 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-04-15 16:43 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2015-04-15 16:43 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2015-04-15 16:43 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2015-04-15 16:43 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2015-04-15 16:43 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2015-04-15 16:43 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll

2015-04-15 16:43 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2015-04-15 16:43 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2015-04-15 16:43 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-04-15 16:43 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2015-04-15 16:43 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2015-04-15 16:43 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2015-04-15 16:43 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2015-04-15 16:43 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2015-04-15 16:43 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2015-04-15 16:43 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2015-04-15 16:43 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2015-04-15 16:43 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2015-04-15 16:43 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2015-04-15 16:43 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2015-04-15 16:43 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-04-15 16:43 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-04-15 16:43 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-04-15 16:43 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-04-15 16:43 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-04-15 16:43 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-04-15 16:43 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-04-15 16:43 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-04-15 16:43 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-04-15 16:43 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-04-15 16:43 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-04-15 16:43 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2015-04-15 16:43 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-04-15 16:43 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-04-15 16:43 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2015-04-15 16:43 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-04-15 16:43 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-04-15 16:43 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-04-15 16:43 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-04-15 16:43 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll

2015-04-15 16:43 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-04-15 16:43 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-04-15 16:43 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-04-15 16:43 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-04-15 16:43 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-04-15 16:43 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-04-15 16:43 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2015-04-15 16:43 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll

2015-04-15 16:43 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll

2015-04-15 16:43 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2015-04-15 16:43 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll

2015-04-15 11:43 - 2015-04-21 18:19 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-04-15 11:43 - 2015-04-15 11:43 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-04-15 11:43 - 2015-04-15 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-04-15 11:43 - 2015-04-15 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-04-15 11:43 - 2015-04-15 11:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-04-15 11:43 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-04-15 11:43 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2015-04-15 11:43 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-04-15 11:41 - 2015-04-15 11:41 - 01203488 _____ () C:\Users\Felix\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

2015-04-12 18:29 - 2015-04-12 18:29 - 00291192 _____ () C:\WINDOWS\Minidump\041215-28937-01.dmp

2015-04-12 18:29 - 2015-04-12 18:29 - 00000000 ____D () C:\WINDOWS\Minidump

2015-04-12 16:32 - 2015-04-12 16:32 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\AVAST Software

2015-04-12 16:31 - 2015-04-12 16:34 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox

2015-04-12 16:31 - 2015-04-12 16:34 - 00000000 ____D () C:\WINDOWS\system32\vbox

2015-04-12 16:31 - 2015-04-12 16:31 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update

2015-04-12 16:31 - 2015-04-12 16:31 - 00001940 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk

2015-04-12 16:31 - 2015-04-12 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software

2015-04-12 16:31 - 2015-04-12 16:30 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00441728 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe

2015-04-12 16:31 - 2015-04-12 16:30 - 00268640 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys

2015-04-12 16:30 - 2015-04-12 16:30 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr

2015-04-12 16:24 - 2015-04-12 16:29 - 147571744 _____ (Avast Software s.r.o.) C:\Users\Felix\Downloads\avast_free_antivirus_setup.exe

2015-04-12 16:07 - 2015-04-21 17:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-04-12 16:07 - 2015-04-12 16:07 - 00001173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-04-12 16:07 - 2015-04-12 16:07 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-04-12 16:06 - 2015-04-12 16:06 - 00243656 _____ () C:\Users\Felix\Downloads\Firefox Setup Stub 37.0.1.exe

2015-04-12 15:37 - 2015-04-12 15:37 - 00000000 ____D () C:\Users\Felix\Desktop\Alte Firefox-Daten

2015-04-12 15:04 - 2015-04-12 15:47 - 00000000 ____D () C:\AdwCleaner

2015-04-12 15:03 - 2015-04-12 15:03 - 02217984 _____ () C:\Users\Felix\Downloads\adwcleaner_4.201.exe

2015-04-12 14:27 - 2015-04-12 14:27 - 00000004 _____ () C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-04-06 00:39 - 2015-04-06 00:39 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX

2015-04-06 00:39 - 2015-04-06 00:39 - 00000000 ___SD () C:\WINDOWS\system32\GWX

2015-04-04 12:08 - 2015-04-04 12:08 - 00000000 ____D () C:\Users\Felix\AppData\Local\Intel_Corporation

2015-04-01 11:54 - 2015-04-03 12:42 - 00000000 ____D () C:\Users\Felix\AppData\Local\Ori and the Blind Forest

2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Felix\AppData\Roaming\DbNXDy5Q4IKtT8LP

2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Felix\AppData\Roaming\hJzzSTN1rrrH5RhdAEej

2015-03-30 23:39 - 2015-04-10 15:15 - 00000000 ____D () C:\Users\Felix\Desktop\m7

2015-03-30 16:35 - 2015-03-30 16:35 - 00001323 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk

2015-03-30 16:35 - 2015-03-30 16:35 - 00000000 ____D () C:\WINDOWS\de

2015-03-30 16:34 - 2015-04-21 17:52 - 00005124 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for FELIX-Felix Felix

2015-03-30 16:34 - 2015-03-31 05:41 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-139508608-1474498159-1540305936-1002

2015-03-22 16:04 - 2014-10-31 06:50 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe

2015-03-22 16:04 - 2014-10-31 05:30 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2015-03-22 16:04 - 2014-10-31 05:23 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2015-03-22 16:04 - 2014-10-31 05:22 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll

2015-03-22 16:04 - 2014-10-31 05:18 - 04840960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2015-03-22 16:04 - 2014-10-31 05:09 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2015-03-22 16:04 - 2014-10-31 04:12 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-21 19:03 - 2014-10-29 15:46 - 01742593 _____ () C:\WINDOWS\WindowsUpdate.log

2015-04-21 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-04-21 18:38 - 2015-01-04 21:29 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-04-21 18:14 - 2014-06-20 09:54 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-04-21 17:41 - 2013-10-16 21:18 - 00000000 ___RD () C:\Users\Felix\Dropbox

2015-04-21 17:41 - 2013-10-16 21:13 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Dropbox

2015-04-21 17:41 - 2013-01-19 21:23 - 00000408 _____ () C:\Users\Felix\AppData\Roaming\sp_data.sys

2015-04-21 17:40 - 2014-10-29 16:22 - 00000000 ___RD () C:\Users\Felix\OneDrive

2015-04-21 17:40 - 2014-06-20 09:54 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-04-21 11:23 - 2014-12-01 14:08 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C69B8757-5BE9-4895-B358-6C05901986F7}

2015-04-20 14:56 - 2013-06-14 14:04 - 00005052 _____ () C:\Users\Felix\AppData\Roaming\wklnhst.dat

2015-04-19 19:47 - 2013-08-22 16:46 - 00366203 _____ () C:\WINDOWS\setupact.log

2015-04-19 19:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2015-04-19 15:11 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-04-19 15:08 - 2013-01-19 21:29 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-139508608-1474498159-1540305936-1002

2015-04-18 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2015-04-18 01:15 - 2014-06-20 09:59 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2015-04-17 10:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat

2015-04-15 23:08 - 2013-01-25 21:48 - 00114176 ___SH () C:\Users\Felix\Desktop\Thumbs.db

2015-04-15 22:45 - 2014-09-23 23:06 - 00084572 _____ () C:\WINDOWS\PFRO.log

2015-04-15 22:45 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-04-15 22:45 - 2012-10-23 17:49 - 00000000 ____D () C:\ProgramData\NVIDIA

2015-04-15 22:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2015-04-15 17:15 - 2013-07-23 12:51 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-04-15 17:12 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2015-04-15 17:11 - 2013-01-21 16:48 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-04-15 17:04 - 2014-12-10 01:10 - 00000000 ____D () C:\WINDOWS\system32\appraiser

2015-04-15 17:04 - 2014-09-24 09:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2015-04-15 16:42 - 2014-11-12 08:51 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll

2015-04-15 11:39 - 2015-01-04 21:29 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2015-04-14 01:24 - 2014-11-02 13:01 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-04-14 01:24 - 2014-11-02 13:01 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-12 21:24 - 2014-10-29 15:52 - 00000000 ____D () C:\Users\Felix

2015-04-12 18:29 - 2013-05-16 11:08 - 931867784 _____ () C:\WINDOWS\MEMORY.DMP

2015-04-12 16:29 - 2013-01-25 15:03 - 00000000 ____D () C:\ProgramData\AVAST Software

2015-04-12 15:59 - 2013-08-22 16:44 - 00514064 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-04-12 15:56 - 2013-11-11 10:01 - 00000000 ____D () C:\Program Files (x86)\eRightSoft

2015-04-09 11:42 - 2013-10-16 21:18 - 00001068 _____ () C:\Users\Felix\Desktop\Dropbox.lnk

2015-04-09 11:42 - 2013-10-16 21:16 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-04-07 13:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2015-04-04 11:42 - 2013-01-20 20:27 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Skype

2015-04-02 12:46 - 2014-09-24 08:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-04-02 12:46 - 2014-09-24 07:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2015-04-02 12:46 - 2014-09-24 07:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2015-04-01 15:46 - 2013-03-12 13:32 - 00000000 ____D () C:\Users\Felix\Desktop\Games

2015-03-30 17:41 - 2014-07-17 21:07 - 00000000 ____D () C:\ProgramData\StaxRip

2015-03-30 16:35 - 2013-04-18 17:31 - 00001392 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk

2015-03-30 16:34 - 2013-04-18 17:30 - 00000000 ____D () C:\Program Files (x86)\Windows Live

2015-03-30 16:34 - 2013-02-16 14:17 - 00560057 _____ () C:\WINDOWS\DirectX.log

2015-03-30 11:23 - 2013-08-22 17:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera

2015-03-30 11:15 - 2014-09-24 08:00 - 00000000 ____D () C:\Program Files\Windows Journal

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sppui

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System

2015-03-30 11:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe

2015-03-30 11:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism

2015-03-30 11:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sppui

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Com

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME

2015-03-30 11:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep

2015-03-30 11:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe

2015-03-30 11:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism

2015-03-30 11:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices

2015-03-30 11:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer

2015-03-30 11:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform

2015-03-30 11:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell

2015-03-26 13:01 - 2013-09-13 10:57 - 00000000 ____D () C:\Users\Felix\Desktop\Dokumente

2015-03-22 21:04 - 2013-08-22 17:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll

2015-03-22 21:03 - 2013-08-22 17:36 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
 

==================== Files in the root of some directories =======
 

2014-07-17 12:52 - 2014-07-17 12:52 - 0000000 ___RH () C:\Users\Felix\AppData\Roaming\54126a93f534ad925e773cb8bd280ec62

2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Felix\AppData\Roaming\DbNXDy5Q4IKtT8LP

2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Felix\AppData\Roaming\hJzzSTN1rrrH5RhdAEej

2013-03-12 12:13 - 2013-03-16 14:01 - 0004104 _____ () C:\Users\Felix\AppData\Roaming\MassLaunch.log.txt

2013-01-19 21:23 - 2015-04-21 17:41 - 0000408 _____ () C:\Users\Felix\AppData\Roaming\sp_data.sys

2013-06-14 14:04 - 2015-04-20 14:56 - 0005052 _____ () C:\Users\Felix\AppData\Roaming\wklnhst.dat

2013-06-19 16:19 - 2013-12-11 10:47 - 0005632 _____ () C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-01-21 16:25 - 2015-02-19 20:56 - 0007606 _____ () C:\Users\Felix\AppData\Local\resmon.resmoncfg

2014-12-05 15:56 - 2014-12-05 15:56 - 0000057 _____ () C:\ProgramData\Ament.ini

2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd

2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
 

Files to move or delete:

====================

C:\ProgramData\SetStretch.exe
 
 

Some content of TEMP:

====================

C:\Users\Felix\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphh8rvq.dll

C:\Users\Felix\AppData\Local\Temp\DseShExt-x64.dll

C:\Users\Felix\AppData\Local\Temp\DseShExt-x86.dll

C:\Users\Felix\AppData\Local\Temp\FreeYouTubeDownload.exe

C:\Users\Felix\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\Felix\AppData\Local\Temp\Quarantine.exe

C:\Users\Felix\AppData\Local\Temp\SDShelEx-win32.dll

C:\Users\Felix\AppData\Local\Temp\SDShelEx-x64.dll

C:\Users\Felix\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Felix\AppData\Local\Temp\sqlite3.dll

C:\Users\Felix\AppData\Local\Temp\TUUUninstallHelper.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-04-16 06:41
 

==================== End Of Log ============================

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015

Ran by Felix at 2015-04-21 19:10:39

Running from C:\Users\Felix\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: PC Protection (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: PC Protection (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)

Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)

Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)

ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)

ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)

ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.5 - ASUS)

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)

ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)

ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)

ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)

ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)

ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)

ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden

AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)

Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)

Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)

BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)

BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)

Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)

Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.4.24 - Canon Inc.)

Computer Security 14.106.103.0 (release) (x32 Version: 14.106.103.0 - F-Secure Corporation) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)

Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)

Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)

Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)

Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts Inc.)

Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)

Die*Sims™*3 Erstelle einen Sim (HKLM-x32\...\{89173B88-384A-459B-B687-9C0BBC934EF4}) (Version: 1.0.26 - Electronic Arts)

Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)

Dropbox (HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)

Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)

Free WAV to MP3 Converter (HKLM-x32\...\{AE710981-9CAE-463F-817F-48F7BB6F93CF}_is1) (Version:  - Polaris-Software.com)

Free YouTube Download version 3.2.49.1122 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1122 - DVDVideoSoft Ltd.)

F-Secure CCF Reputation (x32 Version: 1.1.25.2280 - F-Secure) Hidden

F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden

F-Secure Network CCF 1.02.136 (x32 Version: 1.02.136 - F-Secure Corporation) Hidden

F-Secure SafeSearch 1.03.146.0 (release) (x32 Version: 1.03.146.0 - F-Secure Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)

HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{7A564D11-817E-48B1-9830-91420BF6E339}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

HP ENVY 4500 series Hilfe (HKLM-x32\...\{6767CCD2-B939-4542-BF08-015B5496D4EC}) (Version: 30.0.0 - Hewlett Packard)

HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden

ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)

Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.710 - Oracle)

Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)

MAGIX Analogue Modelling Suite Plus (HKLM\...\MX.{F485F2FE-1D3D-4F6D-AD4E-13FA5FB22A88}) (Version: 1.0.0.0 - MAGIX AG)

MAGIX Analogue Modelling Suite Plus (Version: 1.0.0.0 - MAGIX AG) Hidden

MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)

MAGIX essentialFX Suite (HKLM\...\MX.{CB7B17F4-3833-4699-890B-52C5D0AB926D}) (Version: 1.0.0.0 - MAGIX AG)

MAGIX essentialFX Suite (Version: 1.0.0.0 - MAGIX AG) Hidden

MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{FDE61439-B858-4FDF-B395-445421E2292B}) (Version: 7.0.2.6 - MAGIX AG)

MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden

MAGIX Vandal VST-PlugIn (HKLM\...\MX.{24F96DED-7B99-49C4-B877-CDCDC37762FA}) (Version: 1.0.0.0 - MAGIX AG)

MAGIX Vandal VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden

MAGIX VariVerb II VST-PlugIn (HKLM\...\MX.{7A97538C-6D3F-4BB5-B2A1-D0ECFB199A4C}) (Version: 1.0.0.0 - MAGIX AG)

MAGIX VariVerb II VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden

Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)

Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)

Mass Effect™ 2 (HKLM-x32\...\{E19B628D-A9BC-4519-B1D4-4C8C09074F7F}) (Version: 1.2.1604.0 - Electronic Arts)

Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)

Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version:  - Rockstar Studios)

Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Word 2002 (HKLM-x32\...\{911B0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{5B680750-760B-49E4-81E7-21B2B337F9F7}) (Version: 07.03.0512 - Microsoft Corporation)

Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)

Microsoft Works Suite-Add-Ins für Microsoft Word (HKLM-x32\...\{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}) (Version: 7.0.0.0000 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Nether (HKLM-x32\...\Steam App 247730) (Version:  - Phosphor Games)

NVIDIA 3D Vision Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)

NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)

NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden

Online Safety 2.107.2565.1702 (x32 Version: 2.107.2565.1702 - F-Secure Corporation) Hidden

OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)

Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - )

Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version:  - Moon Studios GmbH)

Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)

Pixel Heroes: Byte & Magic (HKLM-x32\...\Steam App 338320) (Version:  - The Bitfather)

Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)

Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)

Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6716 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)

Samplitude Music Studio 2014 (HKLM-x32\...\MX.{69593E7A-0B0E-414E-BEA2-CE1563AF3278}) (Version: 20.0.0.10 - MAGIX AG)

Samplitude Music Studio 2014 (Version: 20.0.0.10 - MAGIX AG) Hidden

Samplitude Music Studio 2014 Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden

Samplitude Music Studio 2014 Update (Version: 20.0.2.28 - MAGIX AG) Hidden

Setup-Start von Microsoft Works 2004 (HKLM-x32\...\Works2004Setup) (Version:  - )

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

SONAR X1 LE (HKLM-x32\...\SONARX1LE_is1) (Version: 18.0 - Cakewalk Music Software)

Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Studie zur Verbesserung von HP ENVY 4500 series (HKLM\...\{36E08FE6-D9FF-44EE-8AD3-EC723390DE00}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)

The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)

The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )

TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version:  - Nadeo)

Transposer v.3.0 (HKLM-x32\...\transposer_is1) (Version:  - )

Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - )

TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Vita 2 (Version: 1.0.0.0 - MAGIX AG) Hidden

Vita 2 Zusatzcontent (Version: 1.0.0.0 - MAGIX AG) Hidden

Vita Electric Piano (Version: 1.0.0.0 - MAGIX AG) Hidden

Vita Electric Piano Update (Version: 1.0.2.0 - MAGIX AG) Hidden

Vita Pop Brass (Version: 1.0.0.0 - MAGIX AG) Hidden

Vita Power Guitar (Version: 1.0.0.0 - MAGIX AG) Hidden

Vita Vintage Organ (Version: 1.0.0.0 - MAGIX AG) Hidden

Vita Vintage Organ Update (Version: 1.0.1.0 - MAGIX AG) Hidden

VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)

Vodafone Sicherheitscenter (HKLM-x32\...\F-Secure ServiceEnabler 46271) (Version: 2.06.303.0 - F-Secure Corporation)

Vodafone Sicherheitscenter (x32 Version: 2.06.303.0 - F-Secure Corporation) Hidden

VSDC Free Video Editor Version 2.1.6.133 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 2.1.6.133 - Flash-Integro LLC)

Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)

WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windows-Treiberpaket - ASUS (ATP) Mouse  (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)

WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Felix\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-139508608-1474498159-1540305936-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 

==================== Restore Points  =========================
 

02-04-2015 05:30:39 Windows Update

06-04-2015 00:37:03 Windows Update

09-04-2015 12:10:55 Windows Update

12-04-2015 14:52:06 Windows Update

15-04-2015 17:03:20 Windows Update

19-04-2015 15:08:38 Windows Update
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {0D446493-87E8-46B7-BF84-DC8915380FDD} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)

Task: {174CAF75-B275-4AD0-B123-D8DD4FE9B23E} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)

Task: {1945363E-6A58-4B0C-AAAA-9A23E694AFED} - System32\Tasks\Microsoft Office 15 Sync Maintenance for FELIX-Felix Felix => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)

Task: {2B80BB10-B941-4C63-916B-7BBBA47CFE82} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe

Task: {30E2338A-FFF4-4B9C-A3CF-D43F409D8E3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {360A742D-3EE8-4D0B-AD12-230542699D64} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-20] (Google Inc.)

Task: {3854B76D-8776-4542-AD19-4456868D53F6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)

Task: {3B4B2EE7-8C29-4364-92CC-5E2913401B99} - System32\Tasks\{CCE6D920-6E94-4AFF-9AFC-64D52876E94C} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?LastError=1603

Task: {49751647-A471-49C2-9138-677B1AD7FC12} - \kong_games_updating_service No Task File <==== ATTENTION

Task: {5268E230-27D6-417E-A0E6-0C535EFAB1C4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)

Task: {5947CD3E-EC12-4D89-8207-E3F03C0F37ED} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)

Task: {5AEC1B9C-FB72-4434-90CC-DAFF543DA39B} - System32\Tasks\{DA8208A1-073E-4BF6-AB04-9DD9F94D0357} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?LastError=1603

Task: {6B7810BD-FA4A-4422-AFF5-B6261448BA49} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)

Task: {6F8F7597-D444-4BF6-8012-2FCE47CD07DD} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)

Task: {7237EF24-22E0-4653-BDF6-36415A03AC34} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)

Task: {7451C965-51B3-4378-8E3A-3A50D3B8D49D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)

Task: {8189B3C1-7FA2-4132-B1EF-8EB1928D8705} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)

Task: {8996F3D6-00F6-43D0-803D-2DC4E6323F35} - \kong_games_notification_service No Task File <==== ATTENTION

Task: {93DAAFFC-6BA3-4D2E-AF01-F55285CD3590} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe

Task: {9A3090CA-B55B-43C0-925A-90AA70446BA1} - System32\Tasks\{6955BC78-185C-44AC-A1AD-84C6A3CE46E0} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?LastError=1603

Task: {A50D0F8F-E53C-48EE-B49C-CD4C1877A723} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()

Task: {B11D8D73-D7F7-42E3-80A7-BD3A92679D33} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-139508608-1474498159-1540305936-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe

Task: {B3C07DD4-1F45-4778-9F72-570105D2F12B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)

Task: {C05A669B-F108-459F-A246-ED157ABBF5AA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)

Task: {C2BABF44-E59F-4CC0-91BA-7CBD0F29BAFC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-12] (Avast Software s.r.o.)

Task: {C3EBDDFF-A8EF-4463-A018-9633B47D115A} - System32\Tasks\{AE949A6A-1358-4D94-A6F8-B9DC970C1119} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?LastError=1603

Task: {CE13DD3F-56B1-4995-AB9C-7959777AA974} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)

Task: {D2E1C1B0-11B7-4072-9EFB-733180F85356} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)

Task: {D3C42951-B4ED-4588-93D6-0799353F9776} - System32\Tasks\{8BBD33BD-3F84-4D37-974F-0E468295C72B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?LastError=1603

Task: {D65EC1E8-0A52-42AE-933A-0717E9A1AEFA} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)

Task: {E1F21554-660D-4305-8840-9FA1DF3FCAAA} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {E3B998CE-CA68-400C-9EA6-206D24AD4949} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)

Task: {FE692F62-FB49-40C7-8ABA-8FB1BA5CCE66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-20] (Google Inc.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) ==============
 

2014-03-15 17:35 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2013-12-10 09:13 - 2013-12-10 09:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-10-29 15:46 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll

2013-10-01 14:02 - 2013-10-01 14:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2015-04-12 16:30 - 2015-04-12 16:30 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll

2015-04-12 16:30 - 2015-04-12 16:30 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2015-04-15 20:16 - 2015-04-15 20:16 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041501\algo.dll

2015-04-21 12:00 - 2015-04-21 12:00 - 02926080 _____ () C:\Program Files\AVAST Software\Avast\defs\15042101\algo.dll

2013-07-12 11:44 - 2014-10-14 17:33 - 00045608 _____ () C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng

2014-02-19 13:56 - 2014-02-19 13:56 - 00220200 _____ () C:\Program Files (x86)\Vodafone\Sicherheitscenter\daas2.dll

2013-07-12 12:42 - 2013-07-12 12:42 - 00030888 _____ () C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll

2013-07-12 11:45 - 2015-04-14 10:37 - 00175144 _____ () C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Gemini\fsgem.dll

2013-07-12 11:45 - 2014-12-09 13:30 - 00212008 _____ () C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Spam Control\fsas.dll

2013-07-12 11:44 - 2015-02-25 11:09 - 00949288 _____ () C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\fm4av.dll

2012-10-23 17:45 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

2013-12-10 09:13 - 2013-12-10 09:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2015-04-21 17:41 - 2015-04-21 17:41 - 00043008 _____ () c:\users\felix\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphh8rvq.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Felix\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Felix\AppData\Roaming\Dropbox\bin\libEGL.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Felix\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Felix\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

2013-07-12 11:44 - 2014-10-14 17:33 - 00056360 _____ () C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\FSGUI\fsavures.eng

2014-10-29 16:00 - 2014-10-29 16:00 - 00592936 _____ () C:\WINDOWS\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll

2015-04-12 16:30 - 2015-04-12 16:30 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2015-04-12 16:30 - 2015-04-12 16:30 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll

2015-04-12 16:30 - 2015-04-12 16:30 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Users\Felix\OneDrive:ms-properties
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) ===============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== Internet Explorer trusted/restricted ===============
 

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Felix\Desktop\digital-art-dreams-mountains-science-2524592-1920x1080.jpg

DNS Servers: 192.168.2.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 

HKLM\...\StartupApproved\Run32: => "IminentMessenger"

HKLM\...\StartupApproved\Run32: => "Iminent"

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\StartupApproved\Run: => "Yontoo Desktop"

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\StartupApproved\Run: => "Steam"
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-139508608-1474498159-1540305936-500 - Administrator - Disabled)

Felix (S-1-5-21-139508608-1474498159-1540305936-1002 - Administrator - Enabled) => C:\Users\Felix

Gast (S-1-5-21-139508608-1474498159-1540305936-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-139508608-1474498159-1540305936-1014 - Limited - Enabled)

UpdatusUser (S-1-5-21-139508608-1474498159-1540305936-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (04/21/2015 06:46:30 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 9  2015-04-21  18:46:30+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp55421615.tmp
 

Error: (04/21/2015 05:43:40 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 8  2015-04-21  17:43:40+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp181318410.tmp
 

Error: (04/21/2015 11:57:15 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 7  2015-04-21  11:57:15+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp205928098.tmp
 

Error: (04/21/2015 11:57:09 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 6  2015-04-21  11:57:09+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp149262069.tmp
 

Error: (04/21/2015 11:57:00 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 5  2015-04-21  11:57:00+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp255547054.tmp
 

Error: (04/21/2015 11:56:59 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 4  2015-04-21  11:56:59+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp13999452.tmp
 

Error: (04/21/2015 11:56:59 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 3  2015-04-21  11:56:59+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp234023064.tmp
 

Error: (04/21/2015 11:56:59 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 2  2015-04-21  11:56:59+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Scanning of \DEVICE\HARDDISKVOLUME4\WINDOWS\TEMP\_AVAST_\UNP23993199.TMP was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).
 

Error: (04/21/2015 11:56:59 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 1  2015-04-21  11:56:58+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Scanning of \DEVICE\HARDDISKVOLUME4\WINDOWS\TEMP\_AVAST_\UNP26904955.TMP was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).
 

Error: (04/21/2015 11:29:14 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073422302
 
 

System errors:

=============

Error: (04/21/2015 11:31:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070003 fehlgeschlagen: Canon - Printers - Canon MP540 series Printer
 

Error: (04/21/2015 11:23:51 AM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "JULE-PC",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FC9BA84-67C6-4A1B-B464-B80A7C0C8028}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 

Error: (04/20/2015 01:13:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070003 fehlgeschlagen: Canon - Printers - Canon MP540 series Printer
 

Error: (04/20/2015 00:43:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070003 fehlgeschlagen: Canon - Printers - Canon MP540 series Printer
 

Error: (04/20/2015 00:01:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070003 fehlgeschlagen: Canon - Printers - Canon MP540 series Printer
 

Error: (04/19/2015 09:23:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070003 fehlgeschlagen: Canon - Printers - Canon MP540 series Printer
 

Error: (04/19/2015 08:24:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070003 fehlgeschlagen: Canon - Printers - Canon MP540 series Printer
 

Error: (04/19/2015 07:21:36 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)

Description: In der Dateisystemstruktur auf Volume "OS" wurde eine Beschädigung erkannt.
 

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".
 

Error: (04/19/2015 07:20:18 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)

Description: 0x8000002a171\??\Volume{6e182189-b0e3-479a-ac74-8e69452d7c66}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{9870119E-F25C-48FF-A127-B2092DBD4F48}
 

Error: (04/19/2015 07:20:10 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)

Description: 0x8000002a78\??\GLOBALROOT\Device\HarddiskVolumeShadowCopy8\WINDOWS\system32\config\SYSTEM
 
 

Microsoft Office Sessions:

=========================

Error: (04/21/2015 06:46:30 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 9  2015-04-21  18:46:30+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp55421615.tmp
 

Error: (04/21/2015 05:43:40 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 8  2015-04-21  17:43:40+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp181318410.tmp
 

Error: (04/21/2015 11:57:15 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 7  2015-04-21  11:57:15+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp205928098.tmp
 

Error: (04/21/2015 11:57:09 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 6  2015-04-21  11:57:09+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp149262069.tmp
 

Error: (04/21/2015 11:57:00 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 5  2015-04-21  11:57:00+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp255547054.tmp
 

Error: (04/21/2015 11:56:59 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 4  2015-04-21  11:56:59+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp13999452.tmp
 

Error: (04/21/2015 11:56:59 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 3  2015-04-21  11:56:59+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Spyware detected: 

 Type: adware 

 Family:  

 Name: Adware.JS.Agent 

 Object: C:\Windows\Temp\_avast_\unp234023064.tmp
 

Error: (04/21/2015 11:56:59 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 2  2015-04-21  11:56:59+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Scanning of \DEVICE\HARDDISKVOLUME4\WINDOWS\TEMP\_AVAST_\UNP23993199.TMP was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).
 

Error: (04/21/2015 11:56:59 AM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 1  2015-04-21  11:56:58+02:00  FELIX  FELIX\Felix  F-Secure Anti-Virus

 Scanning of \DEVICE\HARDDISKVOLUME4\WINDOWS\TEMP\_AVAST_\UNP26904955.TMP was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).
 

Error: (04/21/2015 11:29:14 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073422302
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz

Percentage of memory in use: 37%

Total physical RAM: 8077.48 MB

Available physical RAM: 5060.69 MB

Total Pagefile: 16269.48 MB

Available Pagefile: 12642.99 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB
 

==================== Drives ================================
 

Drive c: (OS) (Fixed) (Total:372.17 GB) (Free:136.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (DATA) (Fixed) (Total:537.89 GB) (Free:263.76 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: B19F8D36)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

_____

Danke für die schnelle Antwort!

Code:

# AdwCleaner v4.201 - Bericht erstellt 22/04/2015 um 17:56:05

# Aktualisiert 08/04/2015 von Xplode

# Datenbank : 2015-04-21.3 [Server]

# Betriebssystem : Windows 8.1  (x64)

# Benutzername : Felix - FELIX

# Gestarted von : C:\Users\Felix\Downloads\adwcleaner_4.201.exe

# Option : Suchlauf
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 
 

***** [ Geplante Tasks ] *****
 

Task Gefunden : kong_games_notification_service

Task Gefunden : kong_games_updating_service
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gefunden : HKCU\Software\OCS

Schlüssel Gefunden : [x64] HKCU\Software\OCS
 

***** [ Internetbrowser ] *****
 

-\\ Internet Explorer v11.0.9600.17416
 
 

-\\ Mozilla Firefox v37.0.2 (x86 de)
 
 

-\\ Google Chrome v42.0.2311.90
 

[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo2&babsrc=SP_ss&mntrId=42411E85DE79BA30

[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Extension] : booedmolknjekdopkepjjeckmjkdpfgl

[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Extension] : flpcjncodpafbgdpnkljologafpionhb

[C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Default_Search_Provider_Data] : hxxps://www.google.de/search?q={searchTerms}?trackid=sp-006",

         "usage_count": 0

      }

   },

   "extensions": {

      "known_disabled": null,

      "settings": {

         "ahfgeienlihckogmohjhadlkjgocpleb": {

            "active_permissions": {

               "api": [ "management", "system.display", "system.storage", "webstorePrivate", "system.cpu", "system.memory", "system.network" ],

               "manifest_permissions": [  ]

            },

            "app_launcher_ordinal": "t",

            "content_settings": [  ],

            "creation_flags": 1,

            "events": [  ],

            "from_bookmark": false,

            "from_webstore": false,

            "incognito_content_settings": [  ],

            "incognito_preferences": {
 

            },

            "install_time": "13047724783692605",

            "location": 5,

            "manifest": {

               "app": {

                  "launch": {

                     "web_url": "hxxps://chrome.google.com/webstore"

                  },

                  "urls": [ "hxxps://chrome.google.com/webstore" ]

               },

               "description": "Chrome Web Store",

               "icons": {

                  "128": "webstore_icon_128.png",

                  "16": "webstore_icon_16.png"

               },

               "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB",

               "name": "Store",

               "permissions": [ "webstorePrivate", "management" ],

               "version": "0.2"

            },

            "page_ordinal": "n",

            "path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\web_store",

            "preferences": {
 

            },

            "regular_only_preferences": {
 

            },

            "was_installed_by_default": false,

            "was_installed_by_oem": false

         },

         "ajdnlgehefnmaiighnbaibekhdfhnipd": {

            "active_permissions": {

               "api": [ "tabs", "webNavigation", "webRequest", "webRequestBlocking" ],

               "explicit_host": [ "hxxp://*/*", "hxxps://*/*" ],

               "manifest_permissions": [  ]

            },

            "creation_flags": 9,

            "events": [  ],

            "from_webstore": true,

            "granted_permissions": {

               "api": [ "tabs", "webNavigation", "webRequest", "webRequestBlocking", "webRequestInternal" ],

               "explicit_host": [ "hxxp://*/*", "hxxps://*/*" ],

               "scriptable_host": [ "hxxp://*/*", "hxxps://*/*" ]

            },

            "install_time": "13073320642900563",

            "lastpingday": "13073295608495601",

            "location": 1,

            "manifest": {

               "background": {

                  "scripts": [ "background.js" ]

               },

               "description": "ajdnlgehefnmaiighnbaibekhdfhnipd",

               "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC257s4IqD1GV7WZSXcBfBnlzCJbnqg/s0j08v3MrWKCA23msKYJiLVYdgISkgnA9i33F5RmfjHuFL+i9LPIiOLWM/0vZCwt9eVDRud/CeL71bQ+97HcR4xKtdCv/MgGOWd2ekzd183I5WXFMa7X3Asgzd+6fTsM/z9WAXnCdhbyQIDAQAB",

               "manifest_version": 2,

               "name": "ajdnlgehefnmaiighnbaibekhdfhnipd",

               "permissions": [ "hxxp://*/*", "hxxps://*/*", "tabs", "webNavigation", "webRequest", "webRequestBlocking" ],

               "update_url": "hxxps://clients2.google.com/service/update2/crx",

               "version": "13712.16.4"

            },

            "path": "ajdnlgehefnmaiighnbaibekhdfhnipd\\13712.16.4_0",

            "state": 1

         },

         "aohghmighlieiainnegkcijnfilokake": {

            "ack_external": true,

            "active_permissions": {

               "api": [  ],

               "manifest_permissions": [  ]

            },

            "app_launcher_ordinal": "w",

            "commands": {
 

            },

            "content_settings": [  ],

            "creation_flags": 137,

            "events": [  ],

            "from_bookmark": false,

            "from_webstore": true,

            "granted_permissions": {

               "api": [  ],

               "manifest_permissions": [  ]

            },

            "incognito_content_settings": [  ],

            "incognito_preferences": {
 

            },

            "initial_keybindings_set": true,

            "install_time": "13073320651974211",

            "lastpingday": "13073295608495601",

            "location": 1,

            "manifest": {

               "api_console_project_id": "619683526622",

               "app": {

                  "launch": {

                     "local_path": "main.html"

                  }

               },

               "container": "GOOGLE_DRIVE",

               "current_locale": "de",

               "default_locale": "en_US",

               "description": "Dokumente erstellen und bearbeiten",

               "icons": {

                  "128": "icon_128.png",

                  "16": "icon_16.png"

               },

               "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJhLK6fk/BWTEvJhywpk7jDe4A2r0bGXGOLZW4/AdBp3IiD9o9nx4YjLAtv0tIPxi7MvFd/GUUbQBwHT5wQWONJj1z/0Rc2qBkiJA0yqXh42p0snuA8dCfdlhOLsp7/XTMEwAVasjV5hC4awl78eKfJYlZ+8fM/UldLWJ/51iBQwIDAQAB",

               "manifest_version": 2,

               "name": "Google Docs",

               "offline_enabled": true,

               "update_url": "hxxps://clients2.google.com/service/update2/crx",

               "version": "0.9"

            },

            "page_ordinal": "n",

            "path": "aohghmighlieiainnegkcijnfilokake\\0.9_0",

            "preferences": {
 

            },

            "regular_only_preferences": {
 

            },

            "state": 1,

            "was_installed_by_default": true,

            "was_installed_by_oem": false

         },

         "apdfllckaahabafndbhieahigkjlhalf": {

            "ack_external": true,

            "active_permissions": {

               "api": [ "background", "clipboardRead", "clipboardWrite", "notifications", "unlimitedStorage" ],

               "manifest_permissions": [  ]

            },

            "app_launcher_ordinal": "y",

            "commands": {
 

            },

            "content_settings": [  ],

            "creation_flags": 137,

            "events": [  ],

            "from_bookmark": false,

            "from_webstore": true,

            "granted_permissions": {

               "api": [ "background", "clipboardRead", "clipboardWrite", "notifications", "unlimitedStorage" ],

               "manifest_permissions": [  ]

            },

            "incognito_content_settings": [  ],

            "incognito_preferences": {
 

            },

            "install_time": "13073320652852123",

            "lastpingday": "13073295608495601",

            "location": 1,

            "manifest": {

               "app": {

                  "launch": {

                     "web_url": "hxxps://drive.google.com/?usp=chrome_app"

                  },

                  "urls": [ "hxxp://docs.google.com/", "hxxp://drive.google.com/", "hxxps://docs.google.com/", "hxxps://drive.google.com/" ]

               },

               "background": {

                  "allow_js_access": false

               },

               "current_locale": "de",

               "default_locale": "en_US",

               "description": "Google Drive: Alle Inhalte an einem Ort erstellen, teilen und speichern.",

               "icons": {

                  "128": "128.png"

               },

               "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB",

               "manifest_version": 2,

               "name": "Google Drive",

               "offline_enabled": true,

               "options_page": "hxxps://drive.google.com/settings",

               "permissions": [ "background", "clipboardRead", "clipboardWrite", "notifications", "unlimitedStorage" ],

               "update_url": "hxxps://clients2.google.com/service/update2/crx",

               "version": "6.4"

            },

            "page_ordinal": "n",

            "path": "apdfllckaahabafndbhieahigkjlhalf\\6.4_0",

            "preferences": {
 

            },

            "regular_only_preferences": {
 

            },

            "state": 1,

            "was_installed_by_default": true,

            "was_installed_by_oem": false

         },

         "bepbmhgboaologfdajaanbcjmnhjmhfn": {

            "disable_reasons": 1,

            "state": 0

         },

         "blpcfgokakmgnkcojhhkbfbldkacnbeo": {

            "ack_external": true,

            "active_permissions": {

               "api": [  ],

               "manifest_permissions": [  ]

            },

            "app_launcher_ordinal": "yn",

            "commands": {
 

            },

            "content_settings": [  ],

            "creation_flags": 153,

            "events": [  ],

            "from_bookmark": true,

            "from_webstore": true,

            "granted_permissions": {

               "api": [  ],

               "manifest_permissions": [  ]

            },

            "incognito_content_settings": [  ],

            "incognito_preferences": {
 

            },

            "install_time": "13073320651501919",

            "lastpingday": "13073295608495601",

            "location": 1,

            "manifest": {

               "app": {

                  "launch": {

                     "container": "tab",

                     "web_url": "hxxp://www.youtube.com/?feature=ytca"

                  },

                  "web_content": {

                     "enabled": true,

                     "origin": "hxxp://www.youtube.com"

                  }

               },

               "current_locale": "de",

               "default_locale": "en",

               "description": "Die beliebteste Online-Video-Community der Welt",

               "icons": {

                  "128": "128.png"

               },

               "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB",

               "manifest_version": 2,

               "name": "YouTube",

               "update_url": "hxxp://clients2.google.com/service/update2/crx",

               "version": "4.2.7"

            },

            "page_ordinal": "n",

            "path": "blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0",

            "preferences": {
 

            },

            "regular_only_preferences": {
 

            },

            "state": 1,

            "was_installed_by_default": true,

            "was_installed_by_oem": false

         },

         "booedmolknjekdopkepjjeckmjkdpfgl": {

            "active_permissions": {

               "api": [ "tabs", "webNavigation", "webRequest", "webRequestBlocking" ],

               "explicit_host": [ "chrome://newtab/*", "chrome://settings-frame/*", "hxxp://*/*", "hxxps://*/*" ],

               "manifest_permissions": [  ],

               "scriptable_host": [ "chrome://settings-frame/*" ]

            },

            "content_settings": [  ],

            "creation_flags": 1,

            "events": [  ],

            "from_bookmark": false,

            "from_webstore": false,

            "incognito_content_settings": [  ],

            "incognito_preferences": {
 

            },

            "initial_keybindings_set": true,

            "install_time": "13051051267998485",

            "location": 5,

            "manifest": {

               "background": {

                  "persistent": true,

                  "scripts": [ "bk.js" ]

               },

               "content_scripts": [ {

                  "js": [ "cs.js" ],

                  "matches": [ "chrome://settings-frame/*" ]

               } ],

               "content_security_policy": "default-src 'self'; script-src chrome://resources 'self' chrome://settings-frame 'unsafe-eval'; frame-src 'self' chrome://settings-frame; style-src 'self' 'unsafe-inline';object-src 'self';",

               "description": "Extutil",

               "incognito": "spanning",

               "key": "MIAfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+ea9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB",

               "manifest_version": 2,

               "name": "Extutil",

               "permissions": [ "chrome://newtab/", "tabs", "webNavigation", "webRequest", "webRequestBlocking", "hxxp://*/*", "hxxps://*/*", "chrome://settings-frame/" ],

               "version": "0.1"

            },

            "path": "C:\\Users\\Felix\\AppData\\Local\\Temp\\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B",

            "preferences": {
 

            },

            "regular_only_preferences": {
 

            },

            "was_installed_by_default": false,

            "was_installed_by_oem": false

         },

         "coobgpohoikkiipiblmjeljniedjpjpf": {

            "ack_external": true,

            "active_permissions": {

               "api": [  ],

               "manifest_permissions": [  ]

            },

            "app_launcher_ordinal": "z",

            "commands": {
 

            },

            "content_settings": [  ],

            "creation_flags": 153,

            "events": [  ],

            "from_bookmark": true,

            "from_webstore": true,

            "granted_permissions": {

               "api": [  ],

               "manifest_permissions": [  ]

            },

            "incognito_content_settings": [  ],

            "incognito_preferences": {
 

            },

            "install_time": "13073320652403979",

            "lastpingday": "13073295608495601",

            "location": 1,

            "manifest": {

               "app": {

                  "launch": {

                     "web_url": "hxxp://www.google.com/webhp?source=search_app"

                  },

                  "urls": [ "*://www.google.com/search", "*://www.google.com/webhp", "*://www.google.com/imgres" ]

               },

               "current_locale": "de",

               "default_locale": "en",

               "description": "Die schnellste Suche im Web.",

               "icons": {

                  "128": "128.png",

                  "16": "16.png",

                  "32": "32.png",

                  "48": "48.png"

               },

               "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB",

               "manifest_version": 2,

               "name": "Google-Suche",

               "permissions": [  ],

               "update_url": "hxxp://clients2.google.com/service/update2/crx",

               "version": "0.0.0.30"

            },

            "page_ordinal": "n",

            "path": "coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.30_0",

            "preferences": {
 

            },

            "regular_only_preferences": {
 

            },

            "state": 1,

            "was_installed_by_default": true,

            "was_installed_by_oem": false

         },

         "eemcgdkfndhakfknompkggombfjjjeno": {

            "active_permissions": {

               "api": [ "bookmarks", "bookmarkManagerPrivate", "metricsPrivate", "systemPrivate", "tabs" ],

               "explicit_host": [ "chrome://favicon/*", "chrome://resources/*" ],

               "manifest_permissions": [  ]

            },

            "content_settings": [  ],

            "creation_flags": 1,

            "events": [  ],

            "from_bookmark": false,

            "from_webstore": false,

            "incognito_content_settings": [  ],

            "incognito_preferences": {
 

            },

            "initial_keybindings_set": true,

            "install_time": "13047724783691605",

            "location": 5,

            "manifest": {

               "chrome_url_overrides": {

                  "bookmarks": "main.html"

               },

               "content_security_policy": "object-src 'none'; script-src chrome://resources 'self'",

               "description": "Bookmark Manager",

               "icons": {
 

               },

               "incognito": "split",

               "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+eN9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB",

               "manifest_version": 2,

               "name": "Bookmark Manager",

               "permissions": [ "bookmarks", "bookmarkManagerPrivate", "metricsPrivate", "systemPrivate", "tabs", "chrome://favicon/", "chrome://resources/" ],

               "version": "0.1"

            },

            "path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\bookmark_manager",

            "preferences": {
 

            },

            "regular_only_preferences": {
 

            },

            "was_installed_by_default": false,

            "was_installed_by_oem": false

         },

         "ennkphjdgehloodpbhlhldgbnhmacadg": {

            "active_permissions": {

               "api": [  ],

               "explicit_host": [ "chrome://settings-frame/*" ],

               "manifest_permissions": [  ]

            },

            "content_settings": [  ],

            "creation_flags": 1,

            "events": [ "app.runtime.onLaunched" ],

            "from_bookmark": false,

            "from_webstore": false,

            "incognito_content_settings": [  ],

            "incognito_preferences": {
 

            },

            "initial_keybindings_set": true,

            "install_time": "13047724783694605",

            "location": 5,

            "manifest": {

               "app": {

                  "background": {

                     "scripts": [ "settings_app.js" ]

                  }

               },

               "description": "Settings",

               "display_in_launcher": false,

               "icons": {

                  "128": "settings_app_icon_128.png",

                  "16": "settings_app_icon_16.png",

                  "32": "settings_app_icon_32.png",

                  "48": "settings_app_icon_48.png"

               },

               "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoVDPGX6fvKPVVgc+gnkYlGqHuuapgFDyKhsy4z7UzRLO/95zXPv8h8e5EacqbAQJLUbP6DERH5jowyNEYVxq9GJyntJMwP1ejvoz/52hnY3CCGGCmttmKzzpp5zwLuq3iZf8bslwywfflNUYtaCFSDa0TtrBZz0aOPrAAd/AhNwIDAQAB",

               "manifest_version": 2,

               "name": "Settings",

               "permissions": [ "chrome://settings-frame/" ],

               "version": "0.2"

            },

            "path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\settings_app",

            "preferences": {
 

            },

            "regular_only_preferences": {
 

            },

            "running": false,

            "was_installed_by_default": false,

            "was_installed_by_oem": false

         },

         "flpcjncodpafbgdpnkljologafpionhb": {

            "active_permissions": {

               "api": [ "tabs", "webNavigation" ],

               "explicit_host": [ "chrome://favicon/*", "chrome://resources/*", "chrome://settings-frame/*", "hxxp://*.conduit.com/*
 

-\\ Chromium v
 
 

*************************
 

AdwCleaner[R0].txt - [65986 Bytes] - [12/04/2015 15:04:05]

AdwCleaner[R1].txt - [944 Bytes] - [12/04/2015 15:30:27]

AdwCleaner[R2].txt - [1002 Bytes] - [12/04/2015 15:47:09]

AdwCleaner[R3].txt - [21729 Bytes] - [22/04/2015 17:56:05]

AdwCleaner[S0].txt - [64009 Bytes] - [12/04/2015 15:05:08]
 

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [21849 Bytes] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.6.0 (04.20.2015:1)

OS: Windows 8.1 x64

Ran by Felix on 22.04.2015 at 18:09:32,95

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Tasks
 

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-139508608-1474498159-1540305936-1002
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 22.04.2015 at 18:12:57,90

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015

Ran by Felix (administrator) on FELIX on 22-04-2015 18:14:33

Running from C:\Users\Felix\Downloads

Loaded Profiles: Felix (Available profiles: UpdatusUser & Felix)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSMA32.EXE

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSHDLL64.EXE

(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSM32.EXE

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Reputation\fsorsp.exe

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\fsgk32.exe

(F-Secure Corporation) C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\fssm32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)

HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)

HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSM32.EXE [310312 2014-10-14] (F-Secure Corporation)

HKLM-x32\...\Run: [F-Secure Hoster (46271)] => C:\Program Files (x86)\Vodafone\Sicherheitscenter\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-04-12] (Avast Software s.r.o.)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\Run: [Steam] => "D:\Steam2\steam.exe" -silent

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\MountPoints2: {5c6a9973-ccc9-11e4-bf5a-08606e01042f} - "F:\HTC_Sync_Manager_PC.exe" 

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\MountPoints2: {c8446d1e-73c4-11e4-bf48-08606e01042f} - "F:\HTC_Sync_Manager_PC.exe" 

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\MountPoints2: {de316d3d-70ce-11e4-bf46-08606e01042f} - "F:\HTC_Sync_Manager_PC.exe" 

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-06-14]

ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-10-16]

ShortcutTarget: Dropbox.lnk -> C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-04-07]

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-12] (Avast Software s.r.o.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felix\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-139508608-1474498159-1540305936-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)

BHO: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2015-04-15] (F-Secure Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)

BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} ->  No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)

BHO-x32: Browsing Protection -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2015-04-15] (F-Secure Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844

FF Homepage: https://www.google.de/

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-10] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-139508608-1474498159-1540305936-1002: amazon.com/AmazonMP3DownloaderPlugin -> D:\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)

FF Plugin HKU\S-1-5-21-139508608-1474498159-1540305936-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-02-28] ()

FF Extension: YouTube Unblocker - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844\Extensions\youtubeunblocker@unblocker.yt [2015-04-12]

FF Extension: Adblock Plus Pop-up Addon - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844\Extensions\adblockpopups@jessehakanen.net.xpi [2015-04-12]

FF Extension: Adblock Plus - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\zw75nqfi.default-1428845826844\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-12]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-04-21]

FF HKLM-x32\...\Firefox\Extensions: [{97009068-f556-4ec1-8c38-9b28d77668b3}] - C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-12]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF HKU\S-1-5-21-139508608-1474498159-1540305936-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-01]
 

Chrome: 

=======

CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"

CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (ajdnlgehefnmaiighnbaibekhdfhnipd) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajdnlgehefnmaiighnbaibekhdfhnipd [2015-04-12]

CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-25]

CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-25]

CHR Extension: (YouTube) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-25]

CHR Extension: (Google Search) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-25]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-12]

CHR Extension: (Google Wallet) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-20]

CHR Extension: (Gmail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-25]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-12]

CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/Vodafone/Sicherheitscenter/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-11-27]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-12] (Avast Software s.r.o.)

R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-04-12] (Avast Software)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)

R2 fshoster; C:\Program Files (x86)\Vodafone\Sicherheitscenter\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)

R3 FSMA; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2014-10-14] (F-Secure Corporation)

R2 FSORSPClient; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation)

S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)

S3 Origin Client Service; D:\origin\OriginClientService.exe [1900400 2014-11-17] (Electronic Arts)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-12] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-12] (Avast Software s.r.o.)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-12] (Avast Software s.r.o.)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-12] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-12] (Avast Software s.r.o.)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-04-12] (Avast Software s.r.o.)

S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-12] (Avast Software s.r.o.)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-04-12] ()

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)

R3 F-Secure Gatekeeper; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-02-25] (F-Secure Corporation)

R1 F-Secure HIPS; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-04-14] (F-Secure Corporation)

R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-08-01] ()

R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42672 2013-07-12] ()

R3 fsni; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\CCF_Scanning\bin\fsni64.sys [90152 2015-04-15] (F-Secure Corporation)

R1 fsvista; C:\Program Files (x86)\Vodafone\Sicherheitscenter\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)

S3 mcdevice; C:\Windows\system32\DRIVERS\mcdevice.sys [334400 2011-05-19] (ShiningMorning Inc.)

R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-12] (Avast Software)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-22 18:12 - 2015-04-22 18:12 - 00000725 _____ () C:\Users\Felix\Desktop\JRT.txt

2015-04-22 18:09 - 2015-04-22 18:09 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-FELIX-Windows-8.1-(64-bit).dat

2015-04-22 18:09 - 2015-04-22 18:09 - 00000000 ____D () C:\RegBackup

2015-04-22 18:07 - 2015-04-22 18:07 - 02685507 _____ (Thisisu) C:\Users\Felix\Downloads\JRT.exe

2015-04-21 19:10 - 2015-04-21 19:11 - 00044810 _____ () C:\Users\Felix\Downloads\Addition.txt

2015-04-21 19:09 - 2015-04-22 18:14 - 00021224 _____ () C:\Users\Felix\Downloads\FRST.txt

2015-04-21 19:09 - 2015-04-22 18:14 - 00000000 ____D () C:\FRST

2015-04-21 19:09 - 2015-04-21 19:09 - 02099712 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe

2015-04-21 17:43 - 2015-04-22 18:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-04-15 16:44 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-04-15 16:44 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-04-15 16:44 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll

2015-04-15 16:44 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-04-15 16:44 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll

2015-04-15 16:44 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll

2015-04-15 16:44 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll

2015-04-15 16:44 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll

2015-04-15 16:44 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe

2015-04-15 16:44 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe

2015-04-15 16:44 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll

2015-04-15 16:44 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll

2015-04-15 16:43 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2015-04-15 16:43 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-04-15 16:43 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2015-04-15 16:43 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2015-04-15 16:43 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2015-04-15 16:43 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2015-04-15 16:43 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2015-04-15 16:43 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll

2015-04-15 16:43 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2015-04-15 16:43 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2015-04-15 16:43 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-04-15 16:43 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2015-04-15 16:43 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2015-04-15 16:43 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2015-04-15 16:43 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2015-04-15 16:43 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2015-04-15 16:43 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2015-04-15 16:43 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2015-04-15 16:43 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2015-04-15 16:43 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2015-04-15 16:43 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2015-04-15 16:43 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2015-04-15 16:43 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-04-15 16:43 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-04-15 16:43 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-04-15 16:43 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-04-15 16:43 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-04-15 16:43 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-04-15 16:43 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-04-15 16:43 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-04-15 16:43 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-04-15 16:43 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-04-15 16:43 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-04-15 16:43 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2015-04-15 16:43 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-04-15 16:43 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-04-15 16:43 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2015-04-15 16:43 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-04-15 16:43 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-04-15 16:43 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-04-15 16:43 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-04-15 16:43 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll

2015-04-15 16:43 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-04-15 16:43 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-04-15 16:43 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-04-15 16:43 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-04-15 16:43 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-04-15 16:43 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-04-15 16:43 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2015-04-15 16:43 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll

2015-04-15 16:43 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll

2015-04-15 16:43 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2015-04-15 16:43 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll

2015-04-15 11:43 - 2015-04-21 18:19 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-04-15 11:43 - 2015-04-15 11:43 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-04-15 11:43 - 2015-04-15 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-04-15 11:43 - 2015-04-15 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-04-15 11:43 - 2015-04-15 11:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-04-15 11:43 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-04-15 11:43 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2015-04-15 11:43 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-04-15 11:41 - 2015-04-15 11:41 - 01203488 _____ () C:\Users\Felix\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

2015-04-12 18:29 - 2015-04-12 18:29 - 00291192 _____ () C:\WINDOWS\Minidump\041215-28937-01.dmp

2015-04-12 18:29 - 2015-04-12 18:29 - 00000000 ____D () C:\WINDOWS\Minidump

2015-04-12 16:32 - 2015-04-12 16:32 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\AVAST Software

2015-04-12 16:31 - 2015-04-22 18:02 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update

2015-04-12 16:31 - 2015-04-12 16:34 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox

2015-04-12 16:31 - 2015-04-12 16:34 - 00000000 ____D () C:\WINDOWS\system32\vbox

2015-04-12 16:31 - 2015-04-12 16:31 - 00001940 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk

2015-04-12 16:31 - 2015-04-12 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software

2015-04-12 16:31 - 2015-04-12 16:30 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00441728 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe

2015-04-12 16:31 - 2015-04-12 16:30 - 00268640 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys

2015-04-12 16:31 - 2015-04-12 16:30 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys

2015-04-12 16:30 - 2015-04-12 16:30 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr

2015-04-12 16:24 - 2015-04-12 16:29 - 147571744 _____ (Avast Software s.r.o.) C:\Users\Felix\Downloads\avast_free_antivirus_setup.exe

2015-04-12 16:07 - 2015-04-22 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-04-12 16:07 - 2015-04-12 16:07 - 00001173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-04-12 16:07 - 2015-04-12 16:07 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-04-12 16:06 - 2015-04-12 16:06 - 00243656 _____ () C:\Users\Felix\Downloads\Firefox Setup Stub 37.0.1.exe

2015-04-12 15:37 - 2015-04-12 15:37 - 00000000 ____D () C:\Users\Felix\Desktop\Alte Firefox-Daten

2015-04-12 15:04 - 2015-04-22 17:58 - 00000000 ____D () C:\AdwCleaner

2015-04-12 15:03 - 2015-04-12 15:03 - 02217984 _____ () C:\Users\Felix\Downloads\adwcleaner_4.201.exe

2015-04-12 14:27 - 2015-04-12 14:27 - 00000004 _____ () C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-04-06 00:39 - 2015-04-06 00:39 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX

2015-04-06 00:39 - 2015-04-06 00:39 - 00000000 ___SD () C:\WINDOWS\system32\GWX

2015-04-04 12:08 - 2015-04-04 12:08 - 00000000 ____D () C:\Users\Felix\AppData\Local\Intel_Corporation

2015-04-01 11:54 - 2015-04-03 12:42 - 00000000 ____D () C:\Users\Felix\AppData\Local\Ori and the Blind Forest

2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Felix\AppData\Roaming\DbNXDy5Q4IKtT8LP

2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Felix\AppData\Roaming\hJzzSTN1rrrH5RhdAEej

2015-03-30 23:39 - 2015-04-10 15:15 - 00000000 ____D () C:\Users\Felix\Desktop\m7

2015-03-30 16:35 - 2015-03-30 16:35 - 00001323 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk

2015-03-30 16:35 - 2015-03-30 16:35 - 00000000 ____D () C:\WINDOWS\de

2015-03-30 16:34 - 2015-04-22 18:06 - 00005124 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for FELIX-Felix Felix

2015-03-30 16:34 - 2015-03-31 05:41 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-139508608-1474498159-1540305936-1002
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-22 18:14 - 2014-06-20 09:54 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-04-22 18:13 - 2014-10-29 16:22 - 00000000 ___RD () C:\Users\Felix\OneDrive

2015-04-22 18:05 - 2014-06-20 09:54 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-04-22 18:04 - 2014-10-29 15:46 - 01979203 _____ () C:\WINDOWS\WindowsUpdate.log

2015-04-22 18:03 - 2013-10-16 21:18 - 00000000 ___RD () C:\Users\Felix\Dropbox

2015-04-22 18:03 - 2013-10-16 21:13 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Dropbox

2015-04-22 18:01 - 2013-01-19 21:23 - 00000408 _____ () C:\Users\Felix\AppData\Roaming\sp_data.sys

2015-04-22 18:00 - 2014-09-23 23:06 - 00087764 _____ () C:\WINDOWS\PFRO.log

2015-04-22 18:00 - 2013-08-22 16:46 - 00366280 _____ () C:\WINDOWS\setupact.log

2015-04-22 18:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-04-22 18:00 - 2012-10-23 17:49 - 00000000 ____D () C:\ProgramData\NVIDIA

2015-04-22 17:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2015-04-22 17:51 - 2014-12-01 14:08 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C69B8757-5BE9-4895-B358-6C05901986F7}

2015-04-22 17:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-04-22 08:38 - 2015-01-04 21:29 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-04-20 14:56 - 2013-06-14 14:04 - 00005052 _____ () C:\Users\Felix\AppData\Roaming\wklnhst.dat

2015-04-19 19:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2015-04-19 15:11 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-04-18 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2015-04-18 01:15 - 2014-06-20 09:59 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2015-04-17 10:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat

2015-04-15 23:08 - 2013-01-25 21:48 - 00114176 ___SH () C:\Users\Felix\Desktop\Thumbs.db

2015-04-15 17:15 - 2013-07-23 12:51 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-04-15 17:12 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2015-04-15 17:11 - 2013-01-21 16:48 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-04-15 17:04 - 2014-12-10 01:10 - 00000000 ____D () C:\WINDOWS\system32\appraiser

2015-04-15 17:04 - 2014-09-24 09:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2015-04-15 16:42 - 2014-11-12 08:51 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll

2015-04-15 11:39 - 2015-01-04 21:29 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2015-04-14 01:24 - 2014-11-02 13:01 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-04-14 01:24 - 2014-11-02 13:01 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-12 21:24 - 2014-10-29 15:52 - 00000000 ____D () C:\Users\Felix

2015-04-12 18:29 - 2013-05-16 11:08 - 931867784 _____ () C:\WINDOWS\MEMORY.DMP

2015-04-12 16:29 - 2013-01-25 15:03 - 00000000 ____D () C:\ProgramData\AVAST Software

2015-04-12 15:59 - 2013-08-22 16:44 - 00514064 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-04-12 15:56 - 2013-11-11 10:01 - 00000000 ____D () C:\Program Files (x86)\eRightSoft

2015-04-09 11:42 - 2013-10-16 21:18 - 00001068 _____ () C:\Users\Felix\Desktop\Dropbox.lnk

2015-04-09 11:42 - 2013-10-16 21:16 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-04-07 13:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2015-04-04 11:42 - 2013-01-20 20:27 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Skype

2015-04-02 12:46 - 2014-09-24 08:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-04-02 12:46 - 2014-09-24 07:43 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2015-04-02 12:46 - 2014-09-24 07:43 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2015-04-01 15:46 - 2013-03-12 13:32 - 00000000 ____D () C:\Users\Felix\Desktop\Games

2015-03-30 17:41 - 2014-07-17 21:07 - 00000000 ____D () C:\ProgramData\StaxRip

2015-03-30 16:35 - 2013-04-18 17:31 - 00001392 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk

2015-03-30 16:34 - 2013-04-18 17:30 - 00000000 ____D () C:\Program Files (x86)\Windows Live

2015-03-30 16:34 - 2013-02-16 14:17 - 00560057 _____ () C:\WINDOWS\DirectX.log

2015-03-30 11:23 - 2013-08-22 17:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager

2015-03-30 11:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera

2015-03-30 11:15 - 2014-09-24 08:00 - 00000000 ____D () C:\Program Files\Windows Journal

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\sppui

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform

2015-03-30 11:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System

2015-03-30 11:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe

2015-03-30 11:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism

2015-03-30 11:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sppui

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Com

2015-03-30 11:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME

2015-03-30 11:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep

2015-03-30 11:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe

2015-03-30 11:13 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism

2015-03-30 11:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices

2015-03-30 11:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer

2015-03-30 11:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform

2015-03-30 11:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell

2015-03-26 13:01 - 2013-09-13 10:57 - 00000000 ____D () C:\Users\Felix\Desktop\Dokumente
 

==================== Files in the root of some directories =======
 

2014-07-17 12:52 - 2014-07-17 12:52 - 0000000 ___RH () C:\Users\Felix\AppData\Roaming\54126a93f534ad925e773cb8bd280ec62

2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Felix\AppData\Roaming\DbNXDy5Q4IKtT8LP

2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Felix\AppData\Roaming\hJzzSTN1rrrH5RhdAEej

2013-03-12 12:13 - 2013-03-16 14:01 - 0004104 _____ () C:\Users\Felix\AppData\Roaming\MassLaunch.log.txt

2013-01-19 21:23 - 2015-04-22 18:01 - 0000408 _____ () C:\Users\Felix\AppData\Roaming\sp_data.sys

2013-06-14 14:04 - 2015-04-20 14:56 - 0005052 _____ () C:\Users\Felix\AppData\Roaming\wklnhst.dat

2013-06-19 16:19 - 2013-12-11 10:47 - 0005632 _____ () C:\Users\Felix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-01-21 16:25 - 2015-02-19 20:56 - 0007606 _____ () C:\Users\Felix\AppData\Local\resmon.resmoncfg

2014-12-05 15:56 - 2014-12-05 15:56 - 0000057 _____ () C:\ProgramData\Ament.ini

2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd

2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
 

Files to move or delete:

====================

C:\ProgramData\SetStretch.exe
 
 

Some content of TEMP:

====================

C:\Users\Felix\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi8rzk2.dll

C:\Users\Felix\AppData\Local\Temp\DseShExt-x64.dll

C:\Users\Felix\AppData\Local\Temp\DseShExt-x86.dll

C:\Users\Felix\AppData\Local\Temp\FreeYouTubeDownload.exe

C:\Users\Felix\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\Felix\AppData\Local\Temp\Quarantine.exe

C:\Users\Felix\AppData\Local\Temp\SDShelEx-win32.dll

C:\Users\Felix\AppData\Local\Temp\SDShelEx-x64.dll

C:\Users\Felix\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Felix\AppData\Local\Temp\sqlite3.dll

C:\Users\Felix\AppData\Local\Temp\TUUUninstallHelper.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-04-16 06:41
 

==================== End Of Log ============================

--- --- ---

___

Vielen Dank! Ich glaube, das Problem wurde behoben :)

Gruß,
ShaoTse