Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Ständig ?trackid=sp-006 und Tebs öffnen sich auch ohne zutun (https://www.trojaner-board.de/168526-staendig-trackid-sp-006-tebs-oeffnen-ohne-zutun.html)

AnimaAngelo 07.07.2015 21:09
Ständig ?trackid=sp-006 und Tebs öffnen sich auch ohne zutun
 
Guten Abend zusammen,
ich habe einige Probleme mit meinem Laptop.
Nach jeder Suche über Chrome setzt sich automatisch ?trackid=sp-006 dahinter.
Auch wenn der Lappi gerade mal nicht genutzt wird öffnen sich ohne meiner eingabe wie von Geisterhand irgendwelche Werbeseiten. In einer Stunde haben sich locker 32 Tabs geöffnet obwohl keiner dran war.
Als letztes ist mein Laptop sehr sehr langsam geworden warum auch immer selbst beim schreiben hier bin ich mit meinem Zweifingeersuchsystem schneller am tippen als der Lappi es eigibt.
Was kann ich gegen meine Probleme tun außer Distr. neu aufsetzen.

System:
Samsung RV515
mit Win 7 Home

schrauber 07.07.2015 21:20
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


AnimaAngelo 07.07.2015 21:42
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by AnimaAngelo (administrator) on ANIMAANGELO-PC on 07-07-2015 22:34:57
Running from C:\Users\AnimaAngelo\Downloads
Loaded Profiles: AnimaAngelo (Available Profiles: AnimaAngelo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-06-23] (Glarysoft Ltd)
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Run: [GoogleChromeAutoLaunch_E24E5488099F34B5CE81DB9BDD8DD73F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-07] (Google Inc.)
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {30b370ae-cd4c-11e4-aeaa-e811328cda84} - E:\AutoRun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {30b370bc-cd4c-11e4-aeaa-e811328cda84} - E:\AutoRun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {456eda21-bd0b-11e4-993c-e811328cda84} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {4bf25c62-4ae8-11e4-b2ac-f1fbf90de8ca} - G:\Startme.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {4eea69ed-ffc9-11e4-a868-e811328cda84} - F:\Autorun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {6ae20e6b-cba4-11e4-a6ac-e811328cda84} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {9b017a32-cee4-11e4-90d4-e811328cda84} - E:\AutoRun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {b3a85d28-ce20-11e4-bc5c-e811328cda84} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {b3a85d44-ce20-11e4-bc5c-e811328cda84} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\MountPoints2: {e4353e93-d2d9-11e4-ba2a-e811328cda84} - E:\Autorun.exe
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2414973931-2264080825-886326512-1004\User: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:50830;https=127.0.0.1:50830
AutoConfigURL: [S-1-5-21-2414973931-2264080825-886326512-1000] => file://C:\Program Files (x86)\Hold Page\bin\Pac9064.js
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://myhome.vi-view.com/?type=hp&ts=1418580347&from=cor&uid=ST2000LM003XHN-M201RAD_S321J9BF800572
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1418580347&from=cor&uid=ST2000LM003XHN-M201RAD_S321J9BF800572&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1418580347&from=cor&uid=ST2000LM003XHN-M201RAD_S321J9BF800572
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {D38A0921-59AE-41C4-A9DD-3551386D748E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {D38A0921-59AE-41C4-A9DD-3551386D748E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1418580347&from=cor&uid=ST2000LM003XHN-M201RAD_S321J9BF800572&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322197&octid=EB_ORIGINAL_CTID&ISID=MFF7928A0-2076-4170-B15C-4B32E873E16A&SearchSource=58&CUI=&UM=8&UP=SP44C80D9E-2860-4FB2-91D3-88A0DA98BB23&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1418580347&from=cor&uid=ST2000LM003XHN-M201RAD_S321J9BF800572&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> {D38A0921-59AE-41C4-A9DD-3551386D748E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll No File
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 15 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{524AAAB2-4000-4EF8-A966-E188B9E7B364}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{D4B7BC8A-52DC-4545-93F5-A9D734E39B1D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FAD4FCBB-98C1-4E3F-9136-68110F77C474}: [NameServer] 10.74.210.210 10.74.210.211

FireFox:
========
FF ProfilePath: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF user.js: detected! => C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\user.js [2015-02-15]
FF SearchPlugin: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\searchplugins\google-avast.xml [2015-01-04]
FF SearchPlugin: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\searchplugins\trovi-search.xml [2015-01-01]
FF SearchPlugin: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\searchplugins\Web Search.xml [2015-05-02]
FF Extension: Amazon-Icon - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\amazon-icon@giga.de [2015-02-15]
FF Extension: CinemaPlus-3.2c - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-05-20]
FF Extension: Positive Finds - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\{c4313236-0ef0-4bfa-aeb6-8f89994746cd}.xpi [2015-02-15]
FF Extension: Web Developer - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-10-21]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff

Chrome:
=======
CHR Profile: C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-03]
CHR Extension: (Angry Birds) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-10-03]
CHR Extension: (Google Docs) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-03]
CHR Extension: (Google Drive) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-03]
CHR Extension: (YouTube) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-03]
CHR Extension: (Adblock Plus) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-03]
CHR Extension: (Google Search) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-03]
CHR Extension: (Strategy & Defense games) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\djkpilpcldinocafgnnnecbgdmpebcki [2014-10-03]
CHR Extension: (Video Downloader professional) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-06-14]
CHR Extension: (Google Sheets) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-03]
CHR Extension: (Download Helper) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjlohfdjcjhmfcabomglnciodlnplhk [2015-06-14]
CHR Extension: (Tower Defense Games) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdmjbldddnejdajkmmledjohhccahell [2014-10-03]
CHR Extension: (Share With Care) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjflmfkjppbmejlfbhlpgjnomdoefkfa [2014-10-03]
CHR Extension: (Dragon Ball Z mmorpg game !) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljhjkncoceojjbadalclgdinmijjien [2014-10-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Hold Page) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgkfochogicbgghgeoedahjlgkhhffoo [2014-12-16]
CHR Extension: (12 Towers) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdkeklohckaijapmmneogbfelodgbdck [2014-10-03]
CHR Extension: (Red Alien) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlklddbgohcheiaiidjodbnlfcipcdeo [2014-10-03]
CHR Extension: (Google Wallet) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-03]
CHR Extension: (Amazon) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-15]
CHR Extension: (CinemaPlus-3.2cV02.05) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-05-02]
CHR Extension: (Bitdefender QuickScan) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-07-07]
CHR Extension: (Gmail) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-03]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\AnimaAngelo\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2527864 2015-03-04] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
S3 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-03-13] (Foxit Software Inc.)
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe [3881080 2015-02-20] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe [2235512 2015-02-20] (G Data Software AG)
S3 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138544 2015-03-31] ()
S3 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2015-03-31] ()
S3 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-26] (Electronic Arts)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [836288 2015-03-24] (Valve Corporation) [File not signed]
S3 TSNxGService; C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-26] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-07-07] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-07-07] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-07-07] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-07-07] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-07-07] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-07-07] (G Data Software AG)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-05-30] (Sony Mobile Communications)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-01] (Glarysoft Ltd)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-07-07] (G Data Software AG)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-08-16] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-03-09] (Huawei Technologies Co., Ltd.)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2015-07-07] (G Data Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [25592 2015-03-19] (Windows (R) Win 7 DDK provider)
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 22:34 - 2015-07-07 22:35 - 00022669 _____ C:\Users\AnimaAngelo\Downloads\FRST.txt
2015-07-07 22:34 - 2015-07-07 22:35 - 00000000 ____D C:\FRST
2015-07-07 22:33 - 2015-07-07 22:34 - 02112512 _____ (Farbar) C:\Users\AnimaAngelo\Downloads\FRST64.exe
2015-07-07 22:06 - 2015-07-07 22:06 - 00075776 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2015-07-07 22:05 - 2015-07-07 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2015-07-07 22:05 - 2015-07-07 22:05 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00002003 _____ C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk
2015-07-07 22:05 - 2015-07-07 22:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2015-07-07 22:05 - 2015-07-07 22:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf
2015-07-07 22:04 - 2015-07-07 22:04 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00230400 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00150016 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00124928 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2015-07-07 22:02 - 2015-07-07 22:02 - 00001962 _____ C:\Windows\DPINST.LOG
2015-07-07 22:02 - 2015-07-07 22:02 - 00000000 ____D C:\ProgramData\G DATA Software
2015-07-07 21:40 - 2015-07-07 21:40 - 00086130 _____ C:\Windows\PFRO.log
2015-07-07 21:09 - 2015-07-07 21:19 - 265261840 _____ (G Data Software AG) C:\Users\AnimaAngelo\Downloads\INT_R_BASE_TP.exe
2015-07-07 20:58 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-07 20:58 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-07-07 20:54 - 2015-07-07 20:54 - 00039480 _____ C:\Users\AnimaAngelo\Downloads\qsinstaller.exe
2015-07-05 19:09 - 2015-07-05 19:09 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2015-07-05 19:06 - 2015-07-05 19:06 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2015-07-05 16:05 - 2015-07-05 16:46 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Musik USB
2015-07-01 20:54 - 2015-07-01 22:53 - 00000000 ____D C:\Users\AnimaAngelo\Downloads\Ballermann Hist 2015 3CD
2015-07-01 18:42 - 2015-07-01 18:43 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Ivonne
2015-07-01 18:41 - 2015-07-07 22:15 - 00003876 _____ C:\Windows\setupact.log
2015-07-01 18:41 - 2015-07-01 18:41 - 00000000 _____ C:\Windows\setuperr.log
2015-07-01 18:40 - 2015-07-01 20:54 - 410920847 _____ C:\Users\AnimaAngelo\Downloads\VA-Ballermann_Hits_2015_XXL-3CD-DE-2015.rar
2015-07-01 18:11 - 2015-07-01 18:12 - 15199032 _____ C:\Users\AnimaAngelo\Downloads\Glary_Utilities_v5.28.0.48.exe
2015-07-01 18:01 - 2015-07-01 20:42 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Spiele
2015-06-28 13:49 - 2015-06-28 13:49 - 00002725 _____ C:\Users\AnimaAngelo\AppData\Local\recently-used.xbel
2015-06-28 13:21 - 2015-06-28 13:21 - 00000000 ____D C:\Users\AnimaAngelo\.thumbnails
2015-06-28 12:37 - 2015-06-28 13:31 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Local\gtk-2.0
2015-06-28 12:28 - 2015-06-28 13:51 - 00000000 ____D C:\Users\AnimaAngelo\.gimp-2.8
2015-06-28 12:28 - 2015-06-28 12:28 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Local\gegl-0.2
2015-06-28 12:17 - 2015-06-28 12:17 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-06-28 12:10 - 2015-06-28 12:15 - 00000000 ____D C:\Program Files\GIMP 2
2015-06-28 11:46 - 2015-06-28 11:49 - 91931728 _____ (The GIMP Team ) C:\Users\AnimaAngelo\Downloads\gimp-2.8.14-setup-1.exe
2015-06-14 16:15 - 2015-06-14 16:16 - 32193426 _____ C:\Users\AnimaAngelo\Downloads\NENA - In meinem Leben [Official Video].mp4
2015-06-14 16:13 - 2015-06-14 16:13 - 07127074 _____ C:\Users\AnimaAngelo\Downloads\Isso - Mateo Lyrics.mp4
2015-06-14 16:09 - 2015-06-14 16:10 - 34694964 _____ C:\Users\AnimaAngelo\Downloads\NightcOrE - So Allein - lyrics.mp4
2015-06-14 16:08 - 2015-06-14 16:08 - 20472405 _____ C:\Users\AnimaAngelo\Downloads\Christina Stürmer Millionen Lichter lyrics.mp4
2015-06-14 16:02 - 2015-06-14 16:02 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-14 15:48 - 2015-06-14 15:49 - 36127464 _____ C:\Users\AnimaAngelo\Downloads\FreeYouTubeToMP3Converter_3.12.59.525.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 22:28 - 2011-03-20 11:08 - 00699236 _____ C:\Windows\system32\perfh007.dat
2015-07-07 22:28 - 2011-03-20 11:08 - 00149344 _____ C:\Windows\system32\perfc007.dat
2015-07-07 22:28 - 2009-07-14 07:13 - 01618848 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-07 22:25 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-07 22:25 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-07 22:21 - 2014-10-03 12:28 - 01918094 _____ C:\Windows\WindowsUpdate.log
2015-07-07 22:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-07 22:07 - 2015-04-09 20:58 - 00000000 ____D C:\ProgramData\G Data
2015-07-07 22:03 - 2015-04-09 21:00 - 00001558 _____ C:\Users\AnimaAngelo\AppData\Roaming\gdscan.log
2015-07-07 22:01 - 2015-04-09 20:58 - 00000000 ____D C:\Program Files (x86)\G Data
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-07-07 20:54 - 2014-10-03 15:50 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\QuickScan
2015-07-05 18:58 - 2015-04-27 03:33 - 00000000 ____D C:\Users\AnimaAngelo\Documents\Command and Conquer Generals Zero Hour Data
2015-07-05 18:49 - 2015-03-23 17:48 - 00000000 ____D C:\ProgramData\Origin
2015-07-05 16:13 - 2015-06-05 16:02 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Party
2015-07-04 08:55 - 2014-10-03 15:20 - 00000418 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2015-07-04 08:55 - 2014-10-03 14:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-04 08:55 - 2014-10-03 14:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-01 20:42 - 2015-04-03 12:42 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Programme
2015-07-01 20:42 - 2015-04-03 12:41 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Daten, Ordner usw
2015-07-01 18:35 - 2015-03-23 16:41 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-01 18:33 - 2015-05-01 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-07-01 18:33 - 2015-04-14 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-07-01 18:33 - 2015-04-14 20:01 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-07-01 18:15 - 2015-03-25 18:18 - 00002984 _____ C:\Windows\System32\Tasks\{92A76144-6883-4449-B33D-F1A3813C467F}
2015-07-01 18:15 - 2015-03-25 18:18 - 00002984 _____ C:\Windows\System32\Tasks\{2DCAED3A-13FF-44D9-A598-F72A5FA5C9DA}
2015-07-01 18:15 - 2015-03-25 18:17 - 00002984 _____ C:\Windows\System32\Tasks\{614F9564-8F4D-4719-822D-DD2715DB7A6D}
2015-07-01 18:15 - 2014-10-03 14:46 - 00004118 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-01 18:15 - 2014-10-03 14:46 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-01 18:14 - 2014-10-03 15:20 - 00003836 _____ C:\Windows\System32\Tasks\DriverEasy Scheduled Scan
2015-07-01 18:13 - 2014-10-03 15:59 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-07-01 18:13 - 2014-10-03 15:59 - 00003338 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-07-01 18:13 - 2014-10-03 15:59 - 00002996 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-07-01 18:13 - 2014-10-03 15:59 - 00001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-07-01 18:13 - 2014-10-03 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-07-01 18:13 - 2014-10-03 15:59 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-06-28 13:21 - 2014-10-03 12:31 - 00000000 ____D C:\Users\AnimaAngelo
2015-06-28 09:59 - 2014-10-03 14:47 - 00002207 _____ C:\Users\AnimaAngelo\Desktop\Google Chrome.lnk
2015-06-08 17:43 - 2014-10-18 12:22 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2015-04-09 21:00 - 2015-04-09 21:00 - 0000000 _____ () C:\Users\AnimaAngelo\AppData\Roaming\gdfw.log
2015-04-09 21:00 - 2015-07-07 22:03 - 0001558 _____ () C:\Users\AnimaAngelo\AppData\Roaming\gdscan.log
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\AnimaAngelo\AppData\Roaming\qmo2TlUy4szDje
2015-05-03 16:16 - 2015-05-03 16:16 - 0613255 _____ () C:\Users\AnimaAngelo\AppData\Local\nswC715.tmp
2015-06-28 13:49 - 2015-06-28 13:49 - 0002725 _____ () C:\Users\AnimaAngelo\AppData\Local\recently-used.xbel
2015-01-03 17:57 - 2015-01-03 17:57 - 0284442 _____ () C:\ProgramData\1420300497.bdinstall.bin
2015-01-03 17:57 - 2015-01-03 17:57 - 0050041 _____ () C:\ProgramData\1420300602.bdinstall.bin
2015-01-03 18:55 - 2015-01-03 18:55 - 0032324 _____ () C:\ProgramData\1420304108.bdinstall.bin
2015-05-26 22:19 - 2015-05-26 22:19 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 13:48

==================== End of log ============================
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by AnimaAngelo at 2015-07-07 22:37:22
Running from C:\Users\AnimaAngelo\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2414973931-2264080825-886326512-500 - Administrator - Disabled)
AnimaAngelo (S-1-5-21-2414973931-2264080825-886326512-1000 - Administrator - Enabled) => C:\Users\AnimaAngelo
Gast (S-1-5-21-2414973931-2264080825-886326512-501 - Limited - Disabled)
Lea & Pia (S-1-5-21-2414973931-2264080825-886326512-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G DATA TOTAL PROTECTION (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA TOTAL PROTECTION (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Acronis*Disk*Director*12 (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3219 - Acronis)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 1942 (HKLM-x32\...\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}) (Version:  - )
Battlefield 1942: Secret Weapons of WWII (HKLM-x32\...\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}) (Version:  - )
Battlefield 1942: The Road To Rome (HKLM-x32\...\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}) (Version:  - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Renegade (HKLM-x32\...\{24DFBE4C-FD7F-48F2-A7D9-D1A0929B2113}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Die Sims Deluxe  (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.5.139.1020 - Electronic Arts Inc.)
DriverEasy 4.7.8 (HKLM\...\DriverEasy_is1) (Version: 4.7.8.0 - Easeware)
Dropbox (HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)
Earth 2150 (HKLM-x32\...\Earth 2150) (Version:  - )
EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 8.0  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.0 - CHENGDU YIWO Tech Development Co., Ltd)
Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
ETDWare X64 11.7.13.2_WHQL (HKLM\...\Elantech) (Version: 11.7.13.2 - ELAN Microelectronic Corp.)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.9.56.313 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.)
G DATA TOTAL PROTECTION (HKLM-x32\...\{2A1FF304-D778-49F1-B340-E4BF4CDA2EB0}) (Version: 25.1.0.3 - G DATA Software AG)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities 5.28 (HKLM-x32\...\Glary Utilities 5) (Version: 5.28.0.48 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 41.003.50.00.06 - Huawei Technologies Co.,Ltd)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{C3F12DD0-54B1-4B2B-A82B-FA43502BC550}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
iLoad (HKLM\...\{B4D9A4F1-C1F3-4F69-B673-0D7D3FB2B591}) (Version: 6.1.0 - Paloma Networks, Inc.)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.87.55 - Huawei Technologies Co.,Ltd)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LastChaosGER (HKLM-x32\...\{A86A50FC-7C22-478B-BAEF-82393328825F}) (Version: 1.00.000 - Barunsongames CO., LTD.)
Mega World Smash (HKLM-x32\...\{B479FD9F-0FA7-4F0B-8407-50602E80125C}) (Version: 1.00.0000 - PurpleHills)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Moorhuhn X - XXL (HKLM-x32\...\{D0D3C193-7052-4DE4-8BF4-3954D2021FF2}) (Version:  - )
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
Need for Speed Underground Version 1.4 (HKLM-x32\...\Need for Speed Underground_is1) (Version: 1.4 - EA Games)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
OpenTTD 1.4.2 (HKLM-x32\...\OpenTTD) (Version: 1.4.2 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.89.716.2014 - Realtek)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Smart Driver Updater v3.2 (HKLM-x32\...\Smart Driver Updater_is1) (Version: 3.2 - Avanquest Software)
Sniper Ghost Warrior 2 (HKLM-x32\...\Steam App 34870) (Version:  - City Interactive)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.7.201505261442 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
The Sims 4 Deluxe DLC Edition (HKLM-x32\...\The Sims 4 Deluxe DLC Edition) (Version: 1.01 - Electronic Arts)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.00.000 - Ubisoft)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.2.3 - Unified Intents AB)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WAOW 1.01 (HKLM-x32\...\WAOW) (Version: 1.01 - )
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WiFiRemotesServer (HKLM-x32\...\{A4D97D4D-098A-45BE-ACF9-D5EB830C9AC7}) (Version: 1.0.0 - WiFiRemotes)
Windows Remote Service (HKLM\...\{82D197EB-E66F-41F1-887C-B6EFC09DBF7F}_is1) (Version: 1.3.0 - Banamalon)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2414973931-2264080825-886326512-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

03-01-2015 18:06:13 Installiert Battlefield 1942
03-01-2015 18:28:57 Installiert Battlefield 1942: The Road To Rome
03-01-2015 18:38:34 Installiert Battlefield 1942: Secret Weapons of WWII
03-01-2015 19:44:01 Windows Update
25-01-2015 01:31:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
25-01-2015 01:32:49 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
25-01-2015 23:49:14 Acronis*Disk*Director*12 wird installiert
07-02-2015 20:36:27 Geplanter Prüfpunkt
15-02-2015 01:00:08 Geplanter Prüfpunkt
26-02-2015 01:52:11 Geplanter Prüfpunkt
27-02-2015 20:14:16 Microsoft Visual C++ 2005 Redistributable wird installiert
08-03-2015 14:01:27 Geplanter Prüfpunkt
08-03-2015 20:14:03 Installiert Call of Duty(R) 4 - Modern Warfare(TM)
08-03-2015 21:20:40 DirectX wurde installiert
16-03-2015 14:03:30 Mega World Smash wurde installiert.
19-03-2015 16:56:11 Installiert Die Sims Deluxe
19-03-2015 17:22:29 Installiert Die Sims Deluxe
20-03-2015 18:15:15 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
20-03-2015 18:16:25 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
20-03-2015 18:17:54 Gerätetreiber-Paketinstallation: Unified Intents AB Eingabegeräte (Human Interface Devices)
23-03-2015 16:40:14 Steam wird installiert
23-03-2015 17:38:14 DirectX wurde installiert
23-03-2015 18:17:20 DirectX wurde installiert
25-03-2015 15:42:44 Installiert Moorhuhn X - XXL
26-03-2015 14:07:58 Installed WiFiRemotesServer
26-03-2015 17:23:19 Gerätetreiber-Paketinstallation: Disc Soft Ltd Speichercontroller
03-04-2015 02:18:30 Geplanter Prüfpunkt
03-04-2015 12:52:27 Installiert Tom Clancy's Splinter Cell Conviction
03-04-2015 13:23:59 Microsoft Visual C++ 2005 Redistributable wird installiert
03-04-2015 13:26:05 DirectX wurde installiert
03-04-2015 13:45:38 Installed Ubisoft Game Launcher
09-04-2015 21:19:17 avast! antivirus system restore point
10-04-2015 22:42:50 Sony PC Companion
19-04-2015 13:44:21 Geplanter Prüfpunkt
26-04-2015 03:40:14 DirectX wurde installiert
26-04-2015 11:17:49 DirectX wurde installiert
26-04-2015 12:08:46 DirectX wurde installiert
27-04-2015 02:26:53 DirectX wurde installiert
27-04-2015 03:27:26 DirectX wurde installiert
27-04-2015 04:23:15 DirectX wurde installiert
03-05-2015 16:18:21 Wiederherstellungsvorgang
11-05-2015 00:01:37 Geplanter Prüfpunkt
18-05-2015 13:36:02 Geplanter Prüfpunkt
21-05-2015 08:28:30 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
21-05-2015 08:29:46 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
21-05-2015 08:30:49 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
21-05-2015 10:34:13 Configured LastChaosGER
22-05-2015 16:47:21 Installiert The Sims 3
24-05-2015 13:08:41 Installiert The Sims 3
24-05-2015 14:12:05 Entfernt The Sims 3
24-05-2015 14:30:14 Installiert The Sims 3
24-05-2015 14:46:28 Installiert The Sims 3
30-05-2015 15:09:20 Installed Sony Mobile Drivers
07-06-2015 13:17:16 Geplanter Prüfpunkt
14-06-2015 17:32:31 Geplanter Prüfpunkt
22-06-2015 00:02:15 Geplanter Prüfpunkt
01-07-2015 20:06:03 Geplanter Prüfpunkt
07-07-2015 21:23:45 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2EB96718-BC85-47B5-B129-9E26A19FFC8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-03] (Google Inc.)
Task: {44E1796D-9C5D-441B-8E57-984565B9D815} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-06-23] (Glarysoft Ltd)
Task: {5A6D0E06-D161-4D92-8961-5A81065975BD} - System32\Tasks\{614F9564-8F4D-4719-822D-DD2715DB7A6D} => C:\Program Files (x86)\Maxis\Die Sims\Sims.exe [2002-08-01] (Maxis, a brand of Electronic Arts)
Task: {5C83FEF0-B43B-4CD8-B076-B97BFB4C3D25} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2014-09-16] (Easeware)
Task: {6A2C6D18-9AED-4571-9517-7871436256DF} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-06-23] (Glarysoft Ltd)
Task: {6BDEE676-8B65-4850-9248-FEC5601ACA5D} - System32\Tasks\{2DCAED3A-13FF-44D9-A598-F72A5FA5C9DA} => C:\Program Files (x86)\Maxis\Die Sims\Sims.exe [2002-08-01] (Maxis, a brand of Electronic Arts)
Task: {9E6D411E-1CFB-4363-B3B9-B756B753EC2A} - System32\Tasks\avastBCLRestartS-1-5-21-2414973931-2264080825-886326512-1000 => Chrome.exe
Task: {A32562F6-1A04-438C-81F4-C9B02FF0ECCF} - System32\Tasks\{92A76144-6883-4449-B33D-F1A3813C467F} => C:\Program Files (x86)\Maxis\Die Sims\Sims.exe [2002-08-01] (Maxis, a brand of Electronic Arts)
Task: {BE56863F-D42A-4C41-9D15-877F5C5024B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-03] (Google Inc.)
Task: {D36E533D-81AF-4230-88E7-F7386D2682B7} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-01 16:58 - 2014-12-14 11:53 - 00378640 _____ () C:\Windows\system32\ColorMedia64.dll
2014-11-20 22:23 - 2014-11-20 22:23 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-02-15 10:36 - 2014-12-15 02:03 - 00241704 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2015-03-18 12:44 - 2013-08-16 08:53 - 00671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2015-02-20 05:42 - 2015-02-20 05:42 - 00382072 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00031272 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-02-15 10:37 - 2014-12-15 01:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00107560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00280104 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-02-15 10:37 - 2014-12-15 01:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00754728 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-02-15 10:37 - 2014-12-15 01:53 - 00135720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00096808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2015-02-15 10:36 - 2014-12-15 01:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2015-07-07 20:08 - 2015-07-07 05:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll
2015-07-07 20:08 - 2015-07-07 05:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll
2015-03-18 12:44 - 2013-08-16 08:53 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-03-18 12:44 - 2013-08-16 08:53 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-03-18 12:44 - 2013-08-16 08:53 - 02417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-03-18 12:44 - 2013-08-16 08:53 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^AnimaAngelo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^iLoad.lnk => C:\Windows\pss\iLoad.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse-Agent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: Unified Remote V3 => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
MSCONFIG\startupreg: Windows Remote Service => C:\Program Files (x86)\Banamalon\Windows Remote Service\WindowsRemoteService.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8E62ED7E-5421-4B4D-B668-A0E28485767C}] => (Allow) C:\Program Files (x86)\Hold Page\bin\HoldPage.BRT.Helper.exe
FirewallRules: [{88489503-0BAD-48A7-8B16-54A479A747B9}] => (Allow) C:\Program Files (x86)\Hold Page\bin\HoldPage.BRT.Helper.exe
FirewallRules: [{E0A70568-B769-4F79-8568-2673297CAC83}] => (Allow) C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1A72DBB1-26AC-4D34-BF0C-6603F7DE790B}] => (Allow) C:\Users\AnimaAngelo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{12262F90-8C83-4A36-8BEF-E8C8E742867B}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{CFDBE26E-C353-44CD-9F7D-E22A418C8EFB}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
FirewallRules: [{A5F61476-C186-47E5-8AF7-B70298901E63}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3EFED061-B926-4C39-A588-AA0062905521}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{72E082E3-FBF5-4676-8ECB-15E9ACD19592}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F52BDBC8-05A8-42F6-9C4D-840F519FD37C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{ADBB6802-A946-4B90-A1F9-D98A2E202CF6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{BF4B00F5-74FF-4DC9-91CC-5D240E645123}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{06DED6C4-F606-4CC3-84F6-A654DBA1773E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7C1FCEAF-4CE4-4CCB-A5B3-75738B0D2D4B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{222E564C-13F5-4CF0-A1AD-DAC00570D3E3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{628A5656-80A8-4CA6-936D-2F0235CEC82A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{FA317F8C-EDDB-4FAA-9B67-12E6C5B96731}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{13D2BCA5-8319-460A-9F99-F60C748CC300}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{C4E24E2C-1005-4656-AC7C-665F50AE02B3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{67DD19BD-F8DD-42E6-8CFD-017E5E55DE37}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{BA02D6B1-A23B-439C-8297-D50D9B4853B6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{FB4A7DC5-BC5E-4125-B587-E269F9EC3641}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{D859A692-02B3-4A50-9F96-42F172B2F993}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{1FE8B306-4B8B-4C32-93E8-BF280F146DD1}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{057F7120-9E98-4AF7-A2EE-3FC42F9AB07D}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{C6966761-7BD8-47E8-BBD5-25D9E1C77B2D}C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe] => (Allow) C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe
FirewallRules: [UDP Query User{2A60625F-2F1B-481D-B9DC-E3E40943E7C4}C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe] => (Allow) C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe
FirewallRules: [{5F18D4B9-5A3F-4DCF-9B00-D3F61DCE57E0}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{73AE9337-E947-44DD-BD39-056926D581E0}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [TCP Query User{272775FA-E3D5-4011-8369-907AFD887EEE}C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe] => (Allow) C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe
FirewallRules: [UDP Query User{B0F4F868-B32B-4F3A-8D55-AC9169E25130}C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe] => (Allow) C:\program files (x86)\banamalon\windows remote service\windowsremoteservice.exe
FirewallRules: [{4579B547-F34C-4764-8978-B0419F5B001D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{51FC4184-E6F1-466E-85CB-34768748A706}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7815829B-1367-49C0-9F24-20066DDED011}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EA7A570-05FC-4AB8-BAA6-B96141B0E525}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{61E2CF36-9877-46E6-BDBA-B6ACFD52EE37}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CE56EAD7-D783-49E0-9011-C79C00CF498F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ABFED508-E1C1-4AE6-BCDF-33CDACB9904E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe
FirewallRules: [{FB099AF4-E165-457C-B8D1-9BA275B448CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe
FirewallRules: [{E7A06105-251B-4990-A3FC-706754277D81}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{4B57D089-EBD1-4124-AD05-48D707C484BB}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{6C7CF9D6-9D05-4B43-B81D-32B4A436991A}C:\program files (x86)\wifiremotes\wifiremotesserver\wifiremotes.exe] => (Allow) C:\program files (x86)\wifiremotes\wifiremotesserver\wifiremotes.exe
FirewallRules: [UDP Query User{DF995BC5-DB97-4CBA-89A9-B4FB77926826}C:\program files (x86)\wifiremotes\wifiremotesserver\wifiremotes.exe] => (Allow) C:\program files (x86)\wifiremotes\wifiremotesserver\wifiremotes.exe
FirewallRules: [{9BCC964C-F0B9-45F2-B1C9-E49D7664F7BC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{57B5FC77-F7AF-41B4-A3E9-DFF9D5BFD8CC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{93836E88-59E8-4105-804C-72D270F32AED}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{0C709A32-ADA1-4152-8174-93DACDB8BCA7}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe
FirewallRules: [{D44C88E2-B2DA-43FF-B3CC-892D93B91B5A}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe
FirewallRules: [{F77E5E57-DE31-4EAE-8F29-898DBA741F25}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe
FirewallRules: [{B94DFA0C-B379-4636-96FD-C0E306A88FD5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{E4DEC178-E9C7-44B1-AD89-0DB3F8212722}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{1B079D3C-CC22-44EB-AFEC-204F969B76FD}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{D0360761-4E37-43BB-A340-06C0B39C2B32}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{E4CC9A2D-619B-4B21-A6FA-2C0E703560DC}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [{E4FB9923-F742-4872-B37F-98B46B143E09}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe
FirewallRules: [{EA2B2B0A-7C91-400C-AD3C-6AEAB42EEC30}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe
FirewallRules: [{8EFF34A6-BCEF-4A68-9FA2-CC9A95C07ED1}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe
FirewallRules: [{13CAFF5E-54DB-4127-A8CA-95C960746983}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{1F26FB0E-1CF5-4AD2-B3A4-FFC7A81DD0BC}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe
FirewallRules: [{DE5110E4-AC32-443C-B342-8FCAE9BD4C5E}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{BF8E594E-6436-41D1-891E-9F2DE671197E}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{6E37C589-221C-43DA-9763-1388A24E0436}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{933711E4-F4F6-415A-8D73-BF5DE1FA0D32}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{1495BE6A-50A3-4CAA-853C-57DA8E43F914}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{37DC1FF2-4992-434D-A003-34B2A348C8FB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2015 10:19:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 09:45:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary HookCentre.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary G Data Rootkit Detector Driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary GDBehave.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/07/2015 09:23:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2414973931-2264080825-886326512-1004.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
  OnIdentify-Ereignis
  Generatordaten werden gesammelt

Kontext:
  Ausführungskontext: Shadow Copy Optimization Writer
  Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
  Generatorname: Shadow Copy Optimization Writer
  Generatorinstanz-ID: {d5bc14ac-eafd-4316-bead-1baef6dba14c}

Error: (07/04/2015 02:40:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1354

Startzeit: 01d0b64c38563310

Endzeit: 525

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: ca4e3781-2249-11e5-8b60-e811328cda84

Error: (07/04/2015 01:26:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10b8

Startzeit: 01d0b64927996a48

Endzeit: 820

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: 74244966-223f-11e5-8b60-e811328cda84

Error: (07/04/2015 01:04:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4a8

Startzeit: 01d0b645ccaf34f4

Endzeit: 65

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: 63c9ebf7-223c-11e5-8b60-e811328cda84

Error: (07/04/2015 00:40:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f48

Startzeit: 01d0b6278a124d32

Endzeit: 47

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 08442a38-2239-11e5-8b60-e811328cda84


System errors:
=============
Error: (07/07/2015 10:17:26 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/07/2015 10:16:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/07/2015 10:16:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (07/07/2015 10:15:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎07.‎2015 um 22:12:59 unerwartet heruntergefahren.

Error: (07/07/2015 10:06:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet:
%%10106

Error: (07/07/2015 10:06:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet:
%%10106

Error: (07/07/2015 10:06:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet:
%%10106

Error: (07/07/2015 10:06:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet:
%%10106

Error: (07/07/2015 10:06:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet:
%%10106

Error: (07/07/2015 10:06:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde mit folgendem Fehler beendet:
%%10106


Microsoft Office:
=========================
Error: (07/07/2015 10:19:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 09:45:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary HookCentre.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary G Data Rootkit Detector Driver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/07/2015 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary GDBehave.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/07/2015 09:23:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2414973931-2264080825-886326512-1004.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
  OnIdentify-Ereignis
  Generatordaten werden gesammelt

Kontext:
  Ausführungskontext: Shadow Copy Optimization Writer
  Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
  Generatorname: Shadow Copy Optimization Writer
  Generatorinstanz-ID: {d5bc14ac-eafd-4316-bead-1baef6dba14c}

Error: (07/04/2015 02:40:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.17567135401d0b64c38563310525C:\Windows\explorer.execa4e3781-2249-11e5-8b60-e811328cda84

Error: (07/04/2015 01:26:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.1756710b801d0b64927996a48820C:\Windows\explorer.exe74244966-223f-11e5-8b60-e811328cda84

Error: (07/04/2015 01:04:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.175674a801d0b645ccaf34f465C:\Windows\explorer.exe63c9ebf7-223c-11e5-8b60-e811328cda84

Error: (07/04/2015 00:40:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567f4801d0b6278a124d3247C:\Windows\Explorer.EXE08442a38-2239-11e5-8b60-e811328cda84


==================== Memory info ===========================

Processor: AMD E-350 Processor
Percentage of memory in use: 29%
Total physical RAM: 6124.12 MB
Available physical RAM: 4323.89 MB
Total Virtual: 12246.41 MB
Available Virtual: 9644.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:290.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 9E42B876)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

schrauber 08.07.2015 06:44
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

AnimaAngelo 08.07.2015 07:40
Hmm ok geladen ist es schon mal. Heute Abend werde ich es erst ausführen können da die Arbeit ruft. Danke schonmal für die Hilfe.

schrauber 08.07.2015 12:52
ok :)

AnimaAngelo 08.07.2015 20:48
Code:
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Internet Manager. RunOuc;Internet Manager. OUC;c:\program files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe;c:\program files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [x]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
R3 GDTunerSvc;G*DATA Tuner Service;c:\program files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe;c:\program files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 HiSuiteOuc64.exe;HiSuiteOuc64.exe;c:\programdata\HiSuiteOuc\HiSuiteOuc64.exe;c:\programdata\HiSuiteOuc\HiSuiteOuc64.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe [x]
R3 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 X6va028;X6va028;c:\windows\SysWOW64\Drivers\X6va028;c:\windows\SysWOW64\Drivers\X6va028 [x]
R3 X6va029;X6va029;c:\windows\SysWOW64\Drivers\X6va029;c:\windows\SysWOW64\Drivers\X6va029 [x]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys;c:\windows\SYSNATIVE\drivers\eubakup.sys [x]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys;c:\windows\SYSNATIVE\drivers\EUBKMON.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 TS4NT;TS4nt driver;c:\windows\System32\Drivers\TS4nt.sys;c:\windows\SYSNATIVE\Drivers\TS4nt.sys [x]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys;c:\windows\SYSNATIVE\drivers\eudskacs.sys [x]
S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys;c:\windows\SYSNATIVE\drivers\EuFdDisk.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AVKProxy;G*DATA*ANTIVIRUS Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G*DATA Scheduler;c:\program files (x86)\G DATA\TotalProtection\AVK\AVKService.exe;c:\program files (x86)\G DATA\TotalProtection\AVK\AVKService.exe [x]
S2 AVKWCtl;G*DATA Dateisystem Wächter;c:\program files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe;c:\program files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe [x]
S2 EaseUS Agent;EaseUS Agent Service;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [x]
S2 GDBackupSvc;G*DATA Backup Service;c:\program files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe;c:\program files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 ETD;Samsung PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 GDFwSvc;G*DATA Personal Firewall;c:\program files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe [x]
S3 GDKBB;G Data GDKBB Driver;c:\windows\system32\drivers\GDKBB64.sys;c:\windows\SYSNATIVE\drivers\GDKBB64.sys [x]
S3 GDKBFlt;G Data GDKBFlt Driver;c:\windows\system32\drivers\GDKBFlt64.sys;c:\windows\SYSNATIVE\drivers\GDKBFlt64.sys [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
S3 GDScan;G*DATA Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TSNxGService;G DATA Datensafe Service;c:\program files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe;c:\program files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe [x]
S3 uvhid;Unified Virtual HID;c:\windows\system32\DRIVERS\uvhid.sys;c:\windows\SYSNATIVE\DRIVERS\uvhid.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-07 18:07        991048        ----a-w-        c:\program files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-04 c:\windows\Tasks\DriverEasy Scheduled Scan.job
- c:\program files\Easeware\DriverEasy\DriverEasy.exe [2014-10-03 07:06]
.
2015-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-03 12:46]
.
2015-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-03 12:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = https://www.google.com/?trackid=sp-006
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\ANIMAA~1\AppData\Local\Temp\ie_script.htm
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: NameServer = 10.74.210.210 10.74.210.211
TCP: Interfaces\{FAD4FCBB-98C1-4E3F-9136-68110F77C474}: NameServer = 10.74.210.210 10.74.210.211
FF - ProfilePath - c:\users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search/?trackid=sp-006
FF - prefs.js: browser.search.selectedEngine - Google (avast)
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/?trackid=sp-006
FF - prefs.js: keyword.URL - hxxps://www.google.com/search/?trackid=sp-006
user_pref(extensions.autoDisableScopes,14);
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va028]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va028"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va029]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va029"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-07-08  21:43:54
ComboFix-quarantined-files.txt  2015-07-08 19:43
.
Vor Suchlauf: 11 Verzeichnis(se), 308.530.753.536 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 308.101.779.456 Bytes frei
.
- - End Of File - - D46255B08ADAABDDC2971E916C786023
A36C5E4F47E84449FF07ED3517B43A31



Ach du Sch.... ich werde daraus echt nicht schlau. Bin echt froh das andere was damit anfangen können. Naja hier auf jeden Fall die Log auch wenn diese echt fast zwei Stunden gedauert hat.

schrauber 09.07.2015 08:39
Das log ist unvollständig. Kannste das bitte nochmal posten?

AnimaAngelo 09.07.2015 22:58
Code:
ComboFix 15-07-08.01 - AnimaAngelo 09.07.2015  23:36:26.4.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.6124.3404 [GMT 2:00]
ausgeführt von:: c:\users\AnimaAngelo\Desktop\ComboFix.exe
AV: G DATA TOTAL PROTECTION *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
FW: G*DATA Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
SP: G DATA TOTAL PROTECTION *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2015-06-09 bis 2015-07-09  ))))))))))))))))))))))))))))))
.
.
2015-07-09 21:50 . 2015-07-09 21:50        --------        d-----w-        c:\users\TEMP\AppData\Local\temp
2015-07-09 21:50 . 2015-07-09 21:50        --------        d-----w-        c:\users\Lea&Pia.man\AppData\Local\temp
2015-07-09 21:50 . 2015-07-09 21:50        --------        d-----w-        c:\users\Default\AppData\Local\temp
2015-07-07 20:34 . 2015-07-07 20:38        --------        d-----w-        C:\FRST
2015-07-07 20:06 . 2015-07-07 20:06        75776        ----a-w-        c:\windows\system32\drivers\PktIcpt.sys
2015-07-07 20:05 . 2015-07-07 20:05        98760        ----a-w-        c:\windows\system32\drivers\TS4nt.sys
2015-07-07 20:05 . 2015-07-07 20:05        27648        ----a-w-        c:\windows\system32\drivers\GDKBB64.sys
2015-07-07 20:05 . 2015-07-07 20:05        20992        ----a-w-        c:\windows\system32\drivers\GDKBFlt64.sys
2015-07-07 20:04 . 2015-07-07 20:04        64512        ----a-w-        c:\windows\system32\drivers\gdwfpcd64.sys
2015-07-07 20:03 . 2015-07-07 20:03        --------        d-----w-        c:\windows\SysWow64\wbem\Logs
2015-07-07 20:03 . 2015-07-07 20:03        230400        ----a-w-        c:\windows\system32\drivers\MiniIcpt.sys
2015-07-07 20:03 . 2015-07-07 20:03        150016        ----a-w-        c:\windows\system32\drivers\GDBehave.sys
2015-07-07 20:03 . 2015-07-07 20:03        124928        ----a-w-        c:\windows\system32\drivers\HookCentre.sys
2015-07-07 20:02 . 2015-07-07 20:02        --------        d-----w-        c:\programdata\G DATA Software
2015-07-07 20:01 . 2015-07-07 20:01        --------        d-----w-        c:\program files (x86)\Common Files\G Data
2015-07-07 18:58 . 2015-02-04 03:16        465920        ----a-w-        c:\windows\system32\WMPhoto.dll
2015-07-07 18:58 . 2015-02-04 02:54        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll
2015-07-05 17:09 . 2015-07-05 17:09        --------        d-----w-        c:\users\AnimaAngelo\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2015-07-05 17:06 . 2015-07-05 17:06        --------        d-----w-        c:\users\AnimaAngelo\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2015-06-28 11:21 . 2015-06-28 11:21        --------        d-----w-        c:\users\AnimaAngelo\.thumbnails
2015-06-28 10:37 . 2015-06-28 11:31        --------        d-----w-        c:\users\AnimaAngelo\AppData\Local\gtk-2.0
2015-06-28 10:28 . 2015-06-28 10:28        --------        d-----w-        c:\users\AnimaAngelo\AppData\Local\fontconfig
2015-06-28 10:28 . 2015-06-28 11:51        --------        d-----w-        c:\users\AnimaAngelo\.gimp-2.8
2015-06-28 10:28 . 2015-06-28 10:28        --------        d-----w-        c:\users\AnimaAngelo\AppData\Local\gegl-0.2
2015-06-28 10:10 . 2015-06-28 10:15        --------        d-----w-        c:\program files\GIMP 2
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-01 16:13 . 2014-10-03 13:59        20160        ----a-w-        c:\windows\system32\drivers\GUBootStartup.sys
2015-05-30 13:10 . 2015-05-30 13:10        30424        ----a-w-        c:\windows\system32\drivers\ggsomc.sys
2015-05-30 13:10 . 2015-05-30 13:10        16088        ----a-w-        c:\windows\system32\drivers\ggflt.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2015-06-23 37152]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"GoogleChromeAutoLaunch_E24E5488099F34B5CE81DB9BDD8DD73F"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-07-07 813896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"GDFirewallTray"="c:\program files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe" [2015-02-20 1855608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          autocheck autochk *
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Internet Manager. RunOuc;Internet Manager. OUC;c:\program files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe;c:\program files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [x]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
R3 GDTunerSvc;G*DATA Tuner Service;c:\program files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe;c:\program files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 HiSuiteOuc64.exe;HiSuiteOuc64.exe;c:\programdata\HiSuiteOuc\HiSuiteOuc64.exe;c:\programdata\HiSuiteOuc\HiSuiteOuc64.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe [x]
R3 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 X6va028;X6va028;c:\windows\SysWOW64\Drivers\X6va028;c:\windows\SysWOW64\Drivers\X6va028 [x]
R3 X6va029;X6va029;c:\windows\SysWOW64\Drivers\X6va029;c:\windows\SysWOW64\Drivers\X6va029 [x]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys;c:\windows\SYSNATIVE\drivers\eubakup.sys [x]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys;c:\windows\SYSNATIVE\drivers\EUBKMON.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 TS4NT;TS4nt driver;c:\windows\System32\Drivers\TS4nt.sys;c:\windows\SYSNATIVE\Drivers\TS4nt.sys [x]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys;c:\windows\SYSNATIVE\drivers\eudskacs.sys [x]
S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys;c:\windows\SYSNATIVE\drivers\EuFdDisk.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AVKProxy;G*DATA*ANTIVIRUS Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G*DATA Scheduler;c:\program files (x86)\G DATA\TotalProtection\AVK\AVKService.exe;c:\program files (x86)\G DATA\TotalProtection\AVK\AVKService.exe [x]
S2 AVKWCtl;G*DATA Dateisystem Wächter;c:\program files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe;c:\program files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe [x]
S2 EaseUS Agent;EaseUS Agent Service;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [x]
S2 GDBackupSvc;G*DATA Backup Service;c:\program files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe;c:\program files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 ETD;Samsung PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 GDFwSvc;G*DATA Personal Firewall;c:\program files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe [x]
S3 GDKBB;G Data GDKBB Driver;c:\windows\system32\drivers\GDKBB64.sys;c:\windows\SYSNATIVE\drivers\GDKBB64.sys [x]
S3 GDKBFlt;G Data GDKBFlt Driver;c:\windows\system32\drivers\GDKBFlt64.sys;c:\windows\SYSNATIVE\drivers\GDKBFlt64.sys [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
S3 GDScan;G*DATA Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TSNxGService;G DATA Datensafe Service;c:\program files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe;c:\program files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe [x]
S3 uvhid;Unified Virtual HID;c:\windows\system32\DRIVERS\uvhid.sys;c:\windows\SYSNATIVE\DRIVERS\uvhid.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-07 18:07        991048        ----a-w-        c:\program files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-04 c:\windows\Tasks\DriverEasy Scheduled Scan.job
- c:\program files\Easeware\DriverEasy\DriverEasy.exe [2014-10-03 07:06]
.
2015-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-03 12:46]
.
2015-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-03 12:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10        164760        ----a-w-        c:\users\AnimaAngelo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = https://www.google.com/?trackid=sp-006
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\ANIMAA~1\AppData\Local\Temp\ie_script.htm
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: NameServer = 10.74.210.210 10.74.210.211
TCP: Interfaces\{FAD4FCBB-98C1-4E3F-9136-68110F77C474}: NameServer = 10.74.210.210 10.74.210.211
FF - ProfilePath - c:\users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va028]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va028"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va029]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va029"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-07-09  23:55:57
ComboFix-quarantined-files.txt  2015-07-09 21:55
ComboFix2.txt  2015-07-08 19:43
.
Vor Suchlauf: 13 Verzeichnis(se), 310.918.598.656 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 314.195.525.632 Bytes frei
.
- - End Of File - - 6773C4B3E17F18481EC485E765057BC5
A36C5E4F47E84449FF07ED3517B43A31
Ok ich hoffe mal nun ist es richtig und komplett.

schrauber 10.07.2015 14:52
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

AnimaAngelo 11.07.2015 13:02
Hier mal die ganzen Log´s
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 11.07.2015 13:18:37, SYSTEM, ANIMAANGELO-PC, Manual, IP Database, 0.0.0.0, 2015.6.12.1,
Update, 11.07.2015 13:18:37, SYSTEM, ANIMAANGELO-PC, Manual, Remediation Database, 2015.3.9.1, 2015.7.1.2,
Update, 11.07.2015 13:18:37, SYSTEM, ANIMAANGELO-PC, Manual, Rootkit Database, 2015.2.25.1, 2015.7.10.1,
Update, 11.07.2015 13:18:37, SYSTEM, ANIMAANGELO-PC, Manual, Domain Database, 0.0.0.0, 2015.6.12.1,
Update, 11.07.2015 13:18:53, SYSTEM, ANIMAANGELO-PC, Manual, Malware Database, 2015.3.9.5, 2015.7.11.2,

(end)
Code:
# AdwCleaner v4.208 - Bericht erstellt 11/07/2015 um 13:41:08
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-10.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : AnimaAngelo - ANIMAANGELO-PC
# Gestarted von : C:\Users\AnimaAngelo\Desktop\AdwCleaner_4.208 (2).exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.reimageplus.com_0.localstorage
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.reimageplus.com_0.localstorage-journal
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
Datei Gefunden : C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gefunden : C:\Users\AnimaAngelo\Favorites\Links\Startfenster.lnk
Datei Gefunden : C:\Users\AnimaAngelo\Favorites\Links\Startfenster.lnk
Datei Gefunden : C:\Users\AnimaAngelo\Favorites\Startfenster.lnk
Datei Gefunden : C:\Users\AnimaAngelo\Favorites\Startfenster.lnk
Datei Gefunden : C:\Windows\System32\ColorMedia64.dll
Ordner Gefunden : C:\Program Files (x86)\globalUpdate
Ordner Gefunden : C:\Program Files (x86)\ProductUI
Ordner Gefunden : C:\Program Files (x86)\Smart Driver Updater
Ordner Gefunden : C:\Program Files (x86)\systemuphold
Ordner Gefunden : C:\ProgramData\apn
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater
Ordner Gefunden : C:\Users\AnimaAngelo\AppData\Local\52EFD554-1430571410-11E0-9946-D43C45FF37ED
Ordner Gefunden : C:\Users\AnimaAngelo\AppData\Local\52EFD554-1430571466-11E0-9946-D43C45FF37ED
Ordner Gefunden : C:\Users\AnimaAngelo\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjlohfdjcjhmfcabomglnciodlnplhk
Ordner Gefunden : C:\Users\AnimaAngelo\AppData\Roaming\Smart Driver Updater

***** [ Geplante Tasks ] *****

Task Gefunden : DriverEasy Scheduled Scan

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Daten Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:50830;hxxps=127.0.0.1:50830
Schlüssel Gefunden : HKCU\Software\DriverTuner
Schlüssel Gefunden : HKCU\Software\DriverTuner_Init
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\vi-view.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D38A0921-59AE-41C4-A9DD-3551386D748E}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Smart Driver Updater
Schlüssel Gefunden : [x64] HKCU\Software\DriverTuner
Schlüssel Gefunden : [x64] HKCU\Software\DriverTuner_Init
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D38A0921-59AE-41C4-A9DD-3551386D748E}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\Smart Driver Updater
Schlüssel Gefunden : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\0e64137f-9132-3721-bd1e-2aaa625e056f
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1DA17428-323D-48FF-857C-98CFEE48BFD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9C81D00A-3DAA-48AB-90C7-8252119ABB93}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Driver Updater_is1
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{50F60937-910A-4C05-8E36-FE4E299191CF}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D38A0921-59AE-41C4-A9DD-3551386D748E}
Wert Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Wert Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v33.0 (x86 de)


-\\ Google Chrome v43.0.2357.132

[C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.ask.com/

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [7287 Bytes] - [11/07/2015 13:41:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7346 Bytes] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.2 (07.10.2015:3)
OS: Windows 7 Home Premium x64
Ran by AnimaAngelo on 11.07.2015 at 13:44:02,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\DriverEasy Scheduled Scan
Successfully deleted: [Task] C:\Windows\tasks\DriverEasy Scheduled Scan.job



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_E24E5488099F34B5CE81DB9BDD8DD73F



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D38A0921-59AE-41C4-A9DD-3551386D748E}



~~~ Files

Successfully deleted: [File] C:\Users\AnimaAngelo\appdata\local\google\chrome\user data\default\local storage\chrome-extension_elicpjhcidhpjomhibiffojpinpmmpil_0.localstorage
Successfully deleted: [File] C:\Users\AnimaAngelo\appdata\local\google\chrome\user data\default\local storage\chrome-extension_elicpjhcidhpjomhibiffojpinpmmpil_0.localstorage-journal
Successfully deleted: [File] C:\Users\AnimaAngelo\appdata\local\google\chrome\user data\default\local storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
Successfully deleted: [File] C:\Users\AnimaAngelo\appdata\local\google\chrome\user data\default\local storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal
Successfully deleted: [File] C:\Users\AnimaAngelo\appdata\local\google\chrome\user data\default\local storage\hxxp_www.similarsitesearch.com_0.localstorage
Successfully deleted: [File] C:\Users\AnimaAngelo\appdata\local\google\chrome\user data\default\local storage\hxxp_www.similarsitesearch.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\AnimaAngelo\appdata\local\google\chrome\user data\default\local storage\hxxp_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\AnimaAngelo\appdata\local\google\chrome\user data\default\local storage\hxxp_www.superfish.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\AnimaAngelo\appdata\local\google\chrome\user data\default\local storage\hxxps_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\AnimaAngelo\appdata\local\google\chrome\user data\default\local storage\hxxps_www.superfish.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\AnimaAngelo\AppData\Roaming\microsoft\internet explorer\quick launch\startfenster.lnk
Successfully deleted: [File] C:\Users\AnimaAngelo\AppData\Roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\startfenster.lnk
Successfully deleted: [File] C:\Users\AnimaAngelo\AppData\Roaming\microsoft\windows\start menu\startfenster.lnk



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\globalupdate
Successfully deleted: [Folder] C:\Program Files (x86)\productui
Successfully deleted: [Folder] C:\ProgramData\apn
Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\drivereasy
Successfully deleted: [Folder] C:\Users\AnimaAngelo\appdata\local\crashrpt
Successfully deleted: [Folder] C:\Users\AnimaAngelo\appdata\local\globalupdate



~~~ Chrome

Successfully deleted: [Folder] C:\Users\AnimaAngelo\appdata\local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil

[C:\Users\AnimaAngelo\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\AnimaAngelo\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
elicpjhcidhpjomhibiffojpinpmmpil
jjflmfkjppbmejlfbhlpgjnomdoefkfa
papbadoldddalgcjcicnikcfenodpghp

[C:\Users\AnimaAngelo\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\AnimaAngelo\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  booedmolknjekdopkepjjeckmjkdpfgl,
  elicpjhcidhpjomhibiffojpinpmmpil,
  flpcjncodpafbgdpnkljologafpionhb,
  jjflmfkjppbmejlfbhlpgjnomdoefkfa,
  papbadoldddalgcjcicnikcfenodpghp
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.07.2015 at 13:54:05,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by AnimaAngelo (administrator) on ANIMAANGELO-PC on 11-07-2015 13:55:29
Running from C:\Users\AnimaAngelo\Desktop
Loaded Profiles: AnimaAngelo (Available Profiles: AnimaAngelo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-04-14] (Malwarebytes Corporation)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-06-23] (Glarysoft Ltd)
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2414973931-2264080825-886326512-1004\User: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2414973931-2264080825-886326512-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:50830;https=127.0.0.1:50830
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {D38A0921-59AE-41C4-A9DD-3551386D748E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {D38A0921-59AE-41C4-A9DD-3551386D748E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll No File
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 15 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{524AAAB2-4000-4EF8-A966-E188B9E7B364}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{D4B7BC8A-52DC-4545-93F5-A9D734E39B1D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FAD4FCBB-98C1-4E3F-9136-68110F77C474}: [NameServer] 10.74.210.210 10.74.210.211

FireFox:
========
FF ProfilePath: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF SearchPlugin: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\searchplugins\google-avast.xml [2015-01-04]
FF Extension: Amazon-Icon - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\amazon-icon@giga.de [2015-02-15]
FF Extension: Web Developer - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-10-21]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: No Name - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [not found]

Chrome:
=======
CHR Profile: C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-03]
CHR Extension: (Angry Birds) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-10-03]
CHR Extension: (Google Docs) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-03]
CHR Extension: (Google Drive) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-03]
CHR Extension: (YouTube) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-03]
CHR Extension: (Adblock Plus) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-03]
CHR Extension: (Google Search) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-03]
CHR Extension: (Strategy & Defense games) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\djkpilpcldinocafgnnnecbgdmpebcki [2014-10-03]
CHR Extension: (Google Sheets) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-03]
CHR Extension: (Download Helper) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjlohfdjcjhmfcabomglnciodlnplhk [2015-06-14]
CHR Extension: (Tower Defense Games) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdmjbldddnejdajkmmledjohhccahell [2014-10-03]
CHR Extension: (Dragon Ball Z mmorpg game !) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljhjkncoceojjbadalclgdinmijjien [2014-10-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (12 Towers) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdkeklohckaijapmmneogbfelodgbdck [2014-10-03]
CHR Extension: (Red Alien) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlklddbgohcheiaiidjodbnlfcipcdeo [2014-10-03]
CHR Extension: (Google Wallet) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-03]
CHR Extension: (Amazon) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-15]
CHR Extension: (Bitdefender QuickScan) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-07-07]
CHR Extension: (Gmail) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-03]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\AnimaAngelo\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2527864 2015-03-04] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
S3 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-03-13] (Foxit Software Inc.)
S2 GDBackupSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe [3881080 2015-02-20] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe [2235512 2015-02-20] (G Data Software AG)
S3 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138544 2015-03-31] ()
S3 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2015-03-31] ()
S3 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-05] (Electronic Arts)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [836288 2015-03-24] (Valve Corporation) [File not signed]
S3 TSNxGService; C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-26] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-07-07] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-07-07] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-07-07] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-07-07] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-07-07] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-07-07] (G Data Software AG)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-05-30] (Sony Mobile Communications)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-01] (Glarysoft Ltd)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-07-07] (G Data Software AG)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-08-16] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-03-09] (Huawei Technologies Co., Ltd.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2015-07-07] (G Data Software)
R3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [25592 2015-03-19] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 13:55 - 2015-07-11 13:55 - 00017484 _____ C:\Users\AnimaAngelo\Desktop\FRST.txt
2015-07-11 13:54 - 2015-07-11 13:54 - 00004474 _____ C:\Users\AnimaAngelo\Desktop\JRT.txt
2015-07-11 13:41 - 2015-07-11 13:42 - 00000000 ____D C:\AdwCleaner
2015-07-11 13:39 - 2015-07-11 13:39 - 00000582 _____ C:\Users\AnimaAngelo\Desktop\MBAM.txt
2015-07-11 13:18 - 2015-07-11 13:40 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-11 13:18 - 2015-07-11 13:15 - 02248704 _____ C:\Users\AnimaAngelo\Desktop\AdwCleaner_4.208 (2).exe
2015-07-11 13:18 - 2015-07-11 13:14 - 03034370 _____ (Malwarebytes Corporation) C:\Users\AnimaAngelo\Desktop\JRT.exe
2015-07-11 13:17 - 2015-07-11 13:17 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-11 13:17 - 2015-07-11 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-11 13:17 - 2015-07-11 13:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-11 13:17 - 2015-07-11 13:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-11 13:17 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-11 13:17 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-11 13:17 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-11 13:15 - 2015-07-11 13:15 - 02248704 _____ C:\Users\AnimaAngelo\Downloads\AdwCleaner_4.208 (2).exe
2015-07-11 13:14 - 2015-07-11 13:14 - 03034370 _____ (Malwarebytes Corporation) C:\Users\AnimaAngelo\Downloads\JRT.exe
2015-07-11 13:14 - 2015-07-11 13:14 - 02248704 _____ C:\Users\AnimaAngelo\Downloads\Nicht bestätigt 401810.crdownload
2015-07-11 13:13 - 2015-07-11 13:14 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\AnimaAngelo\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-11 13:13 - 2015-07-11 13:13 - 02248704 _____ C:\Users\AnimaAngelo\Downloads\Nicht bestätigt 703701.crdownload
2015-07-09 23:55 - 2015-07-09 23:55 - 00018500 _____ C:\ComboFix.txt
2015-07-08 08:11 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-08 08:11 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-08 08:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-08 08:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-08 08:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-08 08:11 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-08 08:11 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-08 08:11 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-08 08:10 - 2015-07-09 23:56 - 00000000 ____D C:\Qoobox
2015-07-08 08:08 - 2015-07-08 21:39 - 00000000 ____D C:\Windows\erdnt
2015-07-08 08:07 - 2015-07-09 23:28 - 05632279 ____R (Swearware) C:\Users\AnimaAngelo\Desktop\ComboFix.exe
2015-07-07 22:37 - 2015-07-07 22:38 - 00046554 _____ C:\Users\AnimaAngelo\Downloads\Addition.txt
2015-07-07 22:34 - 2015-07-11 13:55 - 00000000 ____D C:\FRST
2015-07-07 22:34 - 2015-07-07 22:38 - 00034139 _____ C:\Users\AnimaAngelo\Downloads\FRST.txt
2015-07-07 22:33 - 2015-07-07 22:34 - 02112512 _____ (Farbar) C:\Users\AnimaAngelo\Desktop\FRST64.exe
2015-07-07 22:06 - 2015-07-07 22:06 - 00075776 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2015-07-07 22:05 - 2015-07-07 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2015-07-07 22:05 - 2015-07-07 22:05 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00002003 _____ C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk
2015-07-07 22:05 - 2015-07-07 22:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2015-07-07 22:05 - 2015-07-07 22:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf
2015-07-07 22:04 - 2015-07-07 22:04 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00230400 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00150016 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00124928 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2015-07-07 22:02 - 2015-07-07 22:02 - 00001962 _____ C:\Windows\DPINST.LOG
2015-07-07 22:02 - 2015-07-07 22:02 - 00000000 ____D C:\ProgramData\G DATA Software
2015-07-07 21:40 - 2015-07-11 12:54 - 00101918 _____ C:\Windows\PFRO.log
2015-07-07 21:09 - 2015-07-07 21:19 - 265261840 _____ (G Data Software AG) C:\Users\AnimaAngelo\Downloads\INT_R_BASE_TP.exe
2015-07-07 20:58 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-07 20:58 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-07-07 20:54 - 2015-07-07 20:54 - 00039480 _____ C:\Users\AnimaAngelo\Downloads\qsinstaller.exe
2015-07-05 19:09 - 2015-07-05 19:09 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2015-07-05 19:06 - 2015-07-05 19:06 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2015-07-05 16:05 - 2015-07-05 16:46 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Musik USB
2015-07-01 20:54 - 2015-07-01 22:53 - 00000000 ____D C:\Users\AnimaAngelo\Downloads\Ballermann Hist 2015 3CD
2015-07-01 18:42 - 2015-07-01 18:43 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Ivonne
2015-07-01 18:41 - 2015-07-11 12:55 - 00003932 _____ C:\Windows\setupact.log
2015-07-01 18:41 - 2015-07-01 18:41 - 00000000 _____ C:\Windows\setuperr.log
2015-07-01 18:40 - 2015-07-01 20:54 - 410920847 _____ C:\Users\AnimaAngelo\Downloads\VA-Ballermann_Hits_2015_XXL-3CD-DE-2015.rar
2015-07-01 18:11 - 2015-07-01 18:12 - 15199032 _____ C:\Users\AnimaAngelo\Downloads\Glary_Utilities_v5.28.0.48.exe
2015-07-01 18:01 - 2015-07-01 20:42 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Spiele
2015-06-28 13:49 - 2015-06-28 13:49 - 00002725 _____ C:\Users\AnimaAngelo\AppData\Local\recently-used.xbel
2015-06-28 13:21 - 2015-06-28 13:21 - 00000000 ____D C:\Users\AnimaAngelo\.thumbnails
2015-06-28 12:37 - 2015-06-28 13:31 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Local\gtk-2.0
2015-06-28 12:28 - 2015-06-28 13:51 - 00000000 ____D C:\Users\AnimaAngelo\.gimp-2.8
2015-06-28 12:28 - 2015-06-28 12:28 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Local\gegl-0.2
2015-06-28 12:17 - 2015-06-28 12:17 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-06-28 12:10 - 2015-06-28 12:15 - 00000000 ____D C:\Program Files\GIMP 2
2015-06-28 11:46 - 2015-06-28 11:49 - 91931728 _____ (The GIMP Team ) C:\Users\AnimaAngelo\Downloads\gimp-2.8.14-setup-1.exe
2015-06-14 16:15 - 2015-06-14 16:16 - 32193426 _____ C:\Users\AnimaAngelo\Downloads\NENA - In meinem Leben [Official Video].mp4
2015-06-14 16:13 - 2015-06-14 16:13 - 07127074 _____ C:\Users\AnimaAngelo\Downloads\Isso - Mateo Lyrics.mp4
2015-06-14 16:09 - 2015-06-14 16:10 - 34694964 _____ C:\Users\AnimaAngelo\Downloads\NightcOrE - So Allein - lyrics.mp4
2015-06-14 16:08 - 2015-06-14 16:08 - 20472405 _____ C:\Users\AnimaAngelo\Downloads\Christina Stürmer Millionen Lichter lyrics.mp4
2015-06-14 16:02 - 2015-06-14 16:02 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-14 15:48 - 2015-06-14 15:49 - 36127464 _____ (DVDVideoSoft Ltd. ) C:\Users\AnimaAngelo\Downloads\FreeYouTubeToMP3Converter_3.12.59.525.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 13:08 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-11 13:08 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-11 13:04 - 2014-10-03 12:28 - 02015285 _____ C:\Windows\WindowsUpdate.log
2015-07-11 13:04 - 2011-03-20 11:08 - 00699236 _____ C:\Windows\system32\perfh007.dat
2015-07-11 13:04 - 2011-03-20 11:08 - 00149344 _____ C:\Windows\system32\perfc007.dat
2015-07-11 13:04 - 2009-07-14 07:13 - 01618848 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-11 12:56 - 2009-07-14 07:08 - 00031492 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-11 12:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 23:50 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-09 19:20 - 2015-03-23 17:51 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Origin
2015-07-09 19:19 - 2015-03-23 17:48 - 00000000 ____D C:\ProgramData\Origin
2015-07-09 19:19 - 2015-03-23 17:48 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-08 21:43 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-07 22:07 - 2015-04-09 20:58 - 00000000 ____D C:\ProgramData\G Data
2015-07-07 22:03 - 2015-04-09 21:00 - 00001558 _____ C:\Users\AnimaAngelo\AppData\Roaming\gdscan.log
2015-07-07 22:01 - 2015-04-09 20:58 - 00000000 ____D C:\Program Files (x86)\G Data
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-07-07 20:54 - 2014-10-03 15:50 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\QuickScan
2015-07-05 18:58 - 2015-04-27 03:33 - 00000000 ____D C:\Users\AnimaAngelo\Documents\Command and Conquer Generals Zero Hour Data
2015-07-05 16:13 - 2015-06-05 16:02 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Party
2015-07-04 08:55 - 2014-10-03 14:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-04 08:55 - 2014-10-03 14:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-01 20:42 - 2015-04-03 12:42 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Programme
2015-07-01 20:42 - 2015-04-03 12:41 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Daten, Ordner usw
2015-07-01 18:35 - 2015-03-23 16:41 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-01 18:33 - 2015-05-01 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-07-01 18:33 - 2015-04-14 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-07-01 18:33 - 2015-04-14 20:01 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-07-01 18:15 - 2015-03-25 18:18 - 00002984 _____ C:\Windows\System32\Tasks\{92A76144-6883-4449-B33D-F1A3813C467F}
2015-07-01 18:15 - 2015-03-25 18:18 - 00002984 _____ C:\Windows\System32\Tasks\{2DCAED3A-13FF-44D9-A598-F72A5FA5C9DA}
2015-07-01 18:15 - 2015-03-25 18:17 - 00002984 _____ C:\Windows\System32\Tasks\{614F9564-8F4D-4719-822D-DD2715DB7A6D}
2015-07-01 18:15 - 2014-10-03 14:46 - 00004118 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-01 18:15 - 2014-10-03 14:46 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-01 18:13 - 2014-10-03 15:59 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-07-01 18:13 - 2014-10-03 15:59 - 00003338 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-07-01 18:13 - 2014-10-03 15:59 - 00002996 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-07-01 18:13 - 2014-10-03 15:59 - 00001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-07-01 18:13 - 2014-10-03 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-07-01 18:13 - 2014-10-03 15:59 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-06-28 13:21 - 2014-10-03 12:31 - 00000000 ____D C:\Users\AnimaAngelo
2015-06-28 09:59 - 2014-10-03 14:47 - 00002207 _____ C:\Users\AnimaAngelo\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2015-04-09 21:00 - 2015-04-09 21:00 - 0000000 _____ () C:\Users\AnimaAngelo\AppData\Roaming\gdfw.log
2015-04-09 21:00 - 2015-07-07 22:03 - 0001558 _____ () C:\Users\AnimaAngelo\AppData\Roaming\gdscan.log
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\AnimaAngelo\AppData\Roaming\qmo2TlUy4szDje
2015-06-28 13:49 - 2015-06-28 13:49 - 0002725 _____ () C:\Users\AnimaAngelo\AppData\Local\recently-used.xbel
2015-05-26 22:19 - 2015-05-26 22:19 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 13:48

==================== End of log ============================


Werde nicht schlau daraus, aber etwas hat sich nun geändert. Ich habe über Chrome nun mehr Werbung! Naja sonst immer noch alles beim Alten also gebracht hat es mir noch nicht viel :(

schrauber 12.07.2015 10:29
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2414973931-2264080825-886326512-1004\User: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 15 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{524AAAB2-4000-4EF8-A966-E188B9E7B364}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{D4B7BC8A-52DC-4545-93F5-A9D734E39B1D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FAD4FCBB-98C1-4E3F-9136-68110F77C474}: [NameServer] 10.74.210.210 10.74.210.211
cmd: netsh winsock reset
C:\Windows\system32\ColorMedia64.dll
RemoveProxy:
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de





ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

AnimaAngelo 12.07.2015 11:50
Code:
Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by AnimaAngelo at 2015-07-12 12:27:09 Run:1
Running from C:\Users\AnimaAngelo\Desktop
Loaded Profiles: AnimaAngelo (Available Profiles: AnimaAngelo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2414973931-2264080825-886326512-1004\User: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Winsock: Catalog9-x64 15 C:\Windows\system32\ColorMedia64.dll [378640 2015-01-01] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{524AAAB2-4000-4EF8-A966-E188B9E7B364}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{D4B7BC8A-52DC-4545-93F5-A9D734E39B1D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FAD4FCBB-98C1-4E3F-9136-68110F77C474}: [NameServer] 10.74.210.210 10.74.210.211
cmd: netsh winsock reset
C:\Windows\system32\ColorMedia64.dll
RemoveProxy:
Emptytemp:
       
*****************

HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2414973931-2264080825-886326512-1004\User => moved successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
Winsock: Catalog entry 000000000001 => removed successfully
Winsock: Catalog entry 000000000002 => removed successfully
Winsock: Catalog entry 000000000003 => removed successfully
Winsock: Catalog entry 000000000004 => removed successfully
Winsock: Catalog entry 000000000015 => removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{524AAAB2-4000-4EF8-A966-E188B9E7B364}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{53B91DE2-2530-461A-A801-BF1CC8839912}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D4B7BC8A-52DC-4545-93F5-A9D734E39B1D}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FAD4FCBB-98C1-4E3F-9136-68110F77C474}\\NameServer => value removed successfully

=========  netsh winsock reset =========

Die Initialisierungsfunktion InitHelperDll in NSHHTTP.DLL konnte nicht gestartet werden. Fehlercode 10107

Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= End of CMD: =========

C:\Windows\system32\ColorMedia64.dll => moved successfully.

========= RemoveProxy: =========

"HKU\S-1-5-21-2414973931-2264080825-886326512-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

EmptyTemp: => 191 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 12:27:20 ====


Hier schon einmal der erste Teil. Der Rest folgt in kürze^^

schrauber 12.07.2015 16:14
ok :)

AnimaAngelo 12.07.2015 17:29
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=02e58a1e1ee63f4e98f0c7d489e72e54
# end=init
# utc_time=2015-07-12 11:31:27
# local_time=2015-07-12 01:31:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Finalize
Updated modules version: 24758
Update Init
Update Download
Update Finalize
Updated modules version: 24761
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=02e58a1e1ee63f4e98f0c7d489e72e54
# end=updated
# utc_time=2015-07-12 12:49:27
# local_time=2015-07-12 02:49:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=02e58a1e1ee63f4e98f0c7d489e72e54
# engine=24761
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-12 03:36:35
# local_time=2015-07-12 05:36:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='G DATA TOTAL PROTECTION'
# compatibility_mode=4111 16777213 100 100 16109 12317667 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 23662638 188345245 0 0
# scanned=435532
# found=151
# cleaned=151
# scan_time=10027
sh=8A96EE0F07C6D9B211F6E87D417331065CFDC21E ft=1 fh=1bdc2c3db687c77e vn="Variante von Win32/Adware.SpeedingUpMyPC.AO Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Smart Driver Updater\SDUTray.exe"
sh=B3F33ABCC92BB111AFD192D6F6AB9628CE1840F9 ft=1 fh=f0c9d2e774a108ff vn="Variante von Win32/Adware.SpeedingUpMyPC.AM Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Smart Driver Updater\SDUUninstaller.exe"
sh=79259C6E8D2BC187B2692EE0AE53249B53FB85AE ft=1 fh=e122f0f62e52792f vn="Variante von Win32/Adware.SpeedingUpMyPC.AM Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Smart Driver Updater\SmartDriverUpdater.exe"
sh=6FA07C781B84151C862A8FACD4E2EFB7D8DA3E2F ft=1 fh=ebf21d2230451b57 vn="Win32/AnyProtect.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Users\AnimaAngelo\AppData\Local\nswC715.tmp.vir"
sh=1447092BA29779C726829611180994E17718C412 ft=1 fh=23f22b72eb3a5b90 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner\PDFCreator-1_7_2_setup_offline.exe"
sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (2)\Unlocker1.9.2.exe"
sh=F40728E2156527E56861CED8C15461B39F6FB597 ft=1 fh=47f51120a0d38420 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (2)\VLC media player 64 Bit - CHIP-Installer.exe"
sh=C49CF361A8A73339CAD4D4ACC06C21E9A499154D ft=1 fh=23221b98a34c021c vn="NSIS/StartPage.CC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (2)\vlc-2.1.5-win64.exe"
sh=7DBDBC4D775A54E917C19CC6FE896BDFA035034E ft=1 fh=81e8c9f91694d340 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\64bit_Win7_Win8_Win81_R275_CB-DL-Manager.exe"
sh=61D6F2D7BD532A66AFB19840CFF1031E4D1BA435 ft=1 fh=15a55c91da01ac79 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\CyberGhost VPN - CHIP-Installer.exe"
sh=D699E64F7899E480746876A607352977809C21BE ft=1 fh=16dd55fc95327e80 vn="Variante von Win32/WinloadSDA.I evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\Easeus-Partition-Master-Home-Edition-lnstall.exe"
sh=FF3DB69919D4D76E75D9269A40BD987008FB5726 ft=1 fh=0c88b10cd022e7a1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\HP USB Disk Storage Format Tool - CHIP-Installer.exe"
sh=B5ED1E639B7D9AD3C0F3C81E5AA2E9F88DDFEB65 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\102_dealply_m.js"
sh=FC28D62EDB6C0C353E97185BB4B6DC87F5EDED14 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\103_intext_5_m.js"
sh=1AA56806D2545B3773D7C5CCEAE82353BDBB575F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\104_jollywallet_m.js"
sh=0B21E41A47E579081215969619861996F43524B1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\105_corticas_m.js"
sh=30AFCC1D03C04E68202593C239C4964A29BA2E15 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\108_icm_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\117_coupons_intext_ads_5_m.js"
sh=FE3704EEF2BFB9DCA552518E7AEC9D6AFC1ED15C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\119_similar_web_m.js"
sh=35CE3B76158991DDEA79CAF0C1F826A7EE18A820 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\120_luck_m.js"
sh=AB97A715437A6FC107817A76C99ED8FBCC81BBAD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\123_intext_adv_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js"
sh=D295E3F253D0942BD3114F61DEF5D78DD0FC5BFB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\125_arcadi2_m.js"
sh=3CFE90E3825BB08EB9B4222552FAC05360188207 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\126_revizer_ws_m.js"
sh=031F6CD140ED363E0F137E627AE1FE4DED5714E2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\127_revizer_p_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\128_superfish_pricora_m.js"
sh=BB2946641B9FEB2F76D281220A52220336E454E1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\135_arcadi3_m.js"
sh=8BD506BDCB470B73FE581B4DA1769AD9FBCAF0D8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\138_getdeal_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\141_corticas_ru_m.js.js"
sh=8395A2B6D59D2F3EDDCFC863DDA2F674396DC74C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\142_intext_fa_m.js"
sh=943F60E8E3F306CF4EE6E844D06FAC7552EE1856 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\155_ibario_pops_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\159_cortica_rollover_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\171_arcadi2_sourceID_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js"
sh=521F88F4687A0F1CEAC7BB5B06292A5857F85B08 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\175_coolmirage_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\178_revizer_ws_dynamic_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\179_revizer_p_dynamic_m.js"
sh=73374EAD120BC84FC9C0C827196BCAEB3C20EEB6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\180_bpo_serp_m.js"
sh=24E6E5A06D24A5CC24C0B705FDB089FD4FEC70AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\184_noproblemppc_m.js"
sh=CA1EF7BAB5D26ACFD1C4D33C6DB5BD87F4505970 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\19_CHAppAPIWrapper.js"
sh=63D3217BF16BFB37091DD90C82E573D8CA13F08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\1_base.js"
sh=5902FC10054355A5B8B9CC41620445BAA0F1D0AB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\21_debug.js"
sh=57F2136CD86B69E88017E3346CF16BE0C2A51A2B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\28_initializer.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\91_monetizationLoader.js.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\93_superfish_no_coupons_m.js"
sh=F354E7ECF9D3F7C0DFBD4E0979EED3A6C90A8B4D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\background.js"
sh=83D65FF0E58663381D001CA3AFFF73CDD756444B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\chrome.js"
sh=159E57B9F0EE41F82829AF4353AE146339592D7B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\cookie.js"
sh=FD2A3FEFF97D325433D2011C5ED5755B6D6A8FAA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\message.js"
sh=BC2AE3FD6D55F1C6161594EF795240E591BA88CE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\bg_app_api.js"
sh=6B8D57805A81A0C2A68E87C410FF89D15BB71CC9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\cookie_store.js"
sh=EDB82EF0A2AC160256F1A5C49F0778E3A42AC559 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\events.js"
sh=902E327ADBC89F0A47999D10E7F6F6554CFCC0F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\onBGDocumentLoad.js"
sh=7310853705A225AE5517D8AE5F9CF9D7925BA58B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\reports.js"
sh=BE038417E468CAA3BBA91CFFD2F554922504407C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\util.js"
sh=2B07D071ECA65439D265A22966204008B29E0A1F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Documents and Settings\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\xhr.js"
sh=ECE0491DBD2024195276512FA1BAA4AF8833AFD3 ft=1 fh=ae177dc46cdac0c9 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Dokumente und Einstellungen\Yvonne&Nadine\Eigene Dateien\Downloads\burnsetup47.exe"
sh=90AC7124AD9F3E43BB8048760308F73581546C52 ft=1 fh=c1a012b9361bd0ff vn="Variante von Win32/Systweak.R evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Dokumente und Einstellungen\Yvonne&Nadine\Eigene Dateien\Downloads\wzdu18.exe"
sh=BD4F87271566180D7F6322F27F15323A1DAC4215 ft=1 fh=fcff36e489966752 vn="Variante von Win32/Adware.Synatix.A Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Dokumente und Einstellungen\Yvonne&Nadine\Lokale Einstellungen\Anwendungsdaten\DownloadGuide\freemium-de.exe"
sh=5003B34BA80ECEFF5FE33663C351710996BE362C ft=1 fh=555b8586c0210f44 vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Dokumente und Einstellungen\Yvonne&Nadine\Lokale Einstellungen\Anwendungsdaten\DownloadGuide\IminentSetup.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/PriceGong.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Dokumente und Einstellungen\Yvonne&Nadine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.12\options\pg_options.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Dokumente und Einstellungen\Yvonne&Nadine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.12\plugins\npPriceGong_CH.dll"
sh=EE0DBC090D6FC9DA0D0A84516D8D34BF1F96E196 ft=1 fh=44b5db033c27eea0 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Program Files\RegClean Pro\Cloud_Backup_Setup_Intl.exe"
sh=F05690C8460FC38D0E55E144C4632619622D4F3A ft=1 fh=698d45211123e073 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Programme\NCH Software\Disketch\disketch.exe"
sh=8B7C6DA5D21BB9D7C428B60A2B09121583E93FD1 ft=1 fh=d80dd7990d9aab22 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Programme\NCH Software\Disketch\disketchsetup_v3.07.exe"
sh=0EBE84F9D8B0A02A3A2432D2496DDA335A5EC42E ft=1 fh=b0e53938c1848e86 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Programme\NCH Software\ExpressBurn\expressburn.exe"
sh=ECE0491DBD2024195276512FA1BAA4AF8833AFD3 ft=1 fh=ae177dc46cdac0c9 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Programme\NCH Software\ExpressBurn\expressburnsetup_v4.66.exe"
sh=B6E3244D5963D9C99BE80FE14DDD1CF574B56D7C ft=1 fh=0773d68f20c70ce3 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009744.rbf"
sh=659FAD1D609B1218041A66A2E9311383AED2C010 ft=1 fh=6fff39d115bc8f81 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009747.rbf"
sh=177B94846C1B423C4ECBD274B0DC097E096A11B4 ft=1 fh=bcbde332791db621 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009748.rbf"
sh=18D85A8185483151F77F51C043C2E4260E15ADF9 ft=1 fh=d4fcb78d8c374855 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009749.rbf"
sh=9DCA7B69D06ED984684FEDDF5952A7A5C0CD6578 ft=1 fh=704f5f92f26abbc0 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009751.rbf"
sh=C98C7EF1E31B2A0B67F8D8F3048F63DFC9431EB3 ft=1 fh=6d8f6b7abfd45af7 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009752.rbf"
sh=0D99A311B2C5CC760EAE380F837DD0540F045342 ft=1 fh=4aac95bf7d203964 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009755.rbf"
sh=A7B8A9D75168B48B64E9E31BC24FBCBAE778F096 ft=1 fh=f98fceaf4821731e vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009759.rbf"
sh=53443D0EAAC895DD51816FE1AC3FE97AEC0908F7 ft=1 fh=67e2652cb39eb8e9 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009760.rbf"
sh=BB33C720B6A10535F3E44FD60D78883860727F92 ft=1 fh=59efd45c9d7fed59 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009761.rbf"
sh=809D8D95A56E251F415153390D05E00AB81D3FE7 ft=1 fh=b5639db590c34d49 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009762.rbf"
sh=3983D3ADCB347E38C2B8A2FD1F85F1CAF0EE366B ft=1 fh=ee9801056be6e718 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009763.rbf"
sh=D3E5C3D3C6536F114C15E3030E01AB8A6475EE40 ft=1 fh=55b0c4d2d3c4646b vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009765.rbf"
sh=C6568B53D5B91BD5E47D2EC0D6DE31609FF152D5 ft=1 fh=627d1ad4680e7bba vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009766.rbf"
sh=BD2D4230D1982456F6153B40DF2CDCDBC5E80D8F ft=1 fh=28d13cd2626fcfe9 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP11\A0009768.rbf"
sh=202253A9188D9949343B87323605811625512DBF ft=1 fh=27af92eb716a7e9f vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009914.exe"
sh=659FAD1D609B1218041A66A2E9311383AED2C010 ft=1 fh=6fff39d115bc8f81 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009927.rbf"
sh=177B94846C1B423C4ECBD274B0DC097E096A11B4 ft=1 fh=bcbde332791db621 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009928.rbf"
sh=18D85A8185483151F77F51C043C2E4260E15ADF9 ft=1 fh=d4fcb78d8c374855 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009929.rbf"
sh=9DCA7B69D06ED984684FEDDF5952A7A5C0CD6578 ft=1 fh=704f5f92f26abbc0 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009931.rbf"
sh=C98C7EF1E31B2A0B67F8D8F3048F63DFC9431EB3 ft=1 fh=6d8f6b7abfd45af7 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009932.rbf"
sh=0D99A311B2C5CC760EAE380F837DD0540F045342 ft=1 fh=4aac95bf7d203964 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009935.rbf"
sh=53443D0EAAC895DD51816FE1AC3FE97AEC0908F7 ft=1 fh=67e2652cb39eb8e9 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009939.rbf"
sh=BB33C720B6A10535F3E44FD60D78883860727F92 ft=1 fh=59efd45c9d7fed59 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009940.rbf"
sh=809D8D95A56E251F415153390D05E00AB81D3FE7 ft=1 fh=b5639db590c34d49 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009941.rbf"
sh=3983D3ADCB347E38C2B8A2FD1F85F1CAF0EE366B ft=1 fh=ee9801056be6e718 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009942.rbf"
sh=D3E5C3D3C6536F114C15E3030E01AB8A6475EE40 ft=1 fh=55b0c4d2d3c4646b vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009944.rbf"
sh=C6568B53D5B91BD5E47D2EC0D6DE31609FF152D5 ft=1 fh=627d1ad4680e7bba vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009945.rbf"
sh=BD2D4230D1982456F6153B40DF2CDCDBC5E80D8F ft=1 fh=28d13cd2626fcfe9 vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0009947.rbf"
sh=32BED9564BF4B9DC5F39F6DD5C53D73981F8EB6A ft=1 fh=8fc7d8ee46f215de vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0010009.exe"
sh=F9B93DCE8A60C69590C25C303AE4D4DE4E169DBF ft=1 fh=2e026cbbebfd3de5 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0010010.exe"
sh=A7B8A9D75168B48B64E9E31BC24FBCBAE778F096 ft=1 fh=f98fceaf4821731e vn="Variante von Win32/Toolbar.Iminent.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0010062.rbf"
sh=96D28CD2C73BCFA3BA0B69305972110122C78C13 ft=1 fh=d67a8f0fce9576c9 vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\System Volume Information\_restore{E9A059E0-D02F-4100-B3E6-67DCAC233D5F}\RP12\A0010063.exe"
sh=B5ED1E639B7D9AD3C0F3C81E5AA2E9F88DDFEB65 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\102_dealply_m.js"
sh=FC28D62EDB6C0C353E97185BB4B6DC87F5EDED14 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\103_intext_5_m.js"
sh=1AA56806D2545B3773D7C5CCEAE82353BDBB575F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\104_jollywallet_m.js"
sh=0B21E41A47E579081215969619861996F43524B1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\105_corticas_m.js"
sh=30AFCC1D03C04E68202593C239C4964A29BA2E15 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\108_icm_m.js"
sh=7F7359D9F0900191297BFDF5B85D5CDF588CD9EA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\117_coupons_intext_ads_5_m.js"
sh=FE3704EEF2BFB9DCA552518E7AEC9D6AFC1ED15C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\119_similar_web_m.js"
sh=35CE3B76158991DDEA79CAF0C1F826A7EE18A820 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\120_luck_m.js"
sh=AB97A715437A6FC107817A76C99ED8FBCC81BBAD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\123_intext_adv_m.js"
sh=B0DF9F21E3E69C188775A6F9C466B19932C9238A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js"
sh=D295E3F253D0942BD3114F61DEF5D78DD0FC5BFB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\125_arcadi2_m.js"
sh=3CFE90E3825BB08EB9B4222552FAC05360188207 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\126_revizer_ws_m.js"
sh=031F6CD140ED363E0F137E627AE1FE4DED5714E2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\127_revizer_p_m.js"
sh=28ECD06AF56EB424F74BB63563BC79E57C15C2D9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\128_superfish_pricora_m.js"
sh=BB2946641B9FEB2F76D281220A52220336E454E1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\135_arcadi3_m.js"
sh=8BD506BDCB470B73FE581B4DA1769AD9FBCAF0D8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\138_getdeal_m.js"
sh=90A4F559561CF603A203F93D56C80B17B8152325 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\141_corticas_ru_m.js.js"
sh=8395A2B6D59D2F3EDDCFC863DDA2F674396DC74C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\142_intext_fa_m.js"
sh=943F60E8E3F306CF4EE6E844D06FAC7552EE1856 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\155_ibario_pops_m.js"
sh=0CEB1A073B87956FD1F21F8425B8F76015B1BCD8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js"
sh=441E98540BDEC21B7E534C2B317AE91925F6CEE7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\159_cortica_rollover_m.js"
sh=C8B01A1511A63AEC3D40B1D045034D76B1E85EFD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\171_arcadi2_sourceID_m.js"
sh=078C314715CCC0DE7547172AD4B810FD754115C6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js"
sh=521F88F4687A0F1CEAC7BB5B06292A5857F85B08 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\175_coolmirage_m.js"
sh=CFFCA6A4EE3A0DF2319440491BB297ADEC6EEF37 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\178_revizer_ws_dynamic_m.js"
sh=ADB54DE323736C99B4191A45B478B70DF1B7B945 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\179_revizer_p_dynamic_m.js"
sh=73374EAD120BC84FC9C0C827196BCAEB3C20EEB6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\180_bpo_serp_m.js"
sh=24E6E5A06D24A5CC24C0B705FDB089FD4FEC70AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\184_noproblemppc_m.js"
sh=CA1EF7BAB5D26ACFD1C4D33C6DB5BD87F4505970 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\19_CHAppAPIWrapper.js"
sh=63D3217BF16BFB37091DD90C82E573D8CA13F08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\1_base.js"
sh=5902FC10054355A5B8B9CC41620445BAA0F1D0AB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\21_debug.js"
sh=57F2136CD86B69E88017E3346CF16BE0C2A51A2B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\28_initializer.js"
sh=FD93B99EA823374C39DDBC779DEA9C89E9228FC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\91_monetizationLoader.js.js"
sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\extensionData\plugins\93_superfish_no_coupons_m.js"
sh=F354E7ECF9D3F7C0DFBD4E0979EED3A6C90A8B4D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\background.js"
sh=83D65FF0E58663381D001CA3AFFF73CDD756444B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\chrome.js"
sh=159E57B9F0EE41F82829AF4353AE146339592D7B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\cookie.js"
sh=FD2A3FEFF97D325433D2011C5ED5755B6D6A8FAA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\api\message.js"
sh=BC2AE3FD6D55F1C6161594EF795240E591BA88CE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\bg_app_api.js"
sh=6B8D57805A81A0C2A68E87C410FF89D15BB71CC9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\cookie_store.js"
sh=EDB82EF0A2AC160256F1A5C49F0778E3A42AC559 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\events.js"
sh=902E327ADBC89F0A47999D10E7F6F6554CFCC0F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\onBGDocumentLoad.js"
sh=7310853705A225AE5517D8AE5F9CF9D7925BA58B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\reports.js"
sh=BE038417E468CAA3BBA91CFFD2F554922504407C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\util.js"
sh=2B07D071ECA65439D265A22966204008B29E0A1F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikjpgpbpnapbimplfcbcbakjacpgceb\1.25.25_0\js\lib\xhr.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\ygxeovzx.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\chrome\content\core\xhr.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\ygxeovzx.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\102_dealply_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\ygxeovzx.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\191_ciuvo_m.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\ygxeovzx.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\1_base.js"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)\GRPP\Nadine 40er\Lokaler Datenträger\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\ygxeovzx.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins\21_debug.js"
Nach fast 3 Stunden Suchlauf hier die nächste Log

Code:
Results of screen317's Security Check version 1.004 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
G DATA TOTAL PROTECTION 
 Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 31 
 Java version 32-bit out of Date!
 Mozilla Firefox 33.0 Firefox out of Date! 
 Google Chrome (43.0.2357.132)
````````Process Check: objlist.exe by Laurent```````` 
 G Data TotalProtection Firewall GDFirewallTray.exe
 G DATA TotalProtection Firewall GDFwSvcx64.exe
 Internet Manager OnlineUpdate ouc.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-07-2015
Ran by AnimaAngelo (administrator) on ANIMAANGELO-PC on 12-07-2015 18:08:57
Running from C:\Users\AnimaAngelo\Desktop
Loaded Profiles: AnimaAngelo (Available Profiles: AnimaAngelo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-06-23] (Glarysoft Ltd)
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2414973931-2264080825-886326512-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {D38A0921-59AE-41C4-A9DD-3551386D748E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {D38A0921-59AE-41C4-A9DD-3551386D748E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2414973931-2264080825-886326512-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{524AAAB2-4000-4EF8-A966-E188B9E7B364}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF SearchPlugin: C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\searchplugins\google-avast.xml [2015-01-04]
FF Extension: Amazon-Icon - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\amazon-icon@giga.de [2015-02-15]
FF Extension: Web Developer - C:\Users\AnimaAngelo\AppData\Roaming\Mozilla\Firefox\Profiles\c2im6gf5.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-10-21]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff

Chrome:
=======
CHR Profile: C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-12]
CHR Extension: (Google Wallet) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-12]
CHR Extension: (Amazon) - C:\Users\AnimaAngelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-07-12]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\AnimaAngelo\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2527864 2015-03-04] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
S3 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-03-13] (Foxit Software Inc.)
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe [3881080 2015-02-20] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe [2235512 2015-02-20] (G Data Software AG)
S3 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138544 2015-03-31] ()
S3 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2015-03-31] ()
S3 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-05] (Electronic Arts)
S3 TSNxGService; C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-26] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-07-07] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-07-07] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-07-07] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-07-07] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-07-07] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-07-07] (G Data Software AG)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-05-30] (Sony Mobile Communications)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-07-01] (Glarysoft Ltd)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-07-07] (G Data Software AG)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-08-16] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-03-09] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2015-07-07] (G Data Software)
R3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [25592 2015-03-19] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 13:31 - 2015-07-12 13:31 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-12 13:30 - 2015-07-12 13:30 - 02870984 _____ (ESET) C:\Users\AnimaAngelo\Desktop\esetsmartinstaller_deu.exe
2015-07-12 13:30 - 2015-07-12 13:30 - 00852662 _____ C:\Users\AnimaAngelo\Desktop\SecurityCheck.exe
2015-07-12 13:27 - 2015-07-12 13:27 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-12 13:27 - 2015-07-12 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-12 13:23 - 2015-07-12 13:23 - 00931408 _____ (Google Inc.) C:\Users\AnimaAngelo\Downloads\ChromeSetup.exe
2015-07-12 12:52 - 2015-07-12 12:52 - 00001224 _____ C:\Users\AnimaAngelo\Desktop\Revo Uninstaller.lnk
2015-07-12 12:52 - 2015-07-12 12:52 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-12 12:51 - 2015-07-12 12:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\AnimaAngelo\Downloads\revosetup95.exe
2015-07-12 12:48 - 2015-07-12 12:48 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\FRST-OlderVersion
2015-07-11 13:56 - 2015-07-11 13:57 - 00047439 _____ C:\Users\AnimaAngelo\Desktop\Addition.txt
2015-07-11 13:55 - 2015-07-12 18:08 - 00013138 _____ C:\Users\AnimaAngelo\Desktop\FRST.txt
2015-07-11 13:54 - 2015-07-11 13:54 - 00004474 _____ C:\Users\AnimaAngelo\Desktop\JRT.txt
2015-07-11 13:41 - 2015-07-11 13:42 - 00000000 ____D C:\AdwCleaner
2015-07-11 13:39 - 2015-07-11 13:39 - 00000582 _____ C:\Users\AnimaAngelo\Desktop\MBAM.txt
2015-07-11 13:18 - 2015-07-11 13:40 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-11 13:18 - 2015-07-11 13:15 - 02248704 _____ C:\Users\AnimaAngelo\Desktop\AdwCleaner_4.208 (2).exe
2015-07-11 13:18 - 2015-07-11 13:14 - 03034370 _____ (Malwarebytes Corporation) C:\Users\AnimaAngelo\Desktop\JRT.exe
2015-07-11 13:17 - 2015-07-11 13:17 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-11 13:17 - 2015-07-11 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-11 13:17 - 2015-07-11 13:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-11 13:17 - 2015-07-11 13:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-11 13:17 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-11 13:17 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-11 13:17 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-11 13:15 - 2015-07-11 13:15 - 02248704 _____ C:\Users\AnimaAngelo\Downloads\AdwCleaner_4.208 (2).exe
2015-07-11 13:14 - 2015-07-11 13:14 - 03034370 _____ (Malwarebytes Corporation) C:\Users\AnimaAngelo\Downloads\JRT.exe
2015-07-11 13:14 - 2015-07-11 13:14 - 02248704 _____ C:\Users\AnimaAngelo\Downloads\Nicht bestätigt 401810.crdownload
2015-07-11 13:13 - 2015-07-11 13:14 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\AnimaAngelo\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-11 13:13 - 2015-07-11 13:13 - 02248704 _____ C:\Users\AnimaAngelo\Downloads\Nicht bestätigt 703701.crdownload
2015-07-09 23:55 - 2015-07-09 23:55 - 00018500 _____ C:\ComboFix.txt
2015-07-08 08:11 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-08 08:11 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-08 08:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-08 08:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-08 08:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-08 08:11 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-08 08:11 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-08 08:11 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-08 08:10 - 2015-07-09 23:56 - 00000000 ____D C:\Qoobox
2015-07-08 08:08 - 2015-07-08 21:39 - 00000000 ____D C:\Windows\erdnt
2015-07-08 08:07 - 2015-07-09 23:28 - 05632279 ____R (Swearware) C:\Users\AnimaAngelo\Desktop\ComboFix.exe
2015-07-07 22:37 - 2015-07-07 22:38 - 00046554 _____ C:\Users\AnimaAngelo\Downloads\Addition.txt
2015-07-07 22:34 - 2015-07-12 18:09 - 00000000 ____D C:\FRST
2015-07-07 22:34 - 2015-07-07 22:38 - 00034139 _____ C:\Users\AnimaAngelo\Downloads\FRST.txt
2015-07-07 22:33 - 2015-07-12 12:48 - 02130944 _____ (Farbar) C:\Users\AnimaAngelo\Desktop\FRST64.exe
2015-07-07 22:06 - 2015-07-07 22:06 - 00075776 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2015-07-07 22:05 - 2015-07-07 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2015-07-07 22:05 - 2015-07-07 22:05 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2015-07-07 22:05 - 2015-07-07 22:05 - 00002003 _____ C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk
2015-07-07 22:05 - 2015-07-07 22:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2015-07-07 22:05 - 2015-07-07 22:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf
2015-07-07 22:04 - 2015-07-07 22:04 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00230400 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00150016 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2015-07-07 22:03 - 2015-07-07 22:03 - 00124928 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2015-07-07 22:02 - 2015-07-07 22:02 - 00001962 _____ C:\Windows\DPINST.LOG
2015-07-07 22:02 - 2015-07-07 22:02 - 00000000 ____D C:\ProgramData\G DATA Software
2015-07-07 21:40 - 2015-07-12 13:06 - 00249198 _____ C:\Windows\PFRO.log
2015-07-07 21:09 - 2015-07-07 21:19 - 265261840 _____ (G Data Software AG) C:\Users\AnimaAngelo\Downloads\INT_R_BASE_TP.exe
2015-07-07 20:58 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-07 20:58 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-07-07 20:54 - 2015-07-07 20:54 - 00039480 _____ C:\Users\AnimaAngelo\Downloads\qsinstaller.exe
2015-07-05 19:09 - 2015-07-05 19:09 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2015-07-05 19:06 - 2015-07-05 19:06 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Command and Conquer 3 Kanes Wrath
2015-07-05 16:05 - 2015-07-05 16:46 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Musik USB
2015-07-01 20:54 - 2015-07-01 22:53 - 00000000 ____D C:\Users\AnimaAngelo\Downloads\Ballermann Hist 2015 3CD
2015-07-01 18:42 - 2015-07-01 18:43 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Ivonne
2015-07-01 18:41 - 2015-07-12 13:07 - 00004100 _____ C:\Windows\setupact.log
2015-07-01 18:41 - 2015-07-01 18:41 - 00000000 _____ C:\Windows\setuperr.log
2015-07-01 18:40 - 2015-07-01 20:54 - 410920847 _____ C:\Users\AnimaAngelo\Downloads\VA-Ballermann_Hits_2015_XXL-3CD-DE-2015.rar
2015-07-01 18:11 - 2015-07-01 18:12 - 15199032 _____ C:\Users\AnimaAngelo\Downloads\Glary_Utilities_v5.28.0.48.exe
2015-07-01 18:01 - 2015-07-01 20:42 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Spiele
2015-06-28 13:49 - 2015-06-28 13:49 - 00002725 _____ C:\Users\AnimaAngelo\AppData\Local\recently-used.xbel
2015-06-28 13:21 - 2015-06-28 13:21 - 00000000 ____D C:\Users\AnimaAngelo\.thumbnails
2015-06-28 12:37 - 2015-06-28 13:31 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Local\gtk-2.0
2015-06-28 12:28 - 2015-06-28 13:51 - 00000000 ____D C:\Users\AnimaAngelo\.gimp-2.8
2015-06-28 12:28 - 2015-06-28 12:28 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Local\gegl-0.2
2015-06-28 12:17 - 2015-06-28 12:17 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-06-28 12:10 - 2015-06-28 12:15 - 00000000 ____D C:\Program Files\GIMP 2
2015-06-28 11:46 - 2015-06-28 11:49 - 91931728 _____ (The GIMP Team ) C:\Users\AnimaAngelo\Downloads\gimp-2.8.14-setup-1.exe
2015-06-14 16:15 - 2015-06-14 16:16 - 32193426 _____ C:\Users\AnimaAngelo\Downloads\NENA - In meinem Leben [Official Video].mp4
2015-06-14 16:13 - 2015-06-14 16:13 - 07127074 _____ C:\Users\AnimaAngelo\Downloads\Isso - Mateo Lyrics.mp4
2015-06-14 16:09 - 2015-06-14 16:10 - 34694964 _____ C:\Users\AnimaAngelo\Downloads\NightcOrE - So Allein - lyrics.mp4
2015-06-14 16:08 - 2015-06-14 16:08 - 20472405 _____ C:\Users\AnimaAngelo\Downloads\Christina Stürmer Millionen Lichter lyrics.mp4
2015-06-14 15:48 - 2015-06-14 15:49 - 36127464 _____ (DVDVideoSoft Ltd. ) C:\Users\AnimaAngelo\Downloads\FreeYouTubeToMP3Converter_3.12.59.525.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 17:33 - 2015-05-21 18:42 - 00000000 ____D C:\Users\AnimaAngelo\Downloads\Neuer Ordner (3)
2015-07-12 17:33 - 2015-01-25 23:17 - 00000000 ____D C:\Users\AnimaAngelo\Downloads\Neuer Ordner (2)
2015-07-12 17:31 - 2014-10-03 14:38 - 00000000 ____D C:\Users\AnimaAngelo\Downloads\Neuer Ordner
2015-07-12 17:30 - 2015-02-25 18:53 - 00000000 ____D C:\Program Files (x86)\Smart Driver Updater
2015-07-12 14:56 - 2014-10-03 12:28 - 02095013 _____ C:\Windows\WindowsUpdate.log
2015-07-12 13:19 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-12 13:19 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-12 13:15 - 2011-03-20 11:08 - 00699236 _____ C:\Windows\system32\perfh007.dat
2015-07-12 13:15 - 2011-03-20 11:08 - 00149344 _____ C:\Windows\system32\perfc007.dat
2015-07-12 13:15 - 2009-07-14 07:13 - 01618848 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-12 13:07 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-12 12:32 - 2015-03-18 11:01 - 00000008 __RSH C:\Users\AnimaAngelo\ntuser.pol
2015-07-12 12:32 - 2014-12-19 21:30 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-07-12 12:32 - 2014-10-03 12:31 - 00000000 ____D C:\Users\AnimaAngelo
2015-07-12 12:27 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-11 12:56 - 2009-07-14 07:08 - 00032248 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-09 23:50 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-09 19:20 - 2015-03-23 17:51 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Origin
2015-07-09 19:19 - 2015-03-23 17:48 - 00000000 ____D C:\ProgramData\Origin
2015-07-09 19:19 - 2015-03-23 17:48 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-08 21:43 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-07 22:07 - 2015-04-09 20:58 - 00000000 ____D C:\ProgramData\G Data
2015-07-07 22:03 - 2015-04-09 21:00 - 00001558 _____ C:\Users\AnimaAngelo\AppData\Roaming\gdscan.log
2015-07-07 22:01 - 2015-04-09 20:58 - 00000000 ____D C:\Program Files (x86)\G Data
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-07-07 21:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-07-07 20:54 - 2014-10-03 15:50 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\QuickScan
2015-07-05 18:58 - 2015-04-27 03:33 - 00000000 ____D C:\Users\AnimaAngelo\Documents\Command and Conquer Generals Zero Hour Data
2015-07-05 16:13 - 2015-06-05 16:02 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Party
2015-07-04 08:55 - 2014-10-03 14:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-04 08:55 - 2014-10-03 14:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-01 20:42 - 2015-04-03 12:42 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Programme
2015-07-01 20:42 - 2015-04-03 12:41 - 00000000 ____D C:\Users\AnimaAngelo\Desktop\Daten, Ordner usw
2015-07-01 18:35 - 2015-03-23 16:41 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-01 18:33 - 2015-05-01 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2015-07-01 18:33 - 2015-04-14 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-07-01 18:33 - 2015-04-14 20:01 - 00000000 ____D C:\Users\AnimaAngelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-07-01 18:15 - 2015-03-25 18:18 - 00002984 _____ C:\Windows\System32\Tasks\{92A76144-6883-4449-B33D-F1A3813C467F}
2015-07-01 18:15 - 2015-03-25 18:18 - 00002984 _____ C:\Windows\System32\Tasks\{2DCAED3A-13FF-44D9-A598-F72A5FA5C9DA}
2015-07-01 18:15 - 2015-03-25 18:17 - 00002984 _____ C:\Windows\System32\Tasks\{614F9564-8F4D-4719-822D-DD2715DB7A6D}
2015-07-01 18:15 - 2014-10-03 14:46 - 00004118 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-01 18:15 - 2014-10-03 14:46 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-01 18:13 - 2014-10-03 15:59 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-07-01 18:13 - 2014-10-03 15:59 - 00003338 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-07-01 18:13 - 2014-10-03 15:59 - 00002996 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2015-07-01 18:13 - 2014-10-03 15:59 - 00001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-07-01 18:13 - 2014-10-03 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-07-01 18:13 - 2014-10-03 15:59 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5

==================== Files in the root of some directories =======

2015-04-09 21:00 - 2015-04-09 21:00 - 0000000 _____ () C:\Users\AnimaAngelo\AppData\Roaming\gdfw.log
2015-04-09 21:00 - 2015-07-07 22:03 - 0001558 _____ () C:\Users\AnimaAngelo\AppData\Roaming\gdscan.log
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\AnimaAngelo\AppData\Roaming\qmo2TlUy4szDje
2015-06-28 13:49 - 2015-06-28 13:49 - 0002725 _____ () C:\Users\AnimaAngelo\AppData\Local\recently-used.xbel
2015-05-26 22:19 - 2015-05-26 22:19 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 13:48

==================== End of log ============================

Hier der Rest der im Vergleich echt schnell ging.
Also ich werde daraus nicht schlau aber ich muss sagen der Laptop arbeitet wieder schneller und Chrome arbeitet wie es soll ohne trackid-sp-006 dahinter zu setzen.
Auch öffnen sich keine ungewollten Tabs, also hat es wirklich was gebracht.
Vielen dank dafür aber ich würde gerne wissen woran es lag das mein System so extrem rumgesponnen hat?
Sollte bei der Durchsicht der Log´s noch was zu finden sein wüsste ich es gerne.
Und nochmal,
vielen vielen Dank


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:56 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19