Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   PC extrem langsam (https://www.trojaner-board.de/163236-pc-extrem-langsam.html)

Speed9001 26.01.2015 16:52
PC extrem langsam
 
Der PC meiner Mutter ist extrem langsam er braucht sehr lange zum hochfahren, und bis er was startet

cosinus 27.01.2015 13:54
http://www.trojaner-board.de/71631-p...samer-tun.html

Ansonsten einfach mal mehr Infos posten.

Speed9001 27.01.2015 14:59
Hat leider nicht geholfen. Naja er braucht sehr lange bis er Hochfährt oder bei Mozilla Firefox braucht er bis er was ladet z.B Google.Am Desktop braucht er lange bis er irgendein Programm startet beim Runterfahren genau wie beim Hochfahren die Probleme sind seid ca 2 Wochen

cosinus 27.01.2015 16:03
Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Speed9001 27.01.2015 17:42
Code:
17.01.2015 08:20 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Vik\Downloads\ARMA_III_Steam_KeyGen.exe'
      enthielt einen Virus oder unerwünschtes Programm 'Adware/OxyPumper.CB' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '519ba9ba.qua'
      verschoben!

10.01.2015 10:48 [System-Scanner] Malware gefunden
      Die Datei
      'C:\AdwCleaner\Quarantine\C\Users\Vik\AppData\Roaming\DealPly\UpdateProc\UpdateT
      ask.exe.vir'
      enthielt einen Virus oder unerwünschtes Programm 'ADWARE/DealPly.Gen' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50675b60.qua'
      verschoben!

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Vik (administrator) on R2D2 on 27-01-2015 17:16:16
Running from C:\Users\Vik\Desktop
Loaded Profiles: Vik (Available profiles: Vik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\vsnp325.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Windows Net) C:\Users\Vik\AppData\Roaming\Windows Net Data\net.exe
() C:\Program Files (x86)\Homelink 1202 WLAN\WpsCenterV.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnp325.exe
(Realtek) C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\Tor\tor.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtWLan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [snp325] => C:\windows\vsnp325.exe [827392 2006-10-10] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5028464 2012-01-12] (VIA)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ZDWLan_Utility] => [X]
HKLM-x32\...\Run: [Homelink 1202 WLAN Software] => C:\Program Files (x86)\Homelink 1202 WLAN\WpsCenterV.exe [970752 2009-02-18] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FixCamera] => C:\windows\FixCamera.exe [20480 2007-02-12] ()
HKLM-x32\...\Run: [tsnp325] => C:\windows\tsnp325.exe [270336 2006-10-10] ()
HKLM-x32\...\Run: [mbot_de_39] => [X]
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-07-27] (AMD)
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\Run: [smoother] => C:\Users\Vik\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] ()
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\MountPoints2: D - D:\AutoRun.exe
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\MountPoints2: {30b45b9b-bb43-11e3-ab95-902b3429afd7} - E:\AutoRun.exe
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\MountPoints2: {30b45ba2-bb43-11e3-ab95-902b3429afd7} - D:\AutoRun.exe
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\MountPoints2: {54a0fe8c-af58-11e2-87ed-df15b811c60d} - E:\CMADownloader.exe
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\MountPoints2: {9d5c5485-dbdd-11e3-97df-806e6f6e6963} - D:\AutoRun.exe
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\MountPoints2: {ec10da9e-bbab-11e3-9619-902b3429afd7} - D:\AutoRun.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Packer.exe.lnk
ShortcutTarget: Packer.exe.lnk -> C:\Users\Vik\AppData\Local\Temp\Phx2792\Packer.exe (No File)
Startup: C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Vik\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1594054226-1724268975-995926224-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52492;https=127.0.0.1:52492
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8l1uqH93UeUYPpvZidDtw,,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1K5eQ-8RTE2Ba8wBIsgi5hpX8PVIbx_YIVM5m2pUE3dMFullk9z8ABwmwcNmlrqmve-hV05Zw_pm4KgVb35Hu6vQUwr3uf6-o8YQ,,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8l1uqH93UeUYPpvZidDtw,,&q={searchTerms}
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8ly9fCf6es4OasxlnTXzg,,&q={searchTerms}
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1400966628&from=vtt&uid=ST160LM000XHM161GI_S24NJ9GC302882
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de/
hxxp://www.giga.de/my_homepage/1024/
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1K5eQ-8RTE2Ba8wBIsgi5hpX8PVIbx_YIVM5m2pUE3dMFullk9z8ABwmwcNmlrqmve-hV05Zw_pm4KgVbwGWZJKqBqwBt24VoxVQ,,
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8ly9fCf6es4OasxlnTXzg,,&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1400966628&from=vtt&uid=ST160LM000XHM161GI_S24NJ9GC302882
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8l1uqH93UeUYPpvZidDtw,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8l1uqH93UeUYPpvZidDtw,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8l1uqH93UeUYPpvZidDtw,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8l1uqH93UeUYPpvZidDtw,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-1594054226-1724268975-995926224-1003 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8ly9fCf6es4OasxlnTXzg,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1594054226-1724268975-995926224-1003 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8ly9fCf6es4OasxlnTXzg,,&q={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: FlowSurf -> {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} -> C:\Program Files (x86)\Flowsurf\FlowSurf.dll (FlowSurf Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKU\S-1-5-21-1594054226-1724268975-995926224-1003 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.com/NxGame -> C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qone8.xml
FF Extension: Battlefield Play4Free - C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\Extensions\battlefieldplay4free@ea.com [2013-05-23]
FF Extension: Firefox Booster - C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-09-09]
FF Extension: {01dc9af9-fd04-4232-a097-05fdcac66d15} - C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\Extensions\{01dc9af9-fd04-4232-a097-05fdcac66d15}.xpi [2013-10-09]
FF Extension: Adblock Plus - C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-18]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [jid1-tofUlNEIFlkUIA@jetpack] - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack
FF Extension: FlowSurf - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack [2014-08-30]
FF HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\Firefox\Extensions: [lrcfan@fansoft.br] - C:\Program Files (x86)\LyricsFan\FF

Chrome:
=======
CHR Profile: C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-16]
CHR Extension: (Google Drive) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-16]
CHR Extension: (YouTube) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-16]
CHR Extension: (Google-Suche) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-16]
CHR Extension: (bloatfish) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdklkjmdbfblelkilbfbaoelgmjkcjf [2013-05-05]
CHR Extension: (Google Wallet) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (HD-V9.4) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjpieepnfhpcpkjklohnpmmmmdhcbmd [2014-08-30]
CHR Extension: (Google Mail) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-16]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jbdklkjmdbfblelkilbfbaoelgmjkcjf] - C:\Users\Vik\AppData\Local\BloatFish\Chrome\bloatfish.crx [2013-03-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-22] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-12-17] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-30] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-30] (globalUpdate) [File not signed]
S2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34304 2014-08-27] () <==== ATTENTION
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Realtek11nSU; C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-03] () [File not signed] <==== ATTENTION
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [115328 2014-04-03] (Huawei Technologies Co., Ltd.) [File not signed]
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24496 2011-12-19] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [637360 2011-12-19] (Intel Corporation)
S3 PciIsaSerial; C:\Windows\system32\drivers\PciIsaSerial.sys [68608 2008-12-19] (Windows (R) Codename Longhorn DDK provider)
S3 PciPPorts; C:\Windows\system32\drivers\PciPPorts.sys [96768 2009-07-23] ()
S3 PciSPorts; C:\Windows\system32\drivers\PciSPorts.sys [122880 2008-12-19] ()
S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10549248 2007-04-03] (Sonix Co. Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-08-13] (Anchorfree Inc.)
S3 XN720V64; C:\Windows\System32\DRIVERS\WLANUHN.sys [558080 2009-04-30] (Atheros Communications, Inc.)
S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2013-04-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2013-04-25] (Printing Communications Assoc., Inc. (PCAUSA))
R1 {0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64; C:\Windows\System32\drivers\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64.sys [61112 2014-04-24] (StdLib)
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 17:16 - 2015-01-27 17:20 - 00023814 _____ () C:\Users\Vik\Desktop\FRST.txt
2015-01-27 17:15 - 2015-01-27 17:16 - 00000000 ____D () C:\FRST
2015-01-27 17:13 - 2015-01-27 17:14 - 02129920 _____ (Farbar) C:\Users\Vik\Desktop\FRST64.exe
2015-01-27 17:04 - 2015-01-27 17:04 - 00001542 _____ () C:\Users\Vik\Desktop\Ereignisse.txt
2015-01-27 13:45 - 2015-01-27 13:46 - 00000000 _____ () C:\Users\Vik\Downloads\BidReqHandler
2015-01-27 07:47 - 2015-01-27 07:47 - 00000000 ____D () C:\1fe0756c6c79382b994f97939698f5bb
2015-01-26 17:26 - 2015-01-26 17:26 - 00000568 _____ () C:\windows\PFRO.log
2015-01-26 07:23 - 2015-01-27 17:00 - 00000672 _____ () C:\windows\setupact.log
2015-01-26 07:23 - 2015-01-26 07:23 - 00000000 _____ () C:\windows\setuperr.log
2015-01-20 13:01 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-20 13:01 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-20 13:01 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-20 13:01 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-20 13:01 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-20 13:01 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-20 13:00 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-20 13:00 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-20 13:00 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-20 13:00 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-20 13:00 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-20 13:00 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-20 13:00 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-17 10:57 - 2015-01-17 10:57 - 00099732 _____ () C:\Users\Vik\Downloads\Google.htm
2015-01-17 10:15 - 2014-05-24 22:23 - 00001254 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-17 10:10 - 2015-01-17 10:10 - 00000000 __SHD () C:\Users\Vik\AppData\Local\EmieBrowserModeList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 17:18 - 2009-07-14 05:45 - 00024400 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-27 17:18 - 2009-07-14 05:45 - 00024400 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-27 17:07 - 2011-12-31 23:14 - 01634408 _____ () C:\windows\WindowsUpdate.log
2015-01-27 17:00 - 2014-04-14 10:32 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2015-01-27 14:56 - 2011-04-12 08:43 - 00657812 _____ () C:\windows\system32\perfh007.dat
2015-01-27 14:56 - 2011-04-12 08:43 - 00132186 _____ () C:\windows\system32\perfc007.dat
2015-01-27 14:56 - 2009-07-14 06:13 - 01530662 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-27 14:18 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\tracing
2015-01-26 17:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-26 17:12 - 2012-04-18 09:31 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-22 11:56 - 2012-10-31 19:34 - 00000000 ____D () C:\Users\Vik\AppData\Local\CrashDumps
2015-01-21 06:32 - 2013-04-28 19:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-21 06:02 - 2012-04-18 10:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-01-20 12:12 - 2012-10-24 18:12 - 00000000 ____D () C:\Users\Vik
2015-01-20 12:12 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2015-01-20 07:43 - 2014-12-02 06:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-20 07:43 - 2013-04-18 21:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-17 11:08 - 2014-04-02 04:32 - 00000000 ____D () C:\windows\system32\MRT
2015-01-17 11:04 - 2012-04-18 13:36 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-10 12:31 - 2014-08-30 19:38 - 00000000 ____D () C:\Users\Vik\AppData\Roaming\SmootherWeb
2015-01-06 14:36 - 2013-07-20 16:28 - 00000000 ____D () C:\Users\Vik\AppData\Roaming\Skype
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-08-30 19:33 - 2014-08-31 08:45 - 0000551 _____ () C:\Users\Vik\AppData\Roaming\LiveSupport.exe_log.txt
2014-08-30 19:33 - 2014-08-31 08:45 - 0000092 _____ () C:\Users\Vik\AppData\Roaming\regsvr32.exe_log.txt
2014-05-23 13:30 - 2014-05-23 13:33 - 0000005 _____ () C:\Users\Vik\AppData\Roaming\version.ini
2013-06-26 19:24 - 2013-06-26 19:24 - 0000091 _____ () C:\Users\Vik\AppData\Local\fusioncache.dat
2013-03-04 21:20 - 2013-03-04 21:24 - 0017408 _____ () C:\Users\Vik\AppData\Local\WebpageIcons.db
2013-06-02 13:14 - 2014-09-09 04:37 - 0002123 _____ () C:\ProgramData\hpzinstall.log
2011-05-22 14:09 - 2011-05-22 14:09 - 0019624 _____ () C:\ProgramData\iml.xml
2013-03-08 12:20 - 2013-03-08 12:20 - 0000040 _____ () C:\ProgramData\ra3.ini
2011-05-22 14:09 - 2011-05-22 14:09 - 0019624 _____ () C:\ProgramData\winiml.dat

Files to move or delete:
====================
C:\ProgramData\winiml.dat


Some content of TEMP:
====================
C:\Users\Vik\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-09-01 15:35

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Vik at 2015-01-27 17:24:16
Running from C:\Users\Vik\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

325 USB PC Camera  (HKLM-x32\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.0.3.201 - Sonix)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
AdInjectionSetup (x32 Version: 1.0.0.0 - Covus Freemium GmbH) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version:  - ) <==== ATTENTION
Free YouTube Download version 3.1.39.1015 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.39.1015 - DVDVideoSoft Ltd.)
Hama Wireless LAN Adapter (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0159 - Hama GmbH & Co KG)
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
IM Lock (HKLM-x32\...\IMLock) (Version:  - Comvigo, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Nero 7 Premium (HKLM-x32\...\{42347B75-9660-2DA4-63FD-D35E344E1031}) (Version: 7.01.0483 - Nero AG)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SmootherWeb (HKU\S-1-5-21-1594054226-1724268975-995926224-1003 Version: 1.0 - SmootherWeb LLC) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Yahoo Community Smartbar (x32 Version: 11.112.66.19229 - Linkury Inc.) Hidden <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

27-01-2015 07:45:57 Windows Update
27-01-2015 14:12:23 Removed Microsoft XNA Framework Redistributable 4.0
27-01-2015 14:53:01 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {088C4E6E-F319-4586-9A7F-8E14BA864C91} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {093B6766-5F51-46B7-9D83-9DBE7EE6909F} - \Software Updater No Task File <==== ATTENTION
Task: {2DE08729-70BD-4CE7-8662-6BAAC6AE4B88} - \EPUpdater No Task File <==== ATTENTION
Task: {34EF6563-6035-4120-9C9F-4857AD49BB56} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-30] (Adobe Systems Incorporated)
Task: {8233B8F7-C924-4961-B631-FDDED4E220A8} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {9BC012DC-5E03-4481-85C5-0D2176F9A7B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {9C2B630F-AE05-46C2-9863-C0720F20CF0D} - System32\Tasks\{229C5D78-4882-4341-8158-B91C43484527} => pcalua.exe -a "C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl" -c Nero BurnRights
Task: {C423B043-50BD-4081-9C71-077ACD55FD4F} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {D58ACE25-C54B-472F-9514-F4348BE94A83} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E3BB484B-BA97-4573-9F2D-6C77DB822673} - \Software Updater Ui No Task File <==== ATTENTION
Task: {E9785CF8-6293-44E0-826B-7DF307DDF1B9} - \Dealply No Task File <==== ATTENTION
Task: {ED02BBD2-FD45-4218-89D4-DEC059E055AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-1.job => C:\Program Files (x86)\HD-V9.4\HD-V9.4-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-11.job => C:\Program Files (x86)\HD-V9.4\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-11.exe <==== ATTENTION
Task: C:\windows\Tasks\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-2.job => C:\Program Files (x86)\HD-V9.4\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-2.exe <==== ATTENTION
Task: C:\windows\Tasks\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-3.job => C:\Program Files (x86)\HD-V9.4\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-3.exe <==== ATTENTION
Task: C:\windows\Tasks\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-4.job => C:\Program Files (x86)\HD-V9.4\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-4.exe <==== ATTENTION
Task: C:\windows\Tasks\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-5.job => C:\Program Files (x86)\HD-V9.4\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-5.exe <==== ATTENTION
Task: C:\windows\Tasks\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-5_user.job => C:\Program Files (x86)\HD-V9.4\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-5.exe <==== ATTENTION
Task: C:\windows\Tasks\a449752e-723e-445e-90ef-c1825b2e0362.job => C:\Program Files (x86)\HD-V9.4\1b3ad0fc-6a5c-4c1b-a690-9f22d694c8a7-4.exe <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\RDReminder.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\windows\Tasks\RocketTab Update Task.job => C:\Program Files (x86)\RocketTab\uninstall.exe <==== ATTENTION
Task: C:\windows\Tasks\RocketTab.job => C:\Program Files (x86)\RocketTab\Client.exe <==== ATTENTION
Task: C:\windows\Tasks\SomotoUpdateCheckerAutoStart.job => C:\Users\Vik\AppData\Local\FilesFrog Update Checker\update_checker.exe
Task: C:\windows\Tasks\VStart{A37B472A-8335-449F-9568-43ECC2907F06}.job => C:\Users\Vik\AppData\Local\Temp\nsx9E16.tmp\vbstub.exe

==================== Loaded Modules (whitelisted) =============

2013-08-14 12:22 - 2006-10-10 13:11 - 00827392 _____ () C:\Windows\vsnp325.exe
2013-04-25 15:27 - 2009-02-18 07:50 - 00970752 _____ () C:\Program Files (x86)\Homelink 1202 WLAN\WpsCenterV.exe
2013-08-14 12:22 - 2007-02-12 13:50 - 00020480 _____ () C:\Windows\FixCamera.exe
2013-08-14 12:22 - 2006-10-10 14:49 - 00270336 _____ () C:\Windows\tsnp325.exe
2013-09-03 19:23 - 2013-09-03 19:23 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2013-04-25 15:27 - 2009-02-18 07:50 - 00425984 _____ () C:\Program Files (x86)\Homelink 1202 WLAN\NICDLLV.dll
2013-11-11 16:23 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\EnumDevLib.dll
2015-01-18 10:46 - 2014-12-02 06:19 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Vik\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Vik\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Vik\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: Win32 Update => C:\Users\Vik\Documents\DCSCMIN\IMDCSC.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1594054226-1724268975-995926224-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1594054226-1724268975-995926224-1009 - Limited - Enabled)
Gast (S-1-5-21-1594054226-1724268975-995926224-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1594054226-1724268975-995926224-1005 - Limited - Enabled)
Vik (S-1-5-21-1594054226-1724268975-995926224-1003 - Administrator - Enabled) => C:\Users\Vik

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2015 05:04:42 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (01/27/2015 05:04:11 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (01/27/2015 05:01:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2015 02:19:53 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (01/27/2015 02:19:22 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (01/27/2015 02:18:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2015 02:11:09 PM) (Source: MsiInstaller) (EventID: 11704) (User: R2D2)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 -- Error 1704.An installation for Microsoft .NET Framework 4 Client Profile is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?

Error: (01/27/2015 02:04:23 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (01/27/2015 02:03:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (01/27/2015 02:01:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/27/2015 05:02:40 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (01/27/2015 05:01:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/27/2015 05:01:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht.

Error: (01/27/2015 05:01:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LPT System Updater Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/27/2015 05:01:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LPT System Updater Service erreicht.

Error: (01/27/2015 05:00:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/27/2015 05:00:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AMD FUEL Service erreicht.

Error: (01/27/2015 02:25:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (01/27/2015 02:17:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/27/2015 02:17:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AMD FUEL Service erreicht.


Microsoft Office Sessions:
=========================
Error: (01/27/2015 05:04:42 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (01/27/2015 05:04:11 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (01/27/2015 05:01:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2015 02:19:53 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (01/27/2015 02:19:22 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (01/27/2015 02:18:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2015 02:11:09 PM) (Source: MsiInstaller) (EventID: 11704) (User: R2D2)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 -- Error 1704.An installation for Microsoft .NET Framework 4 Client Profile is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/27/2015 02:04:23 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (01/27/2015 02:03:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (01/27/2015 02:01:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: AMD A4-3300 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 94%
Total physical RAM: 3581.41 MB
Available physical RAM: 196.1 MB
Total Pagefile: 7161.01 MB
Available Pagefile: 1989.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:138.95 GB) (Free:91.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 8888D541)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=139 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=27)

==================== End Of Log ============================

cosinus 27.01.2015 19:58
Zitat:
C:\Users\Vik\Downloads\ARMA_III_Steam_KeyGen.exe
Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

Speed9001 27.01.2015 20:09
Wenn die gelöscht sind soll ich dann wieder mit FRST durch scannen

cosinus 27.01.2015 20:12
Ist nicht nötig, gib einfach Bescheid.

Speed9001 27.01.2015 20:13
Gut sie sind gelöscht

cosinus 27.01.2015 20:23
Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Speed9001 27.01.2015 21:19
Code:
ComboFix 15-01-27.01 - Vik 27.01.2015  20:29:47.1.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3581.2262 [GMT 1:00]
ausgeführt von:: c:\users\Vik\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\SaveShare
c:\program files (x86)\SaveShare\sprotector.dll
c:\program files (x86)\SaveShare\uninstall.exe
c:\programdata\374311380
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Packer.exe.lnk
c:\users\Vik\AppData\Local\BrowserSafeguard
c:\users\Vik\AppData\Local\BrowserSafeguard\BrowserSafeguard.exe
c:\users\Vik\AppData\Local\BrowserSafeguard\makecert.exe
c:\users\Vik\AppData\Local\BrowserSafeguard\Resources\certutil.exe
c:\users\Vik\AppData\Local\BrowserSafeguard\Resources\libnspr4.dll
c:\users\Vik\AppData\Local\BrowserSafeguard\Resources\libplc4.dll
c:\users\Vik\AppData\Local\BrowserSafeguard\Resources\libplds4.dll
c:\users\Vik\AppData\Local\BrowserSafeguard\Resources\nss3.dll
c:\users\Vik\AppData\Local\BrowserSafeguard\Resources\smime3.dll
c:\users\Vik\AppData\Local\BrowserSafeguard\Resources\softokn3.dll
c:\users\Vik\AppData\Local\BrowserSafeguard\TrustedRoot.cer
c:\users\Vik\AppData\Local\BrowserSafeguard\uninstall.BrowserSafeguard.exe
c:\users\Vik\AppData\Local\DeSmuME
c:\users\Vik\AppData\Local\DeSmuME\Battery\Need for Speed - Underground 2.dsv
c:\users\Vik\AppData\Local\DeSmuME\Battery\Pokemon - Goldene Edition HeartGold (Germany).dsv
c:\users\Vik\AppData\Local\DeSmuME\Battery\Pokemon White.dsv
c:\users\Vik\AppData\Local\DeSmuME\States\Pokemon White.ds0
c:\users\Vik\AppData\Roaming\dclogs
c:\users\Vik\AppData\Roaming\dclogs\2013-12-01-1.dc
c:\users\Vik\AppData\Roaming\dclogs\2013-12-02-2.dc
c:\users\Vik\AppData\Roaming\LiveSupport.exe_log.txt
c:\users\Vik\AppData\Roaming\regsvr32.exe_log.txt
c:\users\Vik\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe
c:\users\Vik\AppData\Roaming\systweak\ssd\SSDPTstub.exe
c:\users\Vik\AppData\Roaming\Windows Net Data
c:\users\Vik\AppData\Roaming\Windows Net Data\id.dat
c:\users\Vik\AppData\Roaming\Windows Net Data\net.exe
c:\users\Vik\AppData\Roaming\Windows Net Data\uninstaller.exe
c:\users\Vik\AppData\Roaming\Windows Net Data\well.dat
c:\windows\msdownld.tmp
c:\windows\SysWow64\ChilkatMail_v7_9.dll
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_globalUpdate
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-12-27 bis 2015-01-27  ))))))))))))))))))))))))))))))
.
.
2015-01-27 19:46 . 2015-01-27 19:46        --------        d-----w-        c:\users\Default\AppData\Local\temp
2015-01-27 16:15 . 2015-01-27 19:12        --------        d-----w-        C:\FRST
2015-01-27 13:55 . 2015-01-27 13:55        --------        d-----w-        c:\program files (x86)\Microsoft.NET
2015-01-27 06:47 . 2015-01-27 06:47        --------        d-----w-        C:\1fe0756c6c79382b994f97939698f5bb
2015-01-20 12:01 . 2014-12-11 17:47        52736        ----a-w-        c:\windows\system32\TSWbPrxy.exe
2015-01-20 12:01 . 2014-12-19 03:06        210432        ----a-w-        c:\windows\system32\profsvc.dll
2015-01-20 12:01 . 2014-12-06 04:17        303616        ----a-w-        c:\windows\system32\nlasvc.dll
2015-01-20 12:01 . 2014-12-06 03:50        52224        ----a-w-        c:\windows\SysWow64\nlaapi.dll
2015-01-20 12:01 . 2014-12-06 03:50        156672        ----a-w-        c:\windows\SysWow64\ncsi.dll
2015-01-20 12:01 . 2014-12-19 01:46        141312        ----a-w-        c:\windows\system32\drivers\mrxdav.sys
2015-01-20 12:00 . 2014-12-12 05:31        503808        ----a-w-        c:\windows\system32\srcore.dll
2015-01-20 12:00 . 2014-12-12 05:31        50176        ----a-w-        c:\windows\system32\srclient.dll
2015-01-20 12:00 . 2014-12-12 05:31        296960        ----a-w-        c:\windows\system32\rstrui.exe
2015-01-20 12:00 . 2014-12-12 05:07        43008        ----a-w-        c:\windows\SysWow64\srclient.dll
2015-01-20 12:00 . 2014-12-12 05:35        5553592        ----a-w-        c:\windows\system32\ntoskrnl.exe
2015-01-20 12:00 . 2014-12-12 05:11        3971512        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2015-01-20 12:00 . 2014-12-12 05:11        3916728        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2015-01-17 09:10 . 2015-01-17 09:10        --------        d-sh--w-        c:\users\Vik\AppData\Local\EmieBrowserModeList
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-17 10:04 . 2012-04-18 12:36        113365784        ----a-w-        c:\windows\system32\MRT.exe
2015-01-06 03:36 . 2010-11-21 03:27        298120        ------w-        c:\windows\system32\MpSigStub.exe
2014-12-13 05:09 . 2014-12-18 06:41        144384        ----a-w-        c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 06:41        115712        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2014-12-04 02:50 . 2014-12-10 05:42        413184        ----a-w-        c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-10 05:42        741376        ----a-w-        c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-10 05:42        396800        ----a-w-        c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-10 05:42        830976        ----a-w-        c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-10 05:42        192000        ----a-w-        c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-10 05:42        227328        ----a-w-        c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-10 05:42        1083392        ----a-w-        c:\windows\system32\aeinv.dll
2014-12-02 10:26 . 2015-01-27 07:09        11870360        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{1CD7C4CD-0CD8-4908-9645-E13BC8839AF2}\mpengine.dll
2014-12-01 23:28 . 2014-12-10 05:42        1232040        ----a-w-        c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-10 05:41        389296        ----a-w-        c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-10 05:41        25059840        ----a-w-        c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-10 05:41        2724864        ----a-w-        c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-10 05:41        4096        ----a-w-        c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-10 05:41        66560        ----a-w-        c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-10 05:41        580096        ----a-w-        c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-10 05:41        48640        ----a-w-        c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-10 05:41        2885120        ----a-w-        c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-10 05:41        88064        ----a-w-        c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-10 05:41        54784        ----a-w-        c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-10 05:41        34304        ----a-w-        c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-10 05:41        633856        ----a-w-        c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-10 05:41        114688        ----a-w-        c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-10 05:41        814080        ----a-w-        c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-10 05:41        6039552        ----a-w-        c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-10 05:41        968704        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-10 05:41        490496        ----a-w-        c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-10 05:41        2724864        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-10 05:41        77824        ----a-w-        c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-10 05:41        199680        ----a-w-        c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-10 05:41        92160        ----a-w-        c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-10 05:41        501248        ----a-w-        c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-10 05:41        62464        ----a-w-        c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-10 05:41        47616        ----a-w-        c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 05:41        64000        ----a-w-        c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-10 05:41        316928        ----a-w-        c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-10 05:41        620032        ----a-w-        c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-10 05:41        718848        ----a-w-        c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-10 05:41        800768        ----a-w-        c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-10 05:41        1359360        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-10 05:41        2125312        ----a-w-        c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-10 05:41        14412800        ----a-w-        c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-10 05:41        60416        ----a-w-        c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 05:41        4299264        ----a-w-        c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-10 05:41        2358272        ----a-w-        c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-10 05:41        2052096        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 05:41        1155072        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-10 05:41        1548288        ----a-w-        c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-10 05:41        800768        ----a-w-        c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-10 05:41        1888256        ----a-w-        c:\windows\SysWow64\wininet.dll
2014-11-11 03:09 . 2014-12-10 05:41        1424384        ----a-w-        c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 04:07        241152        ----a-w-        c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 04:07        728064        ----a-w-        c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-10 05:41        1230336        ----a-w-        c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 04:07        186880        ----a-w-        c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 04:07        550912        ----a-w-        c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-10 05:41        119296        ----a-w-        c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-10 05:38        2048        ----a-w-        c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-10 05:38        2048        ----a-w-        c:\windows\SysWow64\tzres.dll
2014-11-06 06:26 . 2013-05-12 06:02        43064        ----a-w-        c:\windows\system32\drivers\avnetflt.sys
2014-11-06 06:26 . 2013-05-11 11:23        131608        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2014-11-06 06:26 . 2013-05-11 11:23        119272        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2014-10-30 02:03 . 2014-12-10 05:38        165888        ----a-w-        c:\windows\system32\charmap.exe
2014-10-30 01:45 . 2014-12-10 05:38        155136        ----a-w-        c:\windows\SysWow64\charmap.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}]
2014-04-22 04:32        61440        ----a-w-        c:\program files (x86)\Flowsurf\flowsurf.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2012-07-27 393216]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2014-12-03 40336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-01-12 5028464]
"NeroFilterCheck"="c:\program files (x86)\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"Homelink 1202 WLAN Software"="c:\program files (x86)\Homelink 1202 WLAN\WpsCenterV.exe" [2009-02-18 970752]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-12-22 702768]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2006-10-10 270336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
IML.lnk - c:\windows\System32\iml.vbs [2010-5-21 4472]
IML64.lnk - c:\windows\SysWOW64\iml.vbs [2010-5-21 4472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
R3 iaStorS;iaStorS;c:\windows\system32\drivers\iaStorS.sys;c:\windows\SYSNATIVE\drivers\iaStorS.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 PciIsaSerial;PCI-ISA Communication Port;c:\windows\system32\drivers\PciIsaSerial.sys;c:\windows\SYSNATIVE\drivers\PciIsaSerial.sys [x]
R3 PciPPorts;PCI ECP Parallel Port;c:\windows\system32\drivers\PciPPorts.sys;c:\windows\SYSNATIVE\drivers\PciPPorts.sys [x]
R3 PciSPorts;High-Speed PCI Serial Port;c:\windows\system32\drivers\PciSPorts.sys;c:\windows\SYSNATIVE\drivers\PciSPorts.sys [x]
R3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys;c:\windows\SYSNATIVE\DRIVERS\snp325.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XN720V64;Homelink 1202 Driver(vista);c:\windows\system32\DRIVERS\WLANUHN.sys;c:\windows\SYSNATIVE\DRIVERS\WLANUHN.sys [x]
R3 ZDCNDIS6a64;ZDCNDIS Protocol Driver;c:\windows\system32\ZDCNDIS6a64.sys;c:\windows\SYSNATIVE\ZDCNDIS6a64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S1 {0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64;{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64;c:\windows\system32\drivers\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64.sys;c:\windows\SYSNATIVE\drivers\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 LPTSystemUpdater;LPT System Updater Service;c:\program files (x86)\LPT\srpts.exe;c:\program files (x86)\LPT\srpts.exe [x]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe;c:\program files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys;c:\windows\SYSNATIVE\drivers\amdiox64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13 17:28]
.
2014-08-30 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-30 19:14]
.
2014-08-30 c:\windows\Tasks\RocketTab.job
- c:\windows\system32\cmd.exe [2010-11-21 03:24]
.
2014-04-14 c:\windows\Tasks\SomotoUpdateCheckerAutoStart.job
- c:\users\Vik\AppData\Local\FilesFrog Update Checker\update_checker.exe [2013-10-17 09:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1K5eQ-8RTE2Ba8wBIsgi5hpX8PVIbx_YIVM5m2pUE3dMFullk9z8ABwmwcNmlrqmve-hV05Zw_pm4KgVbwGWZJKqBqwBt24VoxVQ,,
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
uInternet Settings,ProxyOverride = <-loopback>;<local>
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kkf9VrZBV-thl5XrMTRvU7m2kkk8xjpQr_KmaD5D7bTzQM6aSoHL834l0JN-Rp6H1GQwOtLWeCa779Aqtfb-X7Fhk-wHFg5PlQCWMEj5-IzIGQVGE-IaZkmMzBePpSIMrAdZTCIO3uxSu-F8ly9fCf6es4OasxlnTXzg,,&q={searchTerms}
IE: Free YouTube Download - c:\users\Vik\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file)
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-smoother - c:\users\Vik\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe
Wow6432Node-HKLM-Run-ZDWLan_Utility - (no file)
Wow6432Node-HKLM-Run-mbot_de_39 - (no file)
c:\users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk - c:\users\Vik\AppData\Roaming\Windows Net Data\net.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-IMLock - c:\windows\System32\tnblf.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1594054226-1724268975-995926224-1003\Software\SecuROM\License information*]
"datasecu"=hex:2c,1f,99,9f,50,47,57,d0,7b,87,2b,dd,ea,76,57,93,cb,b9,f9,c2,1c,
  27,7d,f8,09,61,f9,2f,c8,e2,dc,83,4f,48,7d,b3,60,24,c7,37,fa,95,0d,00,60,50,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Hama\Wireless LAN RTL8192SU\RtWlan.exe
c:\program files (x86)\LPT\srptsl.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-27  21:06:37 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-01-27 20:06
.
Vor Suchlauf: 12 Verzeichnis(se), 101.168.701.440 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 101.215.313.920 Bytes frei
.
- - End Of File - - 78D0666FAB390D18C06758976F754B29
A36C5E4F47E84449FF07ED3517B43A31
Combofix hat Trozdem gemeckert wegen ein Real-Time Scanner von Avira hatte aber kein Plan was er wollte

cosinus 27.01.2015 21:21
Adware/Junkware/Toolbars entfernen

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Speed9001 27.01.2015 22:16
Code:
# AdwCleaner v4.109 - Bericht erstellt am 27/01/2015 um 21:37:26
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Vik - R2D2
# Gestartet von : C:\Users\Vik\Desktop\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : globalUpdatem
[#] Dienst Gelöscht : LPTSystemUpdater
Dienst Gelöscht : {0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\SmootherWeb
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\Registry Helper
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDeals
Ordner Gelöscht : C:\Program Files (x86)\Flowsurf
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\LPT
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\Deal Keeper
Ordner Gelöscht : C:\Program Files (x86)\HD-V9.4
Ordner Gelöscht : C:\windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Ordner Gelöscht : C:\windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Systweak
Ordner Gelöscht : C:\windows\System32\ljkb
Ordner Gelöscht : C:\Users\Vik\AppData\Local\apn
Ordner Gelöscht : C:\Users\Vik\AppData\Local\FilesFrog Update Checker
Ordner Gelöscht : C:\Users\Vik\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Vik\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Vik\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Vik\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Vik\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Vik\AppData\Local\WeatherAlerts
Ordner Gelöscht : C:\Users\Vik\AppData\Local\webplayer
Ordner Gelöscht : C:\Users\Vik\AppData\Local\fabulous_08301910
Ordner Gelöscht : C:\Users\Vik\AppData\Roaming\IminentToolbar
Ordner Gelöscht : C:\Users\Vik\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Vik\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Vik\AppData\Roaming\qone8
Ordner Gelöscht : C:\Users\Vik\AppData\Roaming\RocketUpdater
Ordner Gelöscht : C:\Users\Vik\AppData\Roaming\SmootherWeb
Ordner Gelöscht : C:\Users\Vik\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Ordner Gelöscht : C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb
Ordner Gelöscht : C:\Users\Vik\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjpieepnfhpcpkjklohnpmmmmdhcbmd
Datei Gelöscht : C:\windows\SysWOW64\RegistryHelperLM.ocx
Datei Gelöscht : C:\windows\System32\roboot64.exe
Datei Gelöscht : C:\windows\System32\drivers\taphss6.sys
Datei Gelöscht : C:\windows\System32\drivers\{0bd9bacb-0a2d-4412-900e-b2473afd87b4}Gw64.sys
Datei Gelöscht : C:\Users\Vik\daemonprocess.txt
Datei Gelöscht : C:\Users\Vik\AppData\LocalLow\SkwConfig.bin
Datei Gelöscht : C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\invalidprefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qone8.xml
Datei Gelöscht : C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\user.js
Datei Gelöscht : C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Tasks ] *****

Task Gelöscht : Dealply
Task Gelöscht : DealPlyUpdate
Task Gelöscht : EPUpdater
Task Gelöscht : globalUpdateUpdateTaskMachineCore
Task Gelöscht : RocketTab
Task Gelöscht : Software Updater Ui
Task Gelöscht : Software Updater
Task Gelöscht : SomotoUpdateCheckerAutoStart

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Vik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Vik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Vik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [jid1-tofUlNEIFlkUIA@jetpack]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [lrcfan@fansoft.br]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4277F7CF-0000-46CF-BA49-D624465C4BAB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8018C54-B702-4D52-9ACC-8CA78911E633}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C6A846C5-D67F-48B4-8552-C22354E56966}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555835560}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566836660}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C321541F-B22D-4593-AC1A-9634812A4E40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4E7C-A8BB-41EFD720FD77}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A8018C54-B702-4D52-9ACC-8CA78911E633}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C6A846C5-D67F-48B4-8552-C22354E56966}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555835560}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566836660}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\BonanzaDealsLive
Schlüssel Gelöscht : HKCU\Software\Fabulous
Schlüssel Gelöscht : HKCU\Software\FlowSurf
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IminentToolbar
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\MyBestOffersToday
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\searchgol LTD
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Somoto
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\VIS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Show-Password
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\qone8Software
Schlüssel Gelöscht : HKLM\SOFTWARE\Registry Helper
Schlüssel Gelöscht : HKLM\SOFTWARE\SafetyNut
Schlüssel Gelöscht : HKLM\SOFTWARE\SweetIM
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SmootherWeb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>;<local>

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v35.0 (x86 de)


-\\ Google Chrome v

[C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : logekkkdbdidmmcgkonmmonclldogceg
[C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : ofjpieepnfhpcpkjklohnpmmmmdhcbmd

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [34182 octets] - [06/10/2013 00:30:07]
AdwCleaner[R1].txt - [30245 octets] - [27/01/2015 21:30:14]
AdwCleaner[S0].txt - [30303 octets] - [06/10/2013 00:30:52]
AdwCleaner[S1].txt - [28307 octets] - [27/01/2015 21:37:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [28368 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Vik on 27.01.2015 at 21:44:51,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544834460}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544834460}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544834460}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511831160}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511831160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440544834460}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Vik\appdata\local\{131C0E46-E12D-444E-93F0-D5C9E3B80CFD}
Successfully deleted: [Empty Folder] C:\Users\Vik\appdata\local\{52F51A42-3CFC-4103-B244-C52BEE5B80BF}
Successfully deleted: [Empty Folder] C:\Users\Vik\appdata\local\{70C6F7E9-CFDB-4AFE-A3E7-80D011E562B4}
Successfully deleted: [Empty Folder] C:\Users\Vik\appdata\local\{96CF995B-F93E-4826-B17A-9B1A824FD467}
Successfully deleted: [Empty Folder] C:\Users\Vik\appdata\local\{B32EC96A-42ED-460D-A7DE-14E4C5F4D2F2}
Successfully deleted: [Empty Folder] C:\Users\Vik\appdata\local\{DE163CCD-7641-4CE4-93FF-6A64FDC3C9C9}
Successfully deleted: [Empty Folder] C:\Users\Vik\appdata\local\{E58F6C2D-CC8E-402C-904B-CAFC09E61079}



~~~ FireFox

Emptied folder: C:\Users\Vik\AppData\Roaming\mozilla\firefox\profiles\go2kcswx.default\minidumps [1035 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.01.2015 at 21:54:39,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Vik (administrator) on R2D2 on 27-01-2015 22:00:43
Running from C:\Users\Vik\Desktop
Loaded Profiles: Vik (Available profiles: Vik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\vsnp325.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Homelink 1202 WLAN\WpsCenterV.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnp325.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek) C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtWLan.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\Tor\tor.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [snp325] => C:\windows\vsnp325.exe [827392 2006-10-10] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5028464 2012-01-12] (VIA)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Homelink 1202 WLAN Software] => C:\Program Files (x86)\Homelink 1202 WLAN\WpsCenterV.exe [970752 2009-02-18] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FixCamera] => C:\windows\FixCamera.exe [20480 2007-02-12] ()
HKLM-x32\...\Run: [tsnp325] => C:\windows\tsnp325.exe [270336 2006-10-10] ()
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-07-27] (AMD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1594054226-1724268975-995926224-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52492;https=127.0.0.1:52492
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-1594054226-1724268975-995926224-1003 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.com/NxGame -> C:\ProgramData\Nexon\NGM\npnxgame.dll (Nexon)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Battlefield Play4Free - C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\Extensions\battlefieldplay4free@ea.com [2013-05-23]
FF Extension: Firefox Booster - C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-09-09]
FF Extension: {01dc9af9-fd04-4232-a097-05fdcac66d15} - C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\Extensions\{01dc9af9-fd04-4232-a097-05fdcac66d15}.xpi [2013-10-09]
FF Extension: Adblock Plus - C:\Users\Vik\AppData\Roaming\Mozilla\Firefox\Profiles\go2kcswx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-18]

Chrome:
=======
CHR Profile: C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-16]
CHR Extension: (Google Drive) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-16]
CHR Extension: (YouTube) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-16]
CHR Extension: (Google-Suche) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-16]
CHR Extension: (bloatfish) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdklkjmdbfblelkilbfbaoelgmjkcjf [2013-05-05]
CHR Extension: (Google Wallet) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-16]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jbdklkjmdbfblelkilbfbaoelgmjkcjf] - C:\Users\Vik\AppData\Local\BloatFish\Chrome\bloatfish.crx [2013-03-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-22] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-12-17] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Realtek11nSU; C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-03] () [File not signed] <==== ATTENTION
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [115328 2014-04-03] (Huawei Technologies Co., Ltd.) [File not signed]
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24496 2011-12-19] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [637360 2011-12-19] (Intel Corporation)
S3 PciIsaSerial; C:\Windows\system32\drivers\PciIsaSerial.sys [68608 2008-12-19] (Windows (R) Codename Longhorn DDK provider)
S3 PciPPorts; C:\Windows\system32\drivers\PciPPorts.sys [96768 2009-07-23] ()
S3 PciSPorts; C:\Windows\system32\drivers\PciSPorts.sys [122880 2008-12-19] ()
S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10549248 2007-04-03] (Sonix Co. Ltd.)
S3 XN720V64; C:\Windows\System32\DRIVERS\WLANUHN.sys [558080 2009-04-30] (Atheros Communications, Inc.)
S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2013-04-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2013-04-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 22:00 - 2015-01-27 22:04 - 00015290 _____ () C:\Users\Vik\Desktop\FRST.txt
2015-01-27 21:54 - 2015-01-27 21:54 - 00002256 _____ () C:\Users\Vik\Desktop\JRT.txt
2015-01-27 21:44 - 2015-01-27 21:44 - 00000000 ____D () C:\windows\ERUNT
2015-01-27 21:26 - 2015-01-27 21:26 - 01707939 _____ (Thisisu) C:\Users\Vik\Desktop\JRT.exe
2015-01-27 21:24 - 2015-01-27 21:25 - 02194432 _____ () C:\Users\Vik\Desktop\AdwCleaner_4.109.exe
2015-01-27 21:06 - 2015-01-27 21:06 - 00028397 _____ () C:\ComboFix.txt
2015-01-27 20:27 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-01-27 20:27 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-01-27 20:27 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-01-27 20:27 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-01-27 20:27 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-01-27 20:27 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-01-27 20:27 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-01-27 20:27 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-01-27 20:25 - 2015-01-27 21:07 - 00000000 ____D () C:\Qoobox
2015-01-27 20:25 - 2015-01-27 21:02 - 00000000 ____D () C:\windows\erdnt
2015-01-27 20:22 - 2015-01-27 20:22 - 05610622 ____R (Swearware) C:\Users\Vik\Desktop\ComboFix.exe
2015-01-27 17:36 - 2015-01-27 17:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 17:15 - 2015-01-27 22:00 - 00000000 ____D () C:\FRST
2015-01-27 17:13 - 2015-01-27 17:14 - 02129920 _____ (Farbar) C:\Users\Vik\Desktop\FRST64.exe
2015-01-27 07:47 - 2015-01-27 07:47 - 00000000 ____D () C:\1fe0756c6c79382b994f97939698f5bb
2015-01-26 17:26 - 2015-01-27 21:40 - 00001434 _____ () C:\windows\PFRO.log
2015-01-26 07:23 - 2015-01-27 21:40 - 00000896 _____ () C:\windows\setupact.log
2015-01-26 07:23 - 2015-01-26 07:23 - 00000000 _____ () C:\windows\setuperr.log
2015-01-20 13:01 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-20 13:01 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-20 13:01 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-20 13:01 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-20 13:01 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-20 13:01 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-20 13:00 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-20 13:00 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-20 13:00 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-20 13:00 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-20 13:00 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-20 13:00 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-20 13:00 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-17 10:15 - 2015-01-27 21:38 - 00001068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-17 10:10 - 2015-01-17 10:10 - 00000000 __SHD () C:\Users\Vik\AppData\Local\EmieBrowserModeList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 21:50 - 2011-12-31 23:14 - 01676212 _____ () C:\windows\WindowsUpdate.log
2015-01-27 21:50 - 2009-07-14 05:45 - 00024400 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-27 21:50 - 2009-07-14 05:45 - 00024400 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-27 21:41 - 2014-04-14 10:32 - 00065536 _____ () C:\windows\system32\Ikeext.etl
2015-01-27 21:38 - 2014-05-21 13:49 - 00001086 _____ () C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-27 21:38 - 2014-05-21 13:41 - 00001086 _____ () C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-27 21:38 - 2013-10-06 00:30 - 00000000 ____D () C:\AdwCleaner
2015-01-27 21:38 - 2012-10-24 18:16 - 00000998 _____ () C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-27 21:38 - 2012-10-24 18:12 - 00000000 ____D () C:\Users\Vik
2015-01-27 21:28 - 2011-04-12 08:43 - 00657812 _____ () C:\windows\system32\perfh007.dat
2015-01-27 21:28 - 2011-04-12 08:43 - 00132186 _____ () C:\windows\system32\perfc007.dat
2015-01-27 21:28 - 2009-07-14 06:13 - 01509606 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-27 21:02 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\tracing
2015-01-27 20:50 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2015-01-27 20:48 - 2013-04-18 21:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 20:47 - 2012-11-10 12:55 - 00000000 ____D () C:\Users\Vik\AppData\Roaming\SoftGrid Client
2015-01-27 20:17 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-01-26 17:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-26 17:12 - 2012-04-18 09:31 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-22 11:56 - 2012-10-31 19:34 - 00000000 ____D () C:\Users\Vik\AppData\Local\CrashDumps
2015-01-21 06:32 - 2013-04-28 19:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-21 06:02 - 2012-04-18 10:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-01-20 12:12 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2015-01-17 11:08 - 2014-04-02 04:32 - 00000000 ____D () C:\windows\system32\MRT
2015-01-17 11:04 - 2012-04-18 13:36 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-06 14:36 - 2013-07-20 16:28 - 00000000 ____D () C:\Users\Vik\AppData\Roaming\Skype
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-05-23 13:30 - 2014-05-23 13:33 - 0000005 _____ () C:\Users\Vik\AppData\Roaming\version.ini
2013-06-26 19:24 - 2013-06-26 19:24 - 0000091 _____ () C:\Users\Vik\AppData\Local\fusioncache.dat
2013-03-04 21:20 - 2013-03-04 21:24 - 0017408 _____ () C:\Users\Vik\AppData\Local\WebpageIcons.db
2013-06-02 13:14 - 2014-09-09 04:37 - 0002123 _____ () C:\ProgramData\hpzinstall.log
2011-05-22 14:09 - 2011-05-22 14:09 - 0019624 _____ () C:\ProgramData\iml.xml
2013-03-08 12:20 - 2013-03-08 12:20 - 0000040 _____ () C:\ProgramData\ra3.ini
2011-05-22 14:09 - 2011-05-22 14:09 - 0019624 _____ () C:\ProgramData\winiml.dat

Files to move or delete:
====================
C:\ProgramData\winiml.dat


Some content of TEMP:
====================
C:\Users\Vik\AppData\Local\Temp\avgnt.exe
C:\Users\Vik\AppData\Local\Temp\Quarantine.exe
C:\Users\Vik\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-09-01 15:35

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Vik at 2015-01-27 22:07:08
Running from C:\Users\Vik\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

325 USB PC Camera  (HKLM-x32\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.0.3.201 - Sonix)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
AdInjectionSetup (x32 Version: 1.0.0.0 - Covus Freemium GmbH) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Free YouTube Download version 3.1.39.1015 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.39.1015 - DVDVideoSoft Ltd.)
Hama Wireless LAN Adapter (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0159 - Hama GmbH & Co KG)
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
IM Lock (HKLM-x32\...\IMLock) (Version:  - Comvigo, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Nero 7 Premium (HKLM-x32\...\{42347B75-9660-2DA4-63FD-D35E344E1031}) (Version: 7.01.0483 - Nero AG)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

27-01-2015 14:53:01 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-27 20:46 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {088C4E6E-F319-4586-9A7F-8E14BA864C91} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {34EF6563-6035-4120-9C9F-4857AD49BB56} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-30] (Adobe Systems Incorporated)
Task: {8233B8F7-C924-4961-B631-FDDED4E220A8} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {9BC012DC-5E03-4481-85C5-0D2176F9A7B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {9C2B630F-AE05-46C2-9863-C0720F20CF0D} - System32\Tasks\{229C5D78-4882-4341-8158-B91C43484527} => pcalua.exe -a "C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl" -c Nero BurnRights
Task: {D58ACE25-C54B-472F-9514-F4348BE94A83} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {ED02BBD2-FD45-4218-89D4-DEC059E055AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-08-14 12:22 - 2006-10-10 13:11 - 00827392 _____ () C:\Windows\vsnp325.exe
2013-04-25 15:27 - 2009-02-18 07:50 - 00970752 _____ () C:\Program Files (x86)\Homelink 1202 WLAN\WpsCenterV.exe
2013-08-14 12:22 - 2007-02-12 13:50 - 00020480 _____ () C:\Windows\FixCamera.exe
2013-08-14 12:22 - 2006-10-10 14:49 - 00270336 _____ () C:\Windows\tsnp325.exe
2013-09-03 19:23 - 2013-09-03 19:23 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2013-04-25 15:27 - 2009-02-18 07:50 - 00425984 _____ () C:\Program Files (x86)\Homelink 1202 WLAN\NICDLLV.dll
2013-11-11 16:23 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\Hama\Wireless LAN RTL8192SU\EnumDevLib.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Vik\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Vik\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Vik\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: Win32 Update => C:\Users\Vik\Documents\DCSCMIN\IMDCSC.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1594054226-1724268975-995926224-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1594054226-1724268975-995926224-1009 - Limited - Enabled)
Gast (S-1-5-21-1594054226-1724268975-995926224-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1594054226-1724268975-995926224-1005 - Limited - Enabled)
Vik (S-1-5-21-1594054226-1724268975-995926224-1003 - Administrator - Enabled) => C:\Users\Vik

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-01-27 20:36:51.496
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-27 20:36:51.418
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: AMD A4-3300 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 20%
Total physical RAM: 3581.41 MB
Available physical RAM: 2855.75 MB
Total Pagefile: 7161.01 MB
Available Pagefile: 5585.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:138.95 GB) (Free:94.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 8888D541)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=139 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=27)

==================== End Of Log ============================

cosinus 27.01.2015 22:20
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52492;https=127.0.0.1:52492
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
AlternateDataStreams: C:\Users\Vik\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Vik\AppData\Roaming:NT
C:\ProgramData\winiml.dat
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
C:\Windows\SysWOW64\iml.vbs
EmptyTemp:
Hosts:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Speed9001 27.01.2015 22:38
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01
Ran by Vik at 2015-01-27 22:28:23 Run:1
Running from C:\Users\Vik\Desktop
Loaded Profiles: Vik (Available profiles: Vik)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1594054226-1724268975-995926224-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52492;https=127.0.0.1:52492
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
AlternateDataStreams: C:\Users\Vik\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Vik\AppData\Roaming:NT
C:\ProgramData\winiml.dat
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
C:\Windows\SysWOW64\iml.vbs
EmptyTemp:
Hosts:
*****************

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk => Moved successfully.
C:\Windows\System32\iml.vbs => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk => Moved successfully.
C:\Windows\SysWOW64\iml.vbs => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-1594054226-1724268975-995926224-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"C:\Users\Vik\Anwendungsdaten" => ":NT" ADS not found.
C:\Users\Vik\AppData\Roaming => ":NT" ADS removed successfully.
C:\ProgramData\winiml.dat => Moved successfully.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk" => File/Directory not found.
"C:\Windows\SysWOW64\iml.vbs" => File/Directory not found.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 138 MB temporary data.


The system needed a reboot.

==== End of Fixlog 22:28:46 ====


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:48 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131