Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
unerwünschte Seiten gehen beim surfen auf

unerwünschte Seiten gehen beim surfen auf


Plagegeister aller Art und deren Bekämpfung: unerwünschte Seiten gehen beim surfen auf

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.05.2014, 11:14   #1
Alen2525
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Hallo,bitte um eure Mitthilfe:
Bei surfen mit google gehen dauernd seiten oder werbung auf ,das nervt ohne ende weiss nicht wie ich den Mist wieder loskriege...eventuell über Malware oder wie?

danke im voraus
Alen

Alt 01.05.2014, 13:27   #2
M-K-D-B
/// TB-Ausbilder
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf





Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 4 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
    Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
    Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.





Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Alt 01.05.2014, 13:58   #3
Alen2525
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-05-2014
Ran by Lenn (administrator) on LENN-PC on 01-05-2014 14:55:08
Running from C:\Users\Lenn\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
() C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
() C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Sony Corporation) C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(1und1 Mail und Media GmbH) C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Lavasoft) C:\ProgramData\Search Protection\SearchProtection.exe
(Tobit.Software) C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung Electronics) C:\Program Files\Samsung\Kies\KiesAirMessage.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
(Dropbox, Inc.) C:\Users\Lenn\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Google Inc.) C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\OneClick.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TUDefragBackend32.exe
(Farbar) C:\Users\Lenn\Downloads\FRST (1).exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7862816 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (ScanSoft, Inc.)
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\wlangui.exe [1904640 2009-05-07] (AVM Berlin)
HKLM\...\Run: [NokiaMusic FastStart] => C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2192672 2010-03-04] (Nokia)
HKLM\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737360 2014-04-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295072 2012-12-19] (RealNetworks, Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [MailCheck IE Broker] => C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [1766464 2013-10-17] (1und1 Mail und Media GmbH)
HKLM\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM\...\Run: [Search Protection] => C:\ProgramData\Search Protection\SearchProtection.exe [949512 2014-02-17] (Lavasoft)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000\...\Run: [Google Update] => C:\Users\Lenn\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-03] (Google Inc.)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000\...\Run: [RfxSrvTray] => C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-05-22] (Samsung Electronics)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000\...\Run: [GoogleChromeAutoLaunch_C125459A4FAAD383F7DA0EEF6D2C6FBD] => C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe [841032 2014-04-02] (Google Inc.)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000\...\Run: [KiesPDLR.exe] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000\...\MountPoints2: {0fb2b32c-32bf-11df-bdf4-00306735e0bd} - H:\pushinst.exe
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000\...\MountPoints2: {b304c832-351b-11df-ba6a-001a4f9dcdd4} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Lenn\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-03] (Google Inc.)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RfxSrvTray] => C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-05-22] (Samsung Electronics)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_C125459A4FAAD383F7DA0EEF6D2C6FBD] => C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe [841032 2014-04-02] (Google Inc.)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesPDLR.exe] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare 7] => C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0fb2b32c-32bf-11df-bdf4-00306735e0bd} - H:\pushinst.exe
HKU\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b304c832-351b-11df-ba6a-001a4f9dcdd4} - F:\NokiaPCIA_Autorun.exe
Startup: C:\Users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lenn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3520 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 3520 series (Netzwerk).lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x70B330D949CACB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {2E0E1FD5-B8E3-4D03-B223-0AC28770E591} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-04-29&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {7DCA3330-EE88-4C16-8FB4-95EEF6EE1AD4} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&origin=searchplugin
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: WEB.DE Konfiguration - {17166733-40EA-4432-A85C-AE672FF0E236} - C:\ProgramData\1und1InternetExplorerAddon\BHOXML.dll (1&1 Mail & Media GmbH)
BHO: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Winsock: Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 17 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\Lenn\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Lenn\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Lenn\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-01-20]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ []

Chrome:
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-04-29&ent=hp&u=63C3EBA5067B6FF760C1D3535FD88A10
CHR StartupUrls: "hxxp://www.google.de/"
CHR DefaultSearchKeyword: securesearch
CHR DefaultSearchProvider: SecureSearch
CHR DefaultSearchURL: hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-04-29&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (HQVid8.1b) - C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-04-02]
CHR Extension: (AdBlock) - C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-17]
CHR Extension: (RealDownloader) - C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2012-12-19]
CHR Extension: (MediaPlayerplus) - C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-08]
CHR Extension: (DVDVideoSoft) - C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-02-09]
CHR Extension: (Google Wallet) - C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-01-20]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-02-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-04-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-04-29] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [368640 2009-05-07] (AVM Berlin)
R2 CDMA Device Service; C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [63488 2011-08-02] ()
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [387616 2009-08-10] ()
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [178720 2009-08-10] ()
R2 Radio.fx; C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1740600 2013-09-09] (TuneUp Software)
S2 vosr; C:\Users\Lenn\AppData\Roaming\VOPackage\VOsrv.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-12-20] (AVM Berlin)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-05-22] ()
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2007-12-20] (AVM GmbH)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-03-10] (Initio Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-05-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-01 14:54 - 2014-05-01 14:54 - 01050624 _____ (Farbar) C:\Users\Lenn\Downloads\FRST (1).exe
2014-05-01 11:53 - 2014-05-01 11:54 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-01 11:46 - 2014-05-01 11:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-01 11:35 - 2014-05-01 11:35 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000 (1).exe
2014-05-01 11:32 - 2014-05-01 14:04 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-01 11:31 - 2014-05-01 11:55 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-01 11:31 - 2014-05-01 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-01 11:31 - 2014-05-01 11:55 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-05-01 11:31 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-01 11:31 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-01 11:30 - 2014-05-01 11:30 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000.exe
2014-05-01 11:22 - 2014-05-01 11:39 - 00054692 _____ () C:\Users\Lenn\Downloads\Addition.txt
2014-05-01 11:20 - 2014-05-01 14:55 - 00027460 _____ () C:\Users\Lenn\Downloads\FRST.txt
2014-05-01 11:19 - 2014-05-01 14:55 - 00000000 ____D () C:\FRST
2014-05-01 11:19 - 2014-05-01 11:19 - 01050624 _____ (Farbar) C:\Users\Lenn\Downloads\FRST.exe
2014-04-29 18:54 - 2014-04-29 18:54 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\LavasoftStatistics
2014-04-29 18:52 - 2014-04-29 18:52 - 00000061 _____ () C:\prefs.js
2014-04-29 18:52 - 2014-04-29 18:52 - 00000000 ____D () C:\ProgramData\Search Protection
2014-04-29 18:51 - 2014-05-01 10:42 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-04-29 18:51 - 2014-04-29 18:52 - 00000000 ____D () C:\Users\Lenn\AppData\Local\adawarebp
2014-04-29 18:51 - 2014-04-29 18:51 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\SecureSearch
2014-04-29 18:51 - 2014-04-29 18:51 - 00000000 ____D () C:\Program Files\Toolbar Cleaner
2014-04-29 18:51 - 2014-04-29 18:51 - 00000000 ____D () C:\Program Files\Lavasoft
2014-04-29 18:48 - 2014-04-29 18:48 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\Lavasoft
2014-04-29 18:47 - 2014-04-29 18:47 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-04-29 18:46 - 2014-04-29 18:46 - 01727624 _____ () C:\Users\Lenn\Downloads\Adaware_Installer_11.1.5354.exe
2014-04-29 16:56 - 2014-05-01 10:41 - 00000112 _____ () C:\Windows\setupact.log
2014-04-29 16:56 - 2014-04-29 16:56 - 00001240 _____ () C:\Windows\PFRO.log
2014-04-29 16:56 - 2014-04-29 16:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-29 13:49 - 2014-04-29 13:49 - 00001190 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-04-29 13:48 - 2014-04-29 14:02 - 00002155 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-04-29 13:48 - 2014-04-29 13:48 - 00000000 ____D () C:\ProgramData\ProductData
2014-04-29 13:48 - 2014-04-29 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-04-29 13:48 - 2014-04-29 13:48 - 00000000 ____D () C:\ProgramData\IObit
2014-04-29 13:48 - 2014-04-29 13:48 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-04-29 13:48 - 2014-04-29 13:48 - 00000000 ____D () C:\Program Files\IObit
2014-04-29 13:47 - 2014-04-29 13:49 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\IObit
2014-04-29 13:47 - 2014-04-29 13:47 - 41807824 _____ (IObit ) C:\Users\Lenn\Downloads\advanced-72systemcare-setup.exe
2014-04-28 19:34 - 2014-04-02 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll
2014-04-28 19:31 - 2014-04-28 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-04-28 19:31 - 2014-04-28 19:31 - 00000000 ____D () C:\Program Files\MyFree Codec
2014-04-28 19:30 - 2014-01-23 05:21 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-04-28 19:30 - 2014-01-23 05:21 - 00088576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-04-19 18:20 - 2014-05-01 14:24 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Lenn.job
2014-04-19 18:20 - 2014-05-01 10:43 - 00000372 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Lenn.job
2014-04-19 18:20 - 2014-04-29 18:25 - 00000362 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Lenn.job
2014-04-14 19:42 - 2014-04-14 19:42 - 00709352 _____ ( ) C:\Users\Lenn\Downloads\COMPUTER_BILD-Download-Manager_fuer_adwcleaner (1).exe
2014-04-09 15:34 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 15:34 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 15:34 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 15:34 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 15:34 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 15:34 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 15:34 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 15:34 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 19:09 - 2014-04-14 19:44 - 00000000 ____D () C:\AdwCleaner
2014-04-08 19:08 - 2014-04-14 19:42 - 01426178 _____ () C:\Users\Lenn\Downloads\adwcleaner.exe
2014-04-08 19:08 - 2014-04-08 19:08 - 00709352 _____ ( ) C:\Users\Lenn\Downloads\COMPUTER_BILD-Download-Manager_fuer_adwcleaner.exe
2014-04-05 19:42 - 2014-04-08 17:55 - 00001087 _____ () C:\Users\Lenn\Desktop\Continue VuuPC Installation.lnk
2014-04-05 18:44 - 2014-04-05 18:47 - 00000000 ____D () C:\Users\Lenn\Desktop\Miete C Kombi RA GA 1993
2014-04-02 19:40 - 2014-05-01 14:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-02 19:40 - 2014-04-02 19:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-02 19:39 - 2014-05-01 13:39 - 00001510 _____ () C:\Windows\Tasks\392ffcae-1e06-4ff7-a595-a4182423a160-5.job
2014-04-02 19:38 - 2014-05-01 13:39 - 00001430 _____ () C:\Windows\Tasks\97fc677a-1181-48c0-a419-9dbd03a94900-5.job
2014-04-02 19:38 - 2014-05-01 13:39 - 00001420 _____ () C:\Windows\Tasks\392ffcae-1e06-4ff7-a595-a4182423a160-2.job
2014-04-02 19:38 - 2014-05-01 13:38 - 00002186 _____ () C:\Windows\Tasks\392ffcae-1e06-4ff7-a595-a4182423a160-4.job
2014-04-02 19:38 - 2014-05-01 13:38 - 00001446 _____ () C:\Windows\Tasks\392ffcae-1e06-4ff7-a595-a4182423a160-1.job
2014-04-02 19:38 - 2014-05-01 13:38 - 00001340 _____ () C:\Windows\Tasks\97fc677a-1181-48c0-a419-9dbd03a94900-2.job
2014-04-02 19:38 - 2014-04-02 19:37 - 01176896 _____ (AnyProtect.com) C:\Users\Lenn\AppData\Local\nss7D41.tmp
2014-04-02 19:37 - 2014-05-01 13:38 - 00001354 _____ () C:\Windows\Tasks\97fc677a-1181-48c0-a419-9dbd03a94900-1.job
2014-04-02 19:37 - 2014-05-01 13:37 - 00002352 _____ () C:\Windows\Tasks\97fc677a-1181-48c0-a419-9dbd03a94900-4.job
2014-04-02 19:36 - 2014-05-01 13:38 - 00000000 ____D () C:\Program Files\MediaPlayerplus
2014-04-02 19:36 - 2014-05-01 13:37 - 00003108 _____ () C:\Windows\Tasks\392ffcae-1e06-4ff7-a595-a4182423a160-3.job
2014-04-02 19:36 - 2014-05-01 13:37 - 00000000 ____D () C:\Program Files\HQVid8.1b
2014-04-02 19:36 - 2014-05-01 13:36 - 00002752 _____ () C:\Windows\Tasks\97fc677a-1181-48c0-a419-9dbd03a94900-3.job
2014-04-02 19:35 - 2014-04-05 20:00 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-02 19:34 - 2014-04-02 19:34 - 00442272 _____ () C:\Users\Lenn\Downloads\Setup.exe
2014-04-02 18:00 - 2014-04-02 18:00 - 00120832 _____ () C:\Users\Lenn\Downloads\PEP_März2014_Heidelberg (3).xls
2014-04-02 15:34 - 2014-04-02 15:34 - 00119808 _____ () C:\Users\Lenn\Downloads\PEP_April2014_Heidelberg (2).xls

==================== One Month Modified Files and Folders =======

2014-05-01 14:55 - 2014-05-01 11:20 - 00027460 _____ () C:\Users\Lenn\Downloads\FRST.txt
2014-05-01 14:55 - 2014-05-01 11:19 - 00000000 ____D () C:\FRST
2014-05-01 14:54 - 2014-05-01 14:54 - 01050624 _____ (Farbar) C:\Users\Lenn\Downloads\FRST (1).exe
2014-05-01 14:27 - 2010-08-03 21:52 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-01 14:25 - 2014-04-02 19:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 14:24 - 2014-04-19 18:20 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Lenn.job
2014-05-01 14:11 - 2011-11-03 12:29 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972869702-3957550254-3659153023-1000UA.job
2014-05-01 14:04 - 2014-05-01 11:32 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-01 13:39 - 2014-04-02 19:39 - 00001510 _____ () C:\Windows\Tasks\392ffcae-1e06-4ff7-a595-a4182423a160-5.job
2014-05-01 13:39 - 2014-04-02 19:38 - 00001430 _____ () C:\Windows\Tasks\97fc677a-1181-48c0-a419-9dbd03a94900-5.job
2014-05-01 13:39 - 2014-04-02 19:38 - 00001420 _____ () C:\Windows\Tasks\392ffcae-1e06-4ff7-a595-a4182423a160-2.job
2014-05-01 13:38 - 2014-04-02 19:38 - 00002186 _____ () C:\Windows\Tasks\392ffcae-1e06-4ff7-a595-a4182423a160-4.job
2014-05-01 13:38 - 2014-04-02 19:38 - 00001446 _____ () C:\Windows\Tasks\392ffcae-1e06-4ff7-a595-a4182423a160-1.job
2014-05-01 13:38 - 2014-04-02 19:38 - 00001340 _____ () C:\Windows\Tasks\97fc677a-1181-48c0-a419-9dbd03a94900-2.job
2014-05-01 13:38 - 2014-04-02 19:37 - 00001354 _____ () C:\Windows\Tasks\97fc677a-1181-48c0-a419-9dbd03a94900-1.job
2014-05-01 13:38 - 2014-04-02 19:36 - 00000000 ____D () C:\Program Files\MediaPlayerplus
2014-05-01 13:37 - 2014-04-02 19:37 - 00002352 _____ () C:\Windows\Tasks\97fc677a-1181-48c0-a419-9dbd03a94900-4.job
2014-05-01 13:37 - 2014-04-02 19:36 - 00003108 _____ () C:\Windows\Tasks\392ffcae-1e06-4ff7-a595-a4182423a160-3.job
2014-05-01 13:37 - 2014-04-02 19:36 - 00000000 ____D () C:\Program Files\HQVid8.1b
2014-05-01 13:36 - 2014-04-02 19:36 - 00002752 _____ () C:\Windows\Tasks\97fc677a-1181-48c0-a419-9dbd03a94900-3.job
2014-05-01 12:35 - 2010-03-18 20:45 - 01951954 _____ () C:\Windows\WindowsUpdate.log
2014-05-01 11:55 - 2014-05-01 11:31 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-01 11:55 - 2014-05-01 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-01 11:55 - 2014-05-01 11:31 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-05-01 11:54 - 2014-05-01 11:53 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-01 11:46 - 2014-05-01 11:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-01 11:39 - 2014-05-01 11:22 - 00054692 _____ () C:\Users\Lenn\Downloads\Addition.txt
2014-05-01 11:35 - 2014-05-01 11:35 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000 (1).exe
2014-05-01 11:31 - 2012-07-28 15:07 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\Malwarebytes
2014-05-01 11:31 - 2012-07-28 15:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-01 11:30 - 2014-05-01 11:30 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000.exe
2014-05-01 11:22 - 2009-07-14 06:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-01 11:22 - 2009-07-14 06:34 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-01 11:19 - 2014-05-01 11:19 - 01050624 _____ (Farbar) C:\Users\Lenn\Downloads\FRST.exe
2014-05-01 11:18 - 2010-03-18 21:52 - 00002354 _____ () C:\Users\Lenn\Desktop\Google Chrome.lnk
2014-05-01 10:43 - 2014-04-19 18:20 - 00000372 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Lenn.job
2014-05-01 10:43 - 2011-09-16 13:21 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\Dropbox
2014-05-01 10:42 - 2014-04-29 18:51 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-01 10:42 - 2011-09-16 13:26 - 00000000 ___RD () C:\Users\Lenn\Dropbox
2014-05-01 10:41 - 2014-04-29 16:56 - 00000112 _____ () C:\Windows\setupact.log
2014-05-01 10:41 - 2010-08-03 21:52 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-01 10:41 - 2010-03-18 21:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-01 10:41 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-29 19:10 - 2011-11-03 12:29 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972869702-3957550254-3659153023-1000Core.job
2014-04-29 18:54 - 2014-04-29 18:54 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\LavasoftStatistics
2014-04-29 18:52 - 2014-04-29 18:52 - 00000061 _____ () C:\prefs.js
2014-04-29 18:52 - 2014-04-29 18:52 - 00000000 ____D () C:\ProgramData\Search Protection
2014-04-29 18:52 - 2014-04-29 18:51 - 00000000 ____D () C:\Users\Lenn\AppData\Local\adawarebp
2014-04-29 18:51 - 2014-04-29 18:51 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\SecureSearch
2014-04-29 18:51 - 2014-04-29 18:51 - 00000000 ____D () C:\Program Files\Toolbar Cleaner
2014-04-29 18:51 - 2014-04-29 18:51 - 00000000 ____D () C:\Program Files\Lavasoft
2014-04-29 18:48 - 2014-04-29 18:48 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\Lavasoft
2014-04-29 18:47 - 2014-04-29 18:47 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-04-29 18:46 - 2014-04-29 18:46 - 01727624 _____ () C:\Users\Lenn\Downloads\Adaware_Installer_11.1.5354.exe
2014-04-29 18:25 - 2014-04-19 18:20 - 00000362 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Lenn.job
2014-04-29 16:56 - 2014-04-29 16:56 - 00001240 _____ () C:\Windows\PFRO.log
2014-04-29 16:56 - 2014-04-29 16:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-29 16:56 - 2009-10-14 05:07 - 00000000 ____D () C:\Windows\Panther
2014-04-29 14:02 - 2014-04-29 13:48 - 00002155 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-04-29 14:02 - 2011-09-16 13:24 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-29 14:02 - 2011-08-29 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GmoteServer
2014-04-29 14:02 - 2010-09-23 18:36 - 00690688 ___SH () C:\Users\Lenn\Desktop\Thumbs.db
2014-04-29 14:02 - 2010-03-22 14:03 - 00000000 ____D () C:\Windows\Minidump
2014-04-29 13:56 - 2010-03-19 15:05 - 00000000 ____D () C:\Program Files\PDFCreator
2014-04-29 13:49 - 2014-04-29 13:49 - 00001190 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-04-29 13:49 - 2014-04-29 13:47 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\IObit
2014-04-29 13:49 - 2011-11-09 17:07 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\Apple Computer
2014-04-29 13:48 - 2014-04-29 13:48 - 00000000 ____D () C:\ProgramData\ProductData
2014-04-29 13:48 - 2014-04-29 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-04-29 13:48 - 2014-04-29 13:48 - 00000000 ____D () C:\ProgramData\IObit
2014-04-29 13:48 - 2014-04-29 13:48 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-04-29 13:48 - 2014-04-29 13:48 - 00000000 ____D () C:\Program Files\IObit
2014-04-29 13:47 - 2014-04-29 13:47 - 41807824 _____ (IObit ) C:\Users\Lenn\Downloads\advanced-72systemcare-setup.exe
2014-04-29 10:59 - 2012-10-23 22:23 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-04-29 10:59 - 2012-10-23 22:23 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-04-28 20:01 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-28 19:42 - 2011-09-22 21:34 - 00000000 ____D () C:\Users\Lenn\Documents\samsung
2014-04-28 19:35 - 2014-01-29 19:53 - 00001919 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-04-28 19:35 - 2011-01-26 16:53 - 00000000 ____D () C:\Users\Lenn\AppData\Local\Downloaded Installations
2014-04-28 19:34 - 2011-09-22 21:30 - 00000000 ____D () C:\Program Files\Samsung
2014-04-28 19:32 - 2011-09-22 21:39 - 00000000 ____D () C:\Users\Lenn\Documents\SelfMV
2014-04-28 19:31 - 2014-04-28 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-04-28 19:31 - 2014-04-28 19:31 - 00000000 ____D () C:\Program Files\MyFree Codec
2014-04-28 19:31 - 2014-01-29 19:46 - 00001952 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-04-14 19:44 - 2014-04-08 19:09 - 00000000 ____D () C:\AdwCleaner
2014-04-14 19:42 - 2014-04-14 19:42 - 00709352 _____ ( ) C:\Users\Lenn\Downloads\COMPUTER_BILD-Download-Manager_fuer_adwcleaner (1).exe
2014-04-14 19:42 - 2014-04-08 19:08 - 01426178 _____ () C:\Users\Lenn\Downloads\adwcleaner.exe
2014-04-11 19:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-11 18:46 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-09 21:18 - 2010-03-19 14:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 21:17 - 2013-08-15 20:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 21:14 - 2009-10-14 04:21 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 19:12 - 2012-11-13 12:53 - 00001048 _____ () C:\Users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE.lnk
2014-04-08 19:12 - 2011-07-17 19:51 - 00001120 _____ () C:\Users\Lenn\Desktop\Internet Explorer.lnk
2014-04-08 19:12 - 2010-03-18 21:52 - 00000000 ____D () C:\Users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-08 19:12 - 2010-03-18 20:50 - 00001150 _____ () C:\Users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-08 19:11 - 2010-11-21 18:37 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-04-08 19:08 - 2014-04-08 19:08 - 00709352 _____ ( ) C:\Users\Lenn\Downloads\COMPUTER_BILD-Download-Manager_fuer_adwcleaner.exe
2014-04-08 17:55 - 2014-04-05 19:42 - 00001087 _____ () C:\Users\Lenn\Desktop\Continue VuuPC Installation.lnk
2014-04-05 20:00 - 2014-04-02 19:35 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-05 19:37 - 2010-03-18 20:50 - 00000000 ____D () C:\Users\Lenn
2014-04-05 19:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-04-05 19:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2014-04-05 19:35 - 2010-03-19 07:28 - 00000000 ____D () C:\ProgramData\Real
2014-04-05 19:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-04-05 18:47 - 2014-04-05 18:44 - 00000000 ____D () C:\Users\Lenn\Desktop\Miete C Kombi RA GA 1993
2014-04-03 09:51 - 2014-05-01 11:31 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-05-01 11:31 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2012-07-28 15:07 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 19:40 - 2014-04-02 19:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-02 19:40 - 2011-05-13 14:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-02 19:37 - 2014-04-02 19:38 - 01176896 _____ (AnyProtect.com) C:\Users\Lenn\AppData\Local\nss7D41.tmp
2014-04-02 19:35 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-02 19:34 - 2014-04-02 19:34 - 00442272 _____ () C:\Users\Lenn\Downloads\Setup.exe
2014-04-02 18:00 - 2014-04-02 18:00 - 00120832 _____ () C:\Users\Lenn\Downloads\PEP_März2014_Heidelberg (3).xls
2014-04-02 15:34 - 2014-04-02 15:34 - 00119808 _____ () C:\Users\Lenn\Downloads\PEP_April2014_Heidelberg (2).xls
2014-04-02 11:18 - 2014-04-28 19:34 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll

Files to move or delete:
====================
C:\ProgramData\zak_lo0i7g.pad


Some content of TEMP:
====================
C:\Users\Lenn\AppData\Local\Temp\2ef10256-c309-4d2f-98b7-9f78a902e800.exe
C:\Users\Lenn\AppData\Local\Temp\avgnt.exe
C:\Users\Lenn\AppData\Local\Temp\Execute2App.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 11:33

hier bitte...
__________________
Alt 01.05.2014, 16:22   #4
M-K-D-B
/// TB-Ausbilder
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Servus,



Zitat:
Running from C:\Users\Lenn\Downloads
Bitte alle Tools auf dem Desktop abspeichern und von dort starten, nicht vom Downloadordner!




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
Alt 01.05.2014, 17:21   #5
Alen2525
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Hallo,habe Combofix runtergeladen.Es kommt nach dem öffnen aber immer eine meldung das Kombofix nicht unbenannt werden kann.Und das Programm schliesst scih dann?

icrosoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.2815.1544 [GMT 2:00]
ausgeführt von:: c:\users\Lenn\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\driver
c:\programdata\zak_lo0i7g.pad
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0\24
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0\28
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\background.html
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\chromeCoreFilesIndex.txt
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\crossriderManifest.json
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\manifest.xml
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins.json
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\1.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\102.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\103.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\104.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\119.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\13.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\14.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\17.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\177.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\179.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\180.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\182.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\183.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\19.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\191.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\207.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\21.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\22.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\223.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\231.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\232.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\242.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\246.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\28.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\4.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\47.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\64.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\72.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\78.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\80.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\91.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\93.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\plugins\97.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\userCode\background.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\extensionData\userCode\extension.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\icons\actions\1.png
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\icons\icon128.png
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\icons\icon16.png
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\icons\icon48.png
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\chrome.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\cookie.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\message.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\monitor.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\pageAction.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\api\pageActionBG.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\background.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\app_api.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\bg_app_api.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\consts.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\cookie_store.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\crossriderAPI.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\delegate.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\events.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\extensionDataStore.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\installer.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\logFile.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\logging.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\onBGDocumentLoad.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\popupResource\newPopup.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\popupResource\popup.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\reports.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\storageWrapper.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\updateManager.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\util.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\lib\xhr.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\main.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\js\platformVersion.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\manifest.json
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.34_0\popup.html
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\background.html
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\chromeCoreFilesIndex.txt
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\crossriderManifest.json
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\manifest.xml
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins.json
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\1.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\102.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\103.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\104.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\13.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\14.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\155.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\17.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\177.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\182.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\183.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\184.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\19.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\190.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\191.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\195.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\207.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\21.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\211.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\22.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\220.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\233.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\242.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\246.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\28.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\4.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\47.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\64.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\7.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\72.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\78.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\80.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\9.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\91.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\93.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\plugins\97.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\userCode\background.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\extensionData\userCode\extension.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\icons\actions\1.png
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\icons\icon128.png
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\icons\icon16.png
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\icons\icon48.png
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\api\chrome.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\api\cookie.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\api\message.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\api\monitor.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\api\pageAction.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\api\pageActionBG.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\background.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\app_api.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\bg_app_api.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\consts.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\cookie_store.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\crossriderAPI.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\delegate.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\events.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\extensionDataStore.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\installer.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\logFile.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\logging.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\onBGDocumentLoad.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\popupResource\newPopup.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\popupResource\popup.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\reports.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\storageWrapper.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\updateManager.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\util.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\lib\xhr.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\main.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\js\platformVersion.js
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\manifest.json
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0\popup.html
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000214.ldb
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000222.ldb
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\000229.log
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\CURRENT
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOCK
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOG
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\LOG.old
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\deghekbbihbapplmbffglehkdhkeibbm\MANIFEST-000227
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000138.ldb
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000146.ldb
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000155.ldb
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000162.log
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\CURRENT
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOCK
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG.old
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\MANIFEST-000160
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0.localstorage-journal
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deghekbbihbapplmbffglehkdhkeibbm_0.localstorage
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage-journal
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage
c:\users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Lenn\AppData\Local\nss7D41.tmp
c:\users\Lenn\AppData\Roaming\AcroIEHelpe.txt
c:\users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk
c:\users\Lenn\AppData\Roaming\srvblck5.tmp
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-04-01 bis 2014-05-01 ))))))))))))))))))))))))))))))
.
.
2014-05-01 16:13 . 2014-05-01 16:13 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-05-01 16:13 . 2014-05-01 16:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-01 16:05 . 2014-05-01 16:05 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D82E2C1B-E2E8-4133-9142-4EAAC7EBF2B0}\offreg.dll
2014-05-01 14:27 . 2014-05-01 14:27 -------- d-----w- c:\programdata\UUdb
2014-05-01 09:32 . 2014-05-01 15:40 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-01 09:31 . 2014-05-01 09:55 -------- d-----w- c:\program files\ Malwarebytes Anti-Malware
2014-05-01 09:31 . 2014-04-03 07:51 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-01 09:31 . 2014-04-03 07:51 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-01 09:19 . 2014-05-01 12:55 -------- d-----w- C:\FRST
2014-04-29 16:52 . 2014-04-29 16:52 -------- d-----w- c:\programdata\Search Protection
2014-04-29 16:52 . 2014-04-29 16:52 61 ----a-w- C:\prefs.js
2014-04-29 16:51 . 2014-04-29 16:52 -------- d-----w- c:\users\Lenn\AppData\Local\adawarebp
2014-04-29 16:51 . 2014-05-01 08:42 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2014-04-29 16:51 . 2014-04-29 16:51 -------- d-----w- c:\program files\Toolbar Cleaner
2014-04-29 16:51 . 2014-04-29 16:51 -------- d-----w- c:\users\Lenn\AppData\Roaming\SecureSearch
2014-04-29 16:51 . 2014-04-29 16:51 -------- d-----w- c:\program files\Lavasoft
2014-04-29 16:48 . 2014-04-29 16:48 -------- d-----w- c:\users\Lenn\AppData\Roaming\Lavasoft
2014-04-29 16:47 . 2014-04-29 16:47 -------- d-----w- c:\programdata\Lavasoft
2014-04-29 11:48 . 2014-04-29 11:48 -------- d-----w- c:\programdata\ProductData
2014-04-29 11:48 . 2014-04-29 11:48 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-04-29 11:48 . 2014-04-29 11:48 -------- d-----w- c:\programdata\IObit
2014-04-29 11:48 . 2014-04-29 11:48 -------- d-----w- c:\program files\IObit
2014-04-29 11:47 . 2014-04-29 11:49 -------- d-----w- c:\users\Lenn\AppData\Roaming\IObit
2014-04-29 09:05 . 2014-04-17 03:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D82E2C1B-E2E8-4133-9142-4EAAC7EBF2B0}\mpengine.dll
2014-04-28 17:34 . 2014-04-02 09:18 144664 ----a-w- c:\windows\system32\secman.dll
2014-04-28 17:31 . 2014-04-28 17:31 -------- d-----w- c:\program files\MyFree Codec
2014-04-28 17:30 . 2014-01-23 03:21 88576 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2014-04-28 17:30 . 2014-01-23 03:21 184192 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2014-04-09 13:34 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-09 13:34 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-09 13:34 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-09 13:34 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-09 13:34 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-09 13:34 . 2014-03-31 00:13 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-08 17:09 . 2014-04-14 17:44 -------- d-----w- C:\AdwCleaner
2014-04-02 17:44 . 2014-04-05 17:36 -------- d-----w- c:\program files\Uninstaller
2014-04-02 17:40 . 2014-04-02 17:40 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-02 17:36 . 2014-05-01 11:38 -------- d-----w- c:\program files\MediaPlayerplus
2014-04-02 17:36 . 2014-05-01 11:37 -------- d-----w- c:\program files\HQVid8.1b
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-29 08:59 . 2012-10-23 20:23 93528 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-04-29 08:59 . 2012-10-23 20:23 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-04-03 07:50 . 2012-07-28 13:07 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-02 17:40 . 2011-05-13 12:00 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-31 07:35 . 2009-10-14 02:21 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-01 04:10 . 2014-03-15 11:54 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 03:52 . 2014-03-15 11:54 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 03:51 . 2014-03-15 11:54 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 03:38 . 2014-03-15 11:54 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 03:38 . 2014-03-15 11:54 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 03:37 . 2014-03-15 11:54 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 03:31 . 2014-03-15 11:54 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 03:14 . 2014-03-15 11:54 4244480 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:00 . 2014-03-15 11:54 1964032 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 02:32 . 2014-03-15 11:54 1820160 ----a-w- c:\windows\system32\wininet.dll
2014-02-18 09:51 . 2014-02-18 09:51 49940480 ----a-w- c:\program files\GUT30D0.tmp
2014-02-07 01:07 . 2014-03-15 11:53 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-15 11:53 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-15 11:54 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-04-29 11:48 752960 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2014-03-19 18:23 116248 ----a-w- c:\program files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll" [2014-03-19 116248]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RfxSrvTray"="c:\program files\Tobit Radio.fx\Client\rfx-tray.exe" [2013-02-07 1838872]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2013-05-22 578560]
"GoogleChromeAutoLaunch_C125459A4FAAD383F7DA0EEF6D2C6FBD"="c:\users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe" [2014-04-24 841032]
"HP Deskjet 3520 series (NET)"="c:\program files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 1837672]
"KiesPDLR.exe"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2014-02-14 845120]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2014-02-11 2288928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-10-28 7862816]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"AVMWlanClient"="c:\program files\avmwlanstick\wlangui.exe" [2009-05-07 1904640]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-04-29 737360]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-12-19 295072]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2014-02-14 311616]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"MailCheck IE Broker"="c:\program files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe" [2013-10-16 1766464]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-09-27 559696]
"Search Protection"="c:\programdata\Search Protection\SearchProtection.exe" [2014-02-17 949512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MailCheck IE Update"="c:\programdata\1&1 Mail & Media GmbH\MailCheck IE\Update\nss75F3.tmp\WEB.DE_MailCheck_IE_Update_2.5.1.0.exe" [2014-05-01 3095928]
.
c:\users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Lenn\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
Tintenwarnungen überwachen - HP Deskjet 3520 series (Netzwerk).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN29R1G10005SY;CONNECTION=NW;MONITOR=1; [2009-7-14 44544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Photo Loader resident.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Photo Loader resident.lnk
backup=c:\windows\pss\Photo Loader resident.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Lenn^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Groove.lnk]
path=c:\users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk
backup=c:\windows\pss\Microsoft Office Groove.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2012-11-30 02:06 1263512 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rfxsrvtray]
2013-02-07 16:38 1838872 ----a-w- c:\program files\Tobit Radio.fx\Client\rfx-tray.exe
.
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 vosr;Service Component of VO;c:\users\Lenn\AppData\Roaming\VOPackage\VOsrv.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2007-12-19 4352]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-01-23 88576]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2013-05-22 37344]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-03-10 25112]
R3 netr28u;RT2870-USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-23 184192]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-10-01 37352]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-04-29 430160]
S2 CDMA Device Service;CDMA Device Service;c:\program files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [2011-08-02 63488]
S2 MBAMScheduler;MBAMScheduler;c:\program files\ Malwarebytes Anti-Malware \mbamscheduler.exe [2014-04-03 1809720]
S2 MBAMService;MBAMService;c:\program files\ Malwarebytes Anti-Malware \mbamservice.exe [2014-04-03 857912]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 Radio.fx;Radio.fx Server;c:\program files\Tobit Radio.fx\Server\rfx-server.exe [2013-06-03 3999512]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [2013-09-09 1740600]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [2007-12-19 265088]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-04-03 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-05-01 107736]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-04-03 51416]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [2013-08-21 12320]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBACCESSCONTROL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-02 17:40]
.
2014-05-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-03 19:52]
.
2014-05-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-03 19:52]
.
2014-04-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972869702-3957550254-3659153023-1000Core.job
- c:\users\Lenn\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-03 10:29]
.
2014-05-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972869702-3957550254-3659153023-1000UA.job
- c:\users\Lenn\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-03 10:29]
.
2014-05-01 c:\windows\Tasks\ReclaimerUpdateFiles_Lenn.job
- c:\users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-19 13:18]
.
2014-04-29 c:\windows\Tasks\ReclaimerUpdateXML_Lenn.job
- c:\users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-19 13:18]
.
2014-05-01 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Lenn.job
- c:\users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-19 13:18]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
IE: Free YouTube Download - c:\program files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to Mp3 Converter - c:\program files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.178.1
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - c:\program files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
AddRemove-Free Video Converter - c:\program files\Free Video Converter\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-01 18:16:45
ComboFix-quarantined-files.txt 2014-05-01 16:16
.
Vor Suchlauf: 18 Verzeichnis(se), 347.969.970.176 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 347.829.678.080 Bytes frei
.
- - End Of File - - 3641E30B4A577B364DFAACD13AAECE54
A36C5E4F47E84449FF07ED3517B43A31

sorry 'codetex'ist mir nicht geläufig....


Alt 01.05.2014, 18:25   #6
M-K-D-B
/// TB-Ausbilder
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Zitat:
Zitat von Alen2525 Beitrag anzeigen
sorry 'codetex'ist mir nicht geläufig....
Bitte lesen


Wie wärs, wenn du die Tools auf den Desktop verschiebst, bevor du sie startest?
Meinst du, du bekommst das hin?





Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/
  • Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen können.
  • Starte die zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und sollte nicht 1:1 auf andere Computer übernommen werden.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    FFdefaults;
CHRdefaults;
iedefaults;
emptyclsid;
autoclean;
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)





Schritt 4
Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu einen Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden zwei Logdateien erzeugt. Poste mir diese.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von Zoek,
  • die beiden neuen Logdateien von FRST.
Alt 01.05.2014, 21:02   #7
Alen2525
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.205 - Bericht erstellt am 01/05/2014 um 20:49:08
# Aktualisiert 28/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzername : Lenn - LENN-PC
# Gestartet von : C:\Users\Lenn\Downloads\adwcleaner (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\MediaPlayerplus
Ordner Gelöscht : C:\Program Files\Toolbar Cleaner
Ordner Gelöscht : C:\Program Files\Uninstaller
Ordner Gelöscht : C:\Program Files\Common Files\Tobit
Ordner Gelöscht : C:\Users\Lenn\AppData\LocalLow\adawaretb
Ordner Gelöscht : C:\Users\Lenn\AppData\Roaming\SecureSearch
Ordner Gelöscht : C:\Users\Lenn\AppData\Roaming\Tobit
Datei Gelöscht : C:\Users\Lenn\Desktop\Continue VuuPC Installation.lnk
Datei Gelöscht : C:\Users\Lenn\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MediaPlayerplus
Schlüssel Gelöscht : HKLM\Software\adawaretb
Schlüssel Gelöscht : HKLM\Software\MediaPlayerplus
Schlüssel Gelöscht : HKLM\Software\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaPlayerplus
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Google Chrome v

[ Datei : C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.owntherunway.com/itemlist.html?searchquery={searchTerms}
Gelöscht [Search Provider] : hxxp://search.snapdo.com/?q={searchTerms}&category=Web&publisher=oldb&country=us&feedid=infospace&st=nt&dpid=quick&lan=de&start=1
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=QuickOC&dpid=QuickOC&co=DE&userid=ac26b0a4-fe76-4261-9ab7-09167762c481&searchtype=ds&q={searchTerms}&installDate=
Gelöscht [Search Provider] : hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=lnkry&s=web&as=0&ac=0
Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
Gelöscht [Search Provider] : hxxp://www.bild.de/kddb/cms/websearch.do?query={searchTerms}
Gelöscht [Search Provider] : hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
Gelöscht [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6C18001A4F9DCDD4&affID=121565&tsp=5024
Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1396460310&from=tugs&uid=HitachiXHDS721050CLA362_JPB511HN1TXJ1B1TXJ1BX&q={searchTerms}

*************************

AdwCleaner[R0].txt - [38044 octets] - [08/04/2014 19:09:22]
AdwCleaner[R1].txt - [899 octets] - [14/04/2014 19:43:31]
AdwCleaner[R2].txt - [3938 octets] - [01/05/2014 20:48:07]
AdwCleaner[S0].txt - [32894 octets] - [08/04/2014 19:10:52]
AdwCleaner[S1].txt - [959 octets] - [14/04/2014 19:44:29]
AdwCleaner[S2].txt - [5013 octets] - [01/05/2014 20:49:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [5073 octets] ##########
--- --- ---


Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 01.05.2014 11:32:17, SYSTEM, LENN-PC, Protection, Malware Protection, Starting,
Protection, 01.05.2014 11:32:17, SYSTEM, LENN-PC, Protection, Malware Protection, Started,
Protection, 01.05.2014 11:32:17, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Update, 01.05.2014 11:32:43, SYSTEM, LENN-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 01.05.2014 11:32:54, SYSTEM, LENN-PC, Manual, Malware Database, 2014.3.4.9, 2014.5.1.6,
Update, 01.05.2014 11:33:01, SYSTEM, LENN-PC, Manual, program, 2.0.0.1000, 2.0.1.1004,
Protection, 01.05.2014 11:33:11, SYSTEM, LENN-PC, Protection, Refresh, Starting,
Protection, 01.05.2014 11:33:22, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Protection, 01.05.2014 11:33:22, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 11:33:23, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 11:33:27, SYSTEM, LENN-PC, Protection, Refresh, Success,
Protection, 01.05.2014 11:33:27, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 11:33:27, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Update, 01.05.2014 11:33:55, SYSTEM, LENN-PC, Manual, program, 2.0.0.1000, 2.0.1.1004,
Protection, 01.05.2014 11:36:54, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 11:36:54, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 11:36:54, SYSTEM, LENN-PC, Protection, Malware Protection, Stopping,
Protection, 01.05.2014 11:36:55, SYSTEM, LENN-PC, Protection, Malware Protection, Stopped,
Protection, 01.05.2014 11:37:12, SYSTEM, LENN-PC, Protection, Malware Protection, Starting,
Protection, 01.05.2014 11:37:12, SYSTEM, LENN-PC, Protection, Malware Protection, Started,
Protection, 01.05.2014 11:37:12, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 11:37:13, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Update, 01.05.2014 11:44:51, SYSTEM, LENN-PC, Scheduler, program, 2.0.0.1000, 2.0.1.1004,
Update, 01.05.2014 11:44:51, SYSTEM, LENN-PC, Scheduler, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 01.05.2014 11:44:55, SYSTEM, LENN-PC, Scheduler, Malware Database, 2014.3.4.9, 2014.5.1.6,
Protection, 01.05.2014 11:44:57, SYSTEM, LENN-PC, Protection, Refresh, Starting,
Protection, 01.05.2014 11:44:57, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 11:44:57, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 11:45:01, SYSTEM, LENN-PC, Protection, Refresh, Success,
Protection, 01.05.2014 11:45:01, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 11:45:02, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Protection, 01.05.2014 11:48:19, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 11:48:19, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 11:48:19, SYSTEM, LENN-PC, Protection, Malware Protection, Stopping,
Protection, 01.05.2014 11:48:20, SYSTEM, LENN-PC, Protection, Malware Protection, Stopped,
Protection, 01.05.2014 11:48:34, SYSTEM, LENN-PC, Protection, Malware Protection, Starting,
Protection, 01.05.2014 11:48:34, SYSTEM, LENN-PC, Protection, Malware Protection, Started,
Protection, 01.05.2014 11:48:34, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 11:48:35, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Update, 01.05.2014 11:48:37, SYSTEM, LENN-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 01.05.2014 11:49:17, SYSTEM, LENN-PC, Manual, Malware Database, 2014.3.4.9, 2014.5.1.6,
Protection, 01.05.2014 11:49:18, SYSTEM, LENN-PC, Protection, Refresh, Starting,
Protection, 01.05.2014 11:49:18, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 11:49:18, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 11:49:23, SYSTEM, LENN-PC, Protection, Refresh, Success,
Protection, 01.05.2014 11:49:23, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 11:49:23, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Protection, 01.05.2014 11:55:26, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 11:55:26, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 11:55:26, SYSTEM, LENN-PC, Protection, Malware Protection, Stopping,
Protection, 01.05.2014 11:55:27, SYSTEM, LENN-PC, Protection, Malware Protection, Stopped,
Protection, 01.05.2014 11:55:42, SYSTEM, LENN-PC, Protection, Malware Protection, Starting,
Protection, 01.05.2014 11:55:42, SYSTEM, LENN-PC, Protection, Malware Protection, Started,
Protection, 01.05.2014 11:55:42, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 11:55:43, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Update, 01.05.2014 11:55:43, SYSTEM, LENN-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 01.05.2014 11:55:49, SYSTEM, LENN-PC, Manual, Malware Database, 2014.3.4.9, 2014.5.1.6,
Protection, 01.05.2014 11:55:50, SYSTEM, LENN-PC, Protection, Refresh, Starting,
Protection, 01.05.2014 11:55:50, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 11:55:50, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 11:55:55, SYSTEM, LENN-PC, Protection, Refresh, Success,
Protection, 01.05.2014 11:55:55, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 11:55:55, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Detection, 01.05.2014 13:36:40, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.HQVid.A, C:\Program Files\HQVid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-3.exe, Quarantine, [fc3efc5046358ea8bda1e2904bb6857b]
Detection, 01.05.2014 13:37:40, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.HQVid.A, C:\Program Files\HQVid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-4.exe, Quarantine, [23178ac243382f07065894de679adc24]
Detection, 01.05.2014 13:38:40, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.MediaPlayerplus.A, C:\Program Files\MediaPlayerplus\392ffcae-1e06-4ff7-a595-a4182423a160-4.exe, Quarantine, [9b9fef5d95e6cf67201bfa6e30d159a7]
Detection, 01.05.2014 13:43:56, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.HQVid.A, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-3.exe, Quarantine, [fc3efc5046358ea8bda1e2904bb6857b]
Protection, 01.05.2014 13:43:56, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-3.exe,
Error, 01.05.2014 13:43:56, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-3.exe,
Detection, 01.05.2014 13:44:36, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.HQVid.A, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-4.exe, Quarantine, [23178ac243382f07065894de679adc24]
Protection, 01.05.2014 13:44:36, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-4.exe,
Error, 01.05.2014 13:44:36, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-4.exe,
Detection, 01.05.2014 13:45:17, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.MediaPlayerplus.A, c:\program files\mediaplayerplus\392ffcae-1e06-4ff7-a595-a4182423a160-4.exe, Quarantine, [9b9fef5d95e6cf67201bfa6e30d159a7]
Protection, 01.05.2014 13:45:17, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\mediaplayerplus\392ffcae-1e06-4ff7-a595-a4182423a160-4.exe,
Error, 01.05.2014 13:45:17, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\mediaplayerplus\392ffcae-1e06-4ff7-a595-a4182423a160-4.exe,
Detection, 01.05.2014 13:53:55, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.HQVid.A, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-3.exe, Quarantine, [fc3efc5046358ea8bda1e2904bb6857b]
Protection, 01.05.2014 13:53:55, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-3.exe,
Error, 01.05.2014 13:53:55, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-3.exe,
Detection, 01.05.2014 13:54:35, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.HQVid.A, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-4.exe, Quarantine, [23178ac243382f07065894de679adc24]
Protection, 01.05.2014 13:54:35, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-4.exe,
Error, 01.05.2014 13:54:35, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-4.exe,
Detection, 01.05.2014 13:55:15, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.MediaPlayerplus.A, c:\program files\mediaplayerplus\392ffcae-1e06-4ff7-a595-a4182423a160-4.exe, Quarantine, [9b9fef5d95e6cf67201bfa6e30d159a7]
Protection, 01.05.2014 13:55:15, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\mediaplayerplus\392ffcae-1e06-4ff7-a595-a4182423a160-4.exe,
Error, 01.05.2014 13:55:15, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\mediaplayerplus\392ffcae-1e06-4ff7-a595-a4182423a160-4.exe,
Detection, 01.05.2014 14:03:56, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.HQVid.A, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-4.exe, Quarantine, [23178ac243382f07065894de679adc24]
Protection, 01.05.2014 14:03:56, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-4.exe,
Error, 01.05.2014 14:03:56, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-4.exe,
Update, 01.05.2014 14:04:03, SYSTEM, LENN-PC, Scheduler, Malware Database, 2014.5.1.6, 2014.5.1.7,
Protection, 01.05.2014 14:04:04, SYSTEM, LENN-PC, Protection, Refresh, Starting,
Protection, 01.05.2014 14:04:04, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 14:04:05, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 14:04:09, SYSTEM, LENN-PC, Protection, Refresh, Success,
Protection, 01.05.2014 14:04:36, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Detection, 01.05.2014 14:04:36, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.HQVid.A, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-3.exe, Quarantine, [fc3efc5046358ea8bda1e2904bb6857b]
Protection, 01.05.2014 14:04:36, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-3.exe,
Error, 01.05.2014 14:04:36, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\program files\hqvid8.1b\97fc677a-1181-48c0-a419-9dbd03a94900-3.exe,
Protection, 01.05.2014 14:04:37, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Update, 01.05.2014 16:54:50, SYSTEM, LENN-PC, Scheduler, Malware Database, 2014.5.1.7, 2014.5.1.8,
Protection, 01.05.2014 16:54:51, SYSTEM, LENN-PC, Protection, Refresh, Starting,
Protection, 01.05.2014 16:54:51, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 16:54:52, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 16:55:09, SYSTEM, LENN-PC, Protection, Refresh, Success,
Protection, 01.05.2014 16:55:10, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 16:55:11, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Update, 01.05.2014 17:40:34, SYSTEM, LENN-PC, Scheduler, Malware Database, 2014.5.1.8, 2014.5.1.9,
Protection, 01.05.2014 17:40:36, SYSTEM, LENN-PC, Protection, Refresh, Starting,
Protection, 01.05.2014 17:40:36, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 17:40:36, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 17:40:50, SYSTEM, LENN-PC, Protection, Refresh, Success,
Protection, 01.05.2014 17:40:50, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 17:40:52, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Update, 01.05.2014 18:53:08, SYSTEM, LENN-PC, Scheduler, Malware Database, 2014.5.1.9, 2014.5.1.11,
Protection, 01.05.2014 18:53:10, SYSTEM, LENN-PC, Protection, Refresh, Starting,
Protection, 01.05.2014 18:53:10, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 18:53:10, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 18:53:39, SYSTEM, LENN-PC, Protection, Refresh, Success,
Protection, 01.05.2014 18:53:39, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 18:53:40, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Detection, 01.05.2014 19:18:25, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.HQVid.A, C:\Program Files\HQVid8.1b\HQVid8.1b-bho.dll, Quarantine, [6cd373d912690630b6c1c4ae2fd2847c]
Detection, 01.05.2014 19:19:06, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.HQVid.A, C:\Program Files\HQVid8.1b\Uninstall.exe, Quarantine, [ee511b31b5c65bdbbcd6195a36cc4db3]
Detection, 01.05.2014 19:19:47, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.CrossRider.A, C:\Program Files\HQVid8.1b\utils.exe, Quarantine, [0c334b0156255bdba86e320e8c74fe02]
Detection, 01.05.2014 19:22:06, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.MediaPlayerplus.A, C:\Program Files\MediaPlayerplus\MediaPlayerplus-bho.dll, Quarantine, [7cc34a02b7c47db9361c3434f1107090]
Detection, 01.05.2014 19:22:47, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.crossRider.A, C:\Program Files\MediaPlayerplus\utils.exe, Quarantine, [e45b8fbd552638fe5792f34cb24e44bc]
Detection, 01.05.2014 19:29:34, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.Babylon.A, C:\Users\Lenn\Downloads\Babylon9_setup.exe, Quarantine, [cf70064690ebe551615c011d817fac54]
Detection, 01.05.2014 20:10:23, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.SearchProtection.A, C:\ProgramData\Search Protection\SearchProtection.exe, Quarantine, [59e63715d5a6b581bb77e4a7c04234cc]
Detection, 01.05.2014 20:11:11, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.SearchProtection.A, c:\programdata\search protection\searchprotection.exe, Quarantine, [59e63715d5a6b581bb77e4a7c04234cc]
Protection, 01.05.2014 20:11:11, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\programdata\search protection\searchprotection.exe,
Error, 01.05.2014 20:11:11, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\programdata\search protection\searchprotection.exe,
Detection, 01.05.2014 20:12:36, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.SearchProtection.A, c:\programdata\search protection\searchprotection.exe, Quarantine, [59e63715d5a6b581bb77e4a7c04234cc]
Protection, 01.05.2014 20:12:36, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\programdata\search protection\searchprotection.exe,
Error, 01.05.2014 20:12:36, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\programdata\search protection\searchprotection.exe,
Detection, 01.05.2014 20:14:34, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.SearchProtection.A, c:\programdata\search protection\searchprotection.exe, Quarantine, [59e63715d5a6b581bb77e4a7c04234cc]
Protection, 01.05.2014 20:14:34, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\programdata\search protection\searchprotection.exe,
Error, 01.05.2014 20:14:34, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\programdata\search protection\searchprotection.exe,
Detection, 01.05.2014 20:24:35, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.SearchProtection.A, c:\programdata\search protection\searchprotection.exe, Quarantine, [59e63715d5a6b581bb77e4a7c04234cc]
Protection, 01.05.2014 20:24:35, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\programdata\search protection\searchprotection.exe,
Error, 01.05.2014 20:24:35, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\programdata\search protection\searchprotection.exe,
Detection, 01.05.2014 20:34:35, SYSTEM, LENN-PC, Protection, Malware Protection, File, PUP.Optional.SearchProtection.A, c:\programdata\search protection\searchprotection.exe, Quarantine, [59e63715d5a6b581bb77e4a7c04234cc]
Protection, 01.05.2014 20:34:35, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\programdata\search protection\searchprotection.exe,
Error, 01.05.2014 20:34:35, SYSTEM, LENN-PC, Protection, SDKQuarantine, 1, Failed, c:\programdata\search protection\searchprotection.exe,
Protection, 01.05.2014 20:51:23, SYSTEM, LENN-PC, Protection, Malware Protection, Starting,
Protection, 01.05.2014 20:51:23, SYSTEM, LENN-PC, Protection, Malware Protection, Started,
Protection, 01.05.2014 20:51:23, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 20:54:19, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Protection, 01.05.2014 21:01:46, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 21:01:47, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 21:01:47, SYSTEM, LENN-PC, Protection, Malware Protection, Stopping,
Protection, 01.05.2014 21:01:59, SYSTEM, LENN-PC, Protection, Malware Protection, Stopped,
Protection, 01.05.2014 21:02:24, SYSTEM, LENN-PC, Protection, Malware Protection, Starting,
Protection, 01.05.2014 21:02:24, SYSTEM, LENN-PC, Protection, Malware Protection, Started,
Protection, 01.05.2014 21:02:24, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 21:02:25, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Update, 01.05.2014 21:02:26, SYSTEM, LENN-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 01.05.2014 21:02:31, SYSTEM, LENN-PC, Manual, Malware Database, 2014.3.4.9, 2014.5.1.12,
Protection, 01.05.2014 21:02:32, SYSTEM, LENN-PC, Protection, Refresh, Starting,
Protection, 01.05.2014 21:02:32, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 01.05.2014 21:02:32, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 01.05.2014 21:02:36, SYSTEM, LENN-PC, Protection, Refresh, Success,
Protection, 01.05.2014 21:02:37, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 21:02:38, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,
Protection, 01.05.2014 21:49:27, SYSTEM, LENN-PC, Protection, Malware Protection, Starting,
Protection, 01.05.2014 21:49:27, SYSTEM, LENN-PC, Protection, Malware Protection, Started,
Protection, 01.05.2014 21:49:27, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Starting,
Protection, 01.05.2014 21:51:57, SYSTEM, LENN-PC, Protection, Malicious Website Protection, Started,

(end)

Alt 02.05.2014, 14:01   #8
M-K-D-B
/// TB-Ausbilder
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Servus,




was noch fehlt:
  • Fragen beantworten
  • richtige Logdatei von MBAM (> Suchlauf)
  • Logdatei von Zoek
Alt 02.05.2014, 18:21   #9
Alen2525
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 01.05.2014
Suchlauf-Zeit: 21:46:03
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.01.12
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Lenn

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 281629
Verstrichene Zeit: 41 Min, 9 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 4
PUP.Optional.HQVid.A, HKLM\SOFTWARE\HQVid8.1b, In Quarantäne, [db25a759dc240df357e4195dcf332cd4],
PUP.Optional.HQVid.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQVid8.1b, Löschen bei Neustart, [20e09967f80846ba1d1c1f5719e9e020],
PUP.Optional.MediaPlayerplus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerplus, Löschen bei Neustart, [67992ad6cd33e51b809a324b778b11ef],
PUP.Optional.HQVid.A, HKU\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQVid8.1b, Löschen bei Neustart, [58a869970df3bb45bb7eff77c33f35cb],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 1
PUP.Optional.HQVid.A, C:\Program Files\HQVid8.1b, In Quarantäne, [926e8d73b05035cb7f1b343f0df5c040],

Dateien: 13
PUP.Adware.Agent, C:\Users\Lenn\Downloads\Kevin.Allein.zu.Haus.German.1990.DVDRiP.XViD.iNTERNAL-TEHAiX.avi.exe, In Quarantäne, [3ac6bb45718f728ec0408531718fe41c],
PUP.Optional.Somoto, C:\Users\Lenn\Downloads\etypesetup (1).exe, In Quarantäne, [699758a833cd05fb717068f1d92bb54b],
PUP.Optional.Somoto, C:\Users\Lenn\Downloads\etypesetup.exe, In Quarantäne, [5fa18977c53b54aca33e5603eb1903fd],
PUP.Adware.Agent, C:\Users\Lenn\Downloads\Madagascar3.exe, In Quarantäne, [7d83a15fc33d78887c84e7cf8779ff01],
PUP.Adware.Agent, C:\Users\Lenn\Downloads\Madagascar_3-_Flucht_Durch_Europa.exe, In Quarantäne, [02febf413dc3ed137e82f0c6ce32926e],
PUP.Optional.OpenCandy, C:\Users\Lenn\Downloads\MyPhoneExplorer_Setup_1.8.2.exe, In Quarantäne, [ed13639d53ad03fd9e0beb6f0ff55ca4],
PUP.Optional.DomalQ, C:\Users\Lenn\Downloads\Setup.exe, In Quarantäne, [946ccd33f907b64acf01c14f0bf923dd],
PUP.Optional.Koyote.A, C:\Users\Lenn\Downloads\FreeVideoConverterSetup-r135-n-bc.exe, In Quarantäne, [a95708f8f709c33dba457bc1a859f30d],
PUP.Optional.SmartBar.A, C:\Windows\Installer\4993c.msi, In Quarantäne, [e41c2ad627d9996773640e1907f9b44c],
PUP.Optional.HQVid.A, C:\Program Files\HQVid8.1b\53172.crx, In Quarantäne, [926e8d73b05035cb7f1b343f0df5c040],
PUP.Optional.HQVid.A, C:\Program Files\HQVid8.1b\53172.xpi, In Quarantäne, [926e8d73b05035cb7f1b343f0df5c040],
PUP.Optional.HQVid.A, C:\Program Files\HQVid8.1b\background.html, In Quarantäne, [926e8d73b05035cb7f1b343f0df5c040],
PUP.Optional.HQVid.A, C:\Program Files\HQVid8.1b\HQVid8.1b.ico, In Quarantäne, [926e8d73b05035cb7f1b343f0df5c040],

Physische Sektoren: 0
(No malicious items detected)


(end)

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Lenn on 02.05.2014 at 18:49:11,25.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lenn\Downloads\zoek (1).exe [Scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

02.05.2014 18:51:11 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\InstallJammer Registry deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Philips deleted successfully
C:\PROGRA~2\ProductData deleted successfully
C:\PROGRA~2\WinZip deleted successfully
C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\Lenn\AppData\Roaming\kock deleted successfully
C:\Users\Lenn\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Lenn\AppData\Roaming\Nokia Ovi Suite deleted successfully
C:\Users\Lenn\AppData\Roaming\Reviversoft deleted successfully
C:\Users\Lenn\AppData\Roaming\xmldm deleted successfully
C:\Users\Lenn\AppData\Local\BlueStacksSetup deleted successfully
C:\Users\Lenn\AppData\Local\Lexware deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2E0E1FD5-B8E3-4D03-B223-0AC28770E591} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{2E0E1FD5-B8E3-4D03-B223-0AC28770E591} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{E16DC1FE-7C34-43F2-B754-F3AD12DDF97C} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{E16DC1FE-7C34-43F2-B754-F3AD12DDF97C} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{20C28584-8F10-4D92-987C-0A1008E2435A} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{20C28584-8F10-4D92-987C-0A1008E2435A} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{522AAEF4-58F1-4198-B04B-866ACC37284A} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{522AAEF4-58F1-4198-B04B-866ACC37284A} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511421146} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511421146} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511311172} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511311172} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\Users\Lenn\Desktop\Desktopfverknüpfungen\Favorites\Kostenlose Software-Downloads, Freeware & Spiele - Softonic.url not found
"C:\Windows\Installer\9bd50.msi" not found
C:\Program Files\GUT30D0.tmp deleted
C:\Program Files\GUM30CF.tmp deleted
C:\Program Files\Common Files\DVDVideoSoft\bin deleted
C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar deleted
C:\Program Files\MyFree Codec deleted
C:\Users\Lenn\AppData\Roaming\AutoGK.ini deleted
C:\Users\Lenn\AppData\Roaming\blckdom.res deleted
C:\PROGRA~2\Search Protection deleted
C:\Users\Lenn\AppData\Local\CRE deleted
C:\Users\Lenn\AppData\Local\avgchrome deleted
C:\Users\Lenn\AppData\Local\adawarebp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Users\Lenn\Downloads\FreeYouTubeToMP3Converter (1).exe deleted
C:\Users\Lenn\Downloads\FreeYouTubeToMP3Converter (2).exe deleted
C:\Users\Lenn\Downloads\FreeYouTubeToMP3Converter (3).exe deleted
C:\Users\Lenn\Downloads\FreeYouTubeToMP3Converter (4).exe deleted
C:\Users\Lenn\Downloads\FreeYouTubeToMP3Converter.exe deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\user.js deleted
C:\prefs.js deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
"C:\Users\Lenn\AppData\Local\{08F60A8A-F592-45D2-BF7A-7B3C6DB935FB}" deleted
"C:\Users\Lenn\AppData\Local\{1662E562-FE69-4416-8D6A-4C6BD09123B2}" deleted
"C:\Users\Lenn\AppData\Local\{8F71DC2D-BE26-46E3-9039-1C68F395DC31}" deleted
"C:\Users\Lenn\AppData\Roaming\Temp" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-05-01 16:00:03 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2014-05-01 16:00:03 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2014-05-01 16:00:03 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2014-05-01 16:00:03 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2014-05-01 16:00:03 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
====== C:\Users\Lenn\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2014-05-01 18:48:30 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\System32\sqlite3.dll
2014-04-28 17:34:50 7753FC56F9CAC4B5AFDA3196DB654F21 144664 ----a-w- C:\Windows\System32\secman.dll
====== C:\Windows\system32\drivers =====
2014-05-01 09:32:16 661B911FA04E73FB073FF9B1C9BD2E05 107736 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-01 09:31:53 2BB23932978D623D3D395AEAB1825BF1 73432 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-01 09:31:53 18898A87CBA96DEA2074C19E140938A8 51416 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-04-28 17:30:33 585FDB94DB04AC1C56298D1FD1F1389E 184192 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2014-04-28 17:30:33 560B0DCE52DFED6623B27C9BAFA6F236 88576 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2014-04-09 13:34:35 F1A449D762657230629D8BFC107ABC14 149440 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-04-09 13:34:35 EB34CE31FABD4DC4343FD2AD16D2CAF9 234432 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-04-09 13:34:35 5FB4F271032B6435F3B2252F577A4815 27072 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-04-09 13:34:30 C8DFF8D07755A66C7A4A738930F0FEAC 1212352 ----a-w- C:\Windows\System32\drivers\ntfs.sys
====== C:\Windows\Tasks ======
2014-04-29 16:48:29 E203DF9723AA50513E18B5E331E0B457 3154 ----a-w- C:\Windows\system32\Tasks\{1ED38574-7B40-4523-B10F-69DB66A733F3}
2014-04-29 11:49:14 0AB492F850ABC923B6A4BAB34529DCB0 3080 ----a-w- C:\Windows\system32\Tasks\ASC7_PerformanceMonitor
2014-04-29 11:49:01 14415D0CB35ED016A5F6B10E3BDCF61D 2872 ----a-w- C:\Windows\system32\Tasks\Uninstaller_SkipUac_Administrator
2014-04-29 11:48:38 720A790DDB79E27C349273CFED88CDC7 2836 ----a-w- C:\Windows\system32\Tasks\ASC7_SkipUac_Lenn
2014-04-19 16:20:28 A88440BA214BF6FF544E6727119B4101 3606 ----a-w- C:\Windows\system32\Tasks\RNUpgradeHelperResumePrompt_Lenn
2014-04-19 16:20:25 9C250F7E8CCC7BEB77566887C356391F 2952 ----a-w- C:\Windows\system32\Tasks\ReclaimerUpdateFiles_Lenn
2014-04-19 16:20:24 76AD408FD2F4C62285D96380189C7149 366 ----a-w- C:\Windows\Tasks\ReclaimerUpdateFiles_Lenn.job
2014-04-19 16:20:23 F471C3BAFBFD3DFC16A2DBD149EF7A18 362 ----a-w- C:\Windows\Tasks\ReclaimerUpdateXML_Lenn.job
2014-04-19 16:20:23 86D6276DB8A7D5CAFDF1C169B21EEDA5 2948 ----a-w- C:\Windows\system32\Tasks\ReclaimerUpdateXML_Lenn
2014-04-14 17:47:32 ED933849EAF8ACBD6A2C0CB59C30D7A6 3346 ----a-w- C:\Windows\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3972869702-3957550254-3659153023-1000
2014-04-05 17:59:25 ED706BB221339560AA91FB865364DB7E 3116 ----a-w- C:\Windows\system32\Tasks\{8F73B9F2-7B19-4705-9112-DF05612123D8}
2014-04-02 17:40:22 743668099D74E636D6BD12EE10146134 3822 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater
2014-04-02 17:40:21 F91818BB80824DED9254DAAB22C6DA28 884 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-01 18:53:31 -------- d-----w- C:\Program Files\WEB.DE MailCheck
2014-04-29 16:51:23 -------- d-----w- C:\Program Files\Lavasoft
2014-04-29 11:48:30 -------- d-----w- C:\Program Files\IObit
======= C: =====
2014-05-01 16:27:47 9343A0D7470D4577B3255AE5F0B36EEF 44739 ----a-w- C:\scan vom 01.05.14.txt
====== C:\Users\Lenn\AppData\Roaming ======
2014-05-01 16:16:48 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp
2014-05-01 16:16:48 -------- d-----w- C:\Users\Public\AppData\Local\temp
2014-05-01 16:16:48 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-05-01 16:16:48 -------- d-----w- C:\Users\Default User\AppData\Local\temp
2014-04-29 16:54:54 -------- d-----w- C:\Users\Lenn\AppData\Roaming\LavasoftStatistics
2014-04-29 16:48:53 -------- d-----w- C:\Users\Lenn\AppData\Roaming\Lavasoft
2014-04-29 14:56:22 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\IObit
2014-04-29 11:49:00 -------- d-----w- C:\Users\Lenn\AppData\Locallow\IObit
2014-04-29 11:47:40 -------- d-----w- C:\Users\Lenn\AppData\Roaming\IObit
2014-04-03 19:52:31 55FBB20133E651DA44BA425657B03A57 110080 ----a-w- C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
====== C:\Users\Lenn ======
2014-05-01 18:59:16 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-05-01 18:53:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck
2014-05-01 18:47:53 A8DDCC18FC3706A5752713E9CC05A0BD 1310621 ----a-w- C:\Users\Lenn\Downloads\adwcleaner (1).exe
2014-05-01 16:16:48 -------- d-----w- C:\Users\Public\AppData
2014-05-01 14:27:01 -------- d-----w- C:\ProgramData\UUdb
2014-05-01 12:54:28 E4618FBD76BE214F7F9258B2654E3A1C 1050624 ----a-w- C:\Users\Lenn\Downloads\FRST (1).exe
2014-05-01 09:53:11 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-01 09:46:04 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-01 09:35:01 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000 (1).exe
2014-05-01 09:30:02 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000.exe
2014-05-01 09:19:22 E4618FBD76BE214F7F9258B2654E3A1C 1050624 ----a-w- C:\Users\Lenn\Downloads\FRST.exe
2014-04-29 16:51:57 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2014-04-29 16:47:01 -------- d-----w- C:\ProgramData\Lavasoft
2014-04-29 16:46:53 6420175B127BFEAEC0019BB56DD41AA8 1727624 ----a-w- C:\Users\Lenn\Downloads\Adaware_Installer_11.1.5354.exe
2014-04-29 11:48:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2014-04-29 11:48:38 -------- d-----w- C:\ProgramData\IObit
2014-04-29 11:48:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-04-29 11:47:02 08AFCE040C919AA2548E6487B01528DF 41807824 ----a-w- C:\Users\Lenn\Downloads\advanced-72systemcare-setup.exe
2014-04-02 17:35:50 5AC8EC6172C46FF4D67A3E9E36BA9C9D 444 --sha-r- C:\ProgramData\ntuser.pol

====== C: exe-files ==
2014-05-01 18:59:16 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-05-01 18:53:35 7D1B3E8BE52B4E17778EFFDCAC712259 241962 ----a-w- C:\Program Files\WEB.DE MailCheck\IE\uninst.exe
2014-05-01 18:47:53 A8DDCC18FC3706A5752713E9CC05A0BD 1310621 ----a-w- C:\Users\Lenn\Downloads\adwcleaner (1).exe
2014-05-01 16:00:03 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2014-05-01 16:00:03 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2014-05-01 16:00:03 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2014-05-01 16:00:03 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2014-05-01 16:00:03 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
2014-05-01 14:26:55 6C5A8C5ABAEFEA42F65295F817FB58C9 104210 ----a-w- C:\ProgramData\1und1DesktopIconsInstaller\uninst.exe
2014-05-01 12:54:28 E4618FBD76BE214F7F9258B2654E3A1C 1050624 ----a-w- C:\Users\Lenn\Downloads\FRST (1).exe
2014-05-01 09:53:11 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-01 09:46:04 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-01 09:35:01 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000 (1).exe
2014-05-01 09:30:02 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000.exe
2014-05-01 09:19:22 E4618FBD76BE214F7F9258B2654E3A1C 1050624 ----a-w- C:\Users\Lenn\Downloads\FRST.exe
2014-05-01 09:12:20 79CACA103DA5AB8EBED082503615CD37 1119448 ----a-w- C:\Users\Lenn\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.131\34.0.1847.131_34.0.1847.116_chrome_updater.exe
2014-04-29 16:46:53 6420175B127BFEAEC0019BB56DD41AA8 1727624 ----a-w- C:\Users\Lenn\Downloads\Adaware_Installer_11.1.5354.exe
2014-04-29 11:48:59 A9E39A061CF55238D9BBD8113EDA929D 7560992 ----a-w- C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
2014-04-29 11:48:56 C098B4EA64D8C957486ACD736031435C 588608 ----a-w- C:\Program Files\IObit\IObit Uninstaller\Install_PintoStartMenu.exe
2014-04-29 11:48:56 5D4ACF36CF6B3E2453C2E39216BD173B 629568 ----a-w- C:\Program Files\IObit\IObit Uninstaller\UninstallDisplay.exe
2014-04-29 11:48:55 78148DC7BA8C46551929FF7E47FA4133 1114944 ----a-w- C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
2014-04-29 11:48:54 497AF28F6231FA74DE734C9628F30FAD 1362240 ----a-w- C:\Program Files\IObit\Surfing Protection\SPUpdate.exe
2014-04-29 11:48:54 11ED7276A769DA7CC3511FE361C784F4 1264960 ----a-w- C:\Program Files\IObit\Surfing Protection\PluginInstall.exe
2014-04-29 11:48:53 398AA8F18B72F46F40E9D42A6C714B0E 1185088 ----a-w- C:\Program Files\IObit\Surfing Protection\unins000.exe
2014-04-29 11:48:50 935E2093CEED8198C820B7F60BB63167 2151200 ----a-w- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
2014-04-29 11:48:50 1B39F4B8BA2EA0063C054ABD9C8C5F14 2129728 ----a-w- C:\Program Files\IObit\IObit Uninstaller\UninstallPromote.exe
2014-04-29 11:48:35 DAD88CD4525202FE432A3F2876B11480 27456 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\win7_amd64\RegistryDefragBootTime.exe
2014-04-29 11:48:35 D9D93EBAAC14D950AF51371DFD72DCFE 24384 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wnet_x86\RegistryDefragBootTime.exe
2014-04-29 11:48:35 AA91773A8B756B26735FE15A2E1ACE6F 27456 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wlh_amd64\RegistryDefragBootTime.exe
2014-04-29 11:48:35 6B236C4D124658754C47151794F0F988 24384 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wlh_x86\RegistryDefragBootTime.exe
2014-04-29 11:48:35 3FDF59C5038A156E9013571A56DC3BB1 24384 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\win7_x86\RegistryDefragBootTime.exe
2014-04-29 11:48:35 3A684080CEE903F54D7F42980668BD8E 26944 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wxp_amd64\RegistryDefragBootTime.exe
2014-04-29 11:48:35 158718C3AC8535E4EE02DAE77BD50054 26944 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wnet_amd64\RegistryDefragBootTime.exe
2014-04-29 11:48:35 003C55620F5FBA7D8339117DF0AC6D0F 24384 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wxp_x86\RegistryDefragBootTime.exe
2014-04-29 11:48:33 F8A99F3FCBA96E04C967D4037FAF01D2 5391000 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\SPSetup.exe
2014-04-29 11:48:33 F60C0473885A838C48F5A71C0FEEC901 542496 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe
2014-04-29 11:48:33 B7600792B16CA0D6811D4297BE8BDDA5 1852192 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Suo11_InternetBooster.exe
2014-04-29 11:48:33 B5AAD6E454E1F542335A020003F61837 586048 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Suc12_DiskCleaner.exe
2014-04-29 11:48:33 A9E39A061CF55238D9BBD8113EDA929D 7560992 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\IObitUninstaller.exe
2014-04-29 11:48:33 9100EA060BA3D3EEC330CE791E9BACA9 243488 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\TbAppCaller.exe
2014-04-29 11:48:33 743E8C8E1A56B6065DB83BD3EE2A7901 2229024 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Suc11_RegistryCleaner.exe
2014-04-29 11:48:33 5C74AD321FDD45D4562F6F67D9A75C84 1145120 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ProjectOnUninstall.exe
2014-04-29 11:48:33 427CCAB531F6FFB48487572293C2CFD0 959264 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Sur13_WinFix.exe
2014-04-29 11:48:33 248542B258B9D8D34472C5CB71748FA0 1896224 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Sua11_DiskExplorer.exe
2014-04-29 11:48:33 1157313BE0C81895F49B1D25CE77826A 687392 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ProgramDeactivator.exe
2014-04-29 11:48:33 0B5EFC97C708D2C70FC6806649CF21F1 698144 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Homepage.exe
2014-04-29 11:48:33 03B68DAFE092D9CC3A052A4058C715C6 943392 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Suo12_StartupManager.exe
2014-04-29 11:48:32 EB11CD296594C6FDE57C9407F239BFBC 781088 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
2014-04-29 11:48:32 DFBA16F3983B2FB5C9B479B577BCDE67 92960 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\PerformUpdate.exe
2014-04-29 11:48:32 D3029F71E7F453C833D28AA8CD08D14A 1873184 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\QuickSettings.exe
2014-04-29 11:48:32 D2F3674FB4BCB1244E6028755B90AC27 603424 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Report.exe
2014-04-29 11:48:32 A2D598483C3D21ABC0B41C56704BB6C7 578336 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\UpgradeTip.exe
2014-04-29 11:48:32 935E2093CEED8198C820B7F60BB63167 2151200 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\LiveUpdate.exe
2014-04-29 11:48:32 812B33FA3B554E53E426FFA1A2B2AD7B 236832 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ProTip.exe
2014-04-29 11:48:32 7B44D4796E929393EC9B330AD52DFF4F 562464 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\SendBugReportNew.exe
2014-04-29 11:48:32 62946010D97FA38835D47C0E14909DD4 259872 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Nfeatures.exe
2014-04-29 11:48:32 3EF183CD81F9792303812714D883FBF6 1264928 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\SPInit.exe
2014-04-29 11:48:32 3B74149C570AD751B377132D7C28411F 1084192 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\RescueCenter.exe
2014-04-29 11:48:32 32AE2F1A4CEB3588F50611FD27BFA7E8 441120 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\MonitorDisk.exe
2014-04-29 11:48:32 2EBBF65F25852F69C790BB7DEE59DAC3 2042176 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Register.exe
2014-04-29 11:48:32 212BE27E48344EFD78BF173C5CA27C4A 167712 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\AutoReactivator.exe
2014-04-29 11:48:32 1B39F4B8BA2EA0063C054ABD9C8C5F14 2129728 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\UninstallPromote.exe
2014-04-29 11:48:32 13D946D32A1E816341D7FA3D48F5B468 947488 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\SendBugReport.exe
2014-04-29 11:48:32 0C2F9B66D80EE02A51D0CB15E2F61864 1214240 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\RealTimeProtector.exe
2014-04-29 11:48:32 0570F2C064199108A5D5679A5D927D59 885024 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Wizard.exe
2014-04-29 11:48:31 FBC25AE0FF76FFFE0FCC7F4CEC5E6489 44320 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\DiskScan.exe
2014-04-29 11:48:31 F5ADB51BC6EBF55B052B581FBC23C1E1 1107744 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\CheckDevice.exe
2014-04-29 11:48:31 D317A623E1AE31C1AC5CC4D7D5AB4BC8 1126176 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\AutoSweep.exe
2014-04-29 11:48:31 CC67CE28BCD1CE1738E64ED8ADED6588 1846560 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\AutoCare.exe
2014-04-29 11:48:31 66ED963FBA998E887C88FE6FCA46E2B9 43808 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\DiskDefrag.exe
2014-04-29 11:48:31 62F631A0DD7AAD708AD61A821B421188 1324832 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\AutoUpdate.exe
2014-04-29 11:48:31 59581F33E5863AC831935F14BE68D904 4093800 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\game-assistant.exe
2014-04-29 11:48:31 49F4367F0885E9A77210EA9AC5835A16 468768 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\DelayLoad.exe
2014-04-29 11:48:31 1F98172C060A5328459A56CB7ECDA779 96032 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Display.exe
2014-04-29 11:48:31 1949B89CE646F06C1283266EDA514E29 547104 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCUpgrade.exe
2014-04-29 11:48:30 EDBBDEBE0FDF577A647216C452773A90 2288928 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
2014-04-29 11:48:30 D1EC64EA0C8151E41C3CD10140E6D143 4456224 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe
2014-04-29 11:48:30 CC6B26C922B4480FCBDFF565C9ABFB6F 36640 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCFixer.exe
2014-04-29 11:48:30 6C856C581ACE1785CE3FC2414E9859A3 881952 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
2014-04-29 11:48:30 6A30A6E6164C1AC03B4F00356DED9607 645408 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCDownload.exe
2014-04-29 11:48:30 4065C15F66B71817A33443189AA5464D 1749280 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ActionCenterDownloader.exe
2014-04-29 11:48:30 37E24A946C409B7A0F7BE1FBC02218ED 1198368 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\unins000.exe
2014-04-29 11:48:30 322A5A6E56DE315945EBC59ED0343E94 574240 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCInit.exe
2014-04-29 11:47:02 08AFCE040C919AA2548E6487B01528DF 41807824 ----a-w- C:\Users\Lenn\Downloads\advanced-72systemcare-setup.exe
2014-04-28 17:32:30 8F25CE4AA306887394A70FFEDB920263 41310112 ----a-w- C:\Users\Lenn\AppData\Roaming\Samsung\Kies3.0\TempFiles\Kies_3.2.14034_17.exe
=== C: other files ==
2014-05-01 09:32:16 661B911FA04E73FB073FF9B1C9BD2E05 107736 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-01 09:31:53 2BB23932978D623D3D395AEAB1825BF1 73432 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-01 09:31:53 18898A87CBA96DEA2074C19E140938A8 51416 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-04-29 11:48:55 032694B0FE8D2AE6EC544B989E1CBF75 341164 ----a-w- C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
2014-04-28 17:45:49 9E4F403107CEE96B3F7AC0A763A214F5 1139 ----a-w- C:\Users\Lenn\AppData\Roaming\Samsung\Kies3.0\TempFiles\GT-I9305\BnR\SPlanner\splanner.zip
2014-04-28 17:45:45 983E27B60DC058A787450D1A7D35979C 2618793 ----a-w- C:\Users\Lenn\AppData\Roaming\Samsung\Kies3.0\TempFiles\GT-I9305\BnR\SMemo\smemo.zip
2014-04-28 17:30:33 E0B86430E0B26C10B355B9E590FD25E0 184192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudserd.inf_x86_neutral_cdc93dd783760daf\i386\ssudserd.sys
2014-04-28 17:30:33 E0B86430E0B26C10B355B9E590FD25E0 184192 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudserd.sys
2014-04-28 17:30:33 C637F575380C360A55E678368407CCF4 46848 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudnd5.inf_x86_neutral_f9c94249ac7700c9\i386\ssudnd5.sys
2014-04-28 17:30:33 C637F575380C360A55E678368407CCF4 46848 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudnd5.sys
2014-04-28 17:30:33 A0A987A949968A3DC38C1430FB9A0D9C 61696 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudrmnet.inf_x86_neutral_d6d301a52627a9f2\i386\ssudrmnet.sys
2014-04-28 17:30:33 A0A987A949968A3DC38C1430FB9A0D9C 61696 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudrmnet.sys
2014-04-28 17:30:33 995E5E1F29E2035C11456646974B4FFD 23296 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ss_conn_usb_driver.inf_x86_neutral_62574e34f3250cd8\i386\ss_conn_usb_driver.sys
2014-04-28 17:30:33 995E5E1F29E2035C11456646974B4FFD 23296 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ss_conn_usb_driver.sys
2014-04-28 17:30:33 863DA00F0532FEBCCC4237FC32D1DEC5 34688 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudeadb.inf_x86_neutral_67f04345cdb1ebf1\i386\ssudeadb.sys
2014-04-28 17:30:33 863DA00F0532FEBCCC4237FC32D1DEC5 34688 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudeadb.sys
2014-04-28 17:30:33 81B15F32A0D3C85FA2E0FF52AD6C0D4D 184192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudobex.inf_x86_neutral_9f7452e0e242b483\i386\ssudobex.sys
2014-04-28 17:30:33 81B15F32A0D3C85FA2E0FF52AD6C0D4D 184192 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudobex.sys
2014-04-28 17:30:33 6E2AF5BBE451356A848C7455462A6D89 83200 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudrmnetmp.inf_x86_neutral_f2b7f7376f8efc77\i386\ssudrmnetmp.sys
2014-04-28 17:30:33 6E2AF5BBE451356A848C7455462A6D89 83200 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudrmnetmp.sys
2014-04-28 17:30:33 585FDB94DB04AC1C56298D1FD1F1389E 184192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudmdm.inf_x86_neutral_d75346347b4e138e\i386\ssudmdm.sys
2014-04-28 17:30:33 585FDB94DB04AC1C56298D1FD1F1389E 184192 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2014-04-28 17:30:33 585FDB94DB04AC1C56298D1FD1F1389E 184192 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudmdm.sys
2014-04-28 17:30:33 560B0DCE52DFED6623B27C9BAFA6F236 88576 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudbus.inf_x86_neutral_302ec72745f0f50d\i386\ssudbus.sys
2014-04-28 17:30:33 560B0DCE52DFED6623B27C9BAFA6F236 88576 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2014-04-28 17:30:33 560B0DCE52DFED6623B27C9BAFA6F236 88576 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudbus.sys
2014-04-28 17:30:33 40BE86C70C0A40DC87A4C7A53C6EA9CC 184192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssuddmgr.inf_x86_neutral_cac6836fb7542af2\i386\ssuddmgr.sys
2014-04-28 17:30:33 40BE86C70C0A40DC87A4C7A53C6EA9CC 184192 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssuddmgr.sys
2014-04-28 17:30:32 E8195EA6F92FE9FA02DA150B10F25708 52480 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudnd5.sys
2014-04-28 17:30:32 BFB405D9197CE252B6D440F6250728FC 70400 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudrmnet.sys
2014-04-28 17:30:32 A82A4BED3D84BE21F83A97F0B7E86907 26368 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ss_conn_usb_driver.sys
2014-04-28 17:30:32 7AEA4596C74F0D7DBC73BA1F5F8E1800 40704 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudeadb.sys
2014-04-28 17:30:32 76F7D7217FBDAB77798A2A244ACD641F 206080 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudserd.sys
2014-04-28 17:30:32 73BDD44A6088916964945886F9025409 108800 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudbus.sys
2014-04-28 17:30:32 660CEFE643CBB3C533375777EC14143B 95488 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudrmnetmp.sys
2014-04-28 17:30:32 5252D7BC56E5E0ED715AEA8FE173A455 206080 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudmdm.sys
2014-04-28 17:30:32 423BAEA1A1A7FF889EC46C11A45F90B9 206080 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssuddmgr.sys
2014-04-28 17:30:32 117DF2CC1758A097CC30305C4B8908C6 206080 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudobex.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"RfxSrvTray"="C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup"
"GoogleChromeAutoLaunch_C125459A4FAAD383F7DA0EEF6D2C6FBD"="C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN29R1G10005SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"
"KiesPDLR.exe"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

[HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run]
"RfxSrvTray"="C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup"
"GoogleChromeAutoLaunch_C125459A4FAAD383F7DA0EEF6D2C6FBD"="C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN29R1G10005SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"
"KiesPDLR.exe"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot"
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
"AVMWlanClient"="C:\Program Files\avmwlanstick\wlangui.exe"
"NokiaMusic FastStart"="C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe /command:faststart"
"ContentTransferWMDetector.exe"="C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe -osboot"
"DivXMediaServer"="C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe"
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe"
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Ad-Aware Browsing Protection"="C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
"MailCheck IE Broker"="C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RfxSrvTray"="C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup"
"GoogleChromeAutoLaunch_C125459A4FAAD383F7DA0EEF6D2C6FBD"="C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN29R1G10005SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"
"KiesPDLR.exe"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DivXUpdate"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GrooveMonitor"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaMServer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NokiaMServer"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Nokia\\MPlatform\\NokiaMServer /watchfiles startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\rfxsrvtray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="rfxsrvtray"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Tobit Radio.fx\\Client\\rfx-tray.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Photo Loader resident.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Photo Loader resident.lnk"
"backup"="C:\\Windows\\pss\\Photo Loader resident.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\CASIO\\PHOTOL~1\\Plauto.exe "
"item"="Photo Loader resident"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Lenn^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Groove.lnk]
"path"="C:\\Users\\Lenn\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Microsoft Office Groove.lnk"
"backup"="C:\\Windows\\pss\\Microsoft Office Groove.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\MICROS~2\\Office12\\GROOVE.EXE -background"
"item"="Microsoft Office Groove"


==== Startup Folders ======================

2011-09-16 11:24:44 1047 ----a-w- C:\Users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\@C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03.08.2010 21:52]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03.08.2010 21:52]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3972869702-3957550254-3659153023-1000UA.job --a------ C:\Users\Lenn\AppData\Local\Google\Update\GoogleUpdate.exe [03.11.2011 12:29]
C:\Windows\tasks\ReclaimerUpdateFiles_Lenn.job --a------ C:\Users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [19.04.2014 15:18]
C:\Windows\tasks\ReclaimerUpdateXML_Lenn.job --a------ [Undetermined Task]
C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Lenn.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\1und1 Konfiguration" ["C:\ProgramData\1und1InternetExplorerAddon\ConfigTask.exe"]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\ASC7_PerformanceMonitor" [C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe]
"C:\Windows\system32\tasks\ASC7_SkipUac_Lenn" [C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3972869702-3957550254-3659153023-1000Core" [C:\Users\Lenn\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3972869702-3957550254-3659153023-1000UA" [C:\Users\Lenn\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 3520 series" ["C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe"]
"C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\ReclaimerUpdateFiles_Lenn" [C:\Users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe]
"C:\Windows\system32\tasks\ReclaimerUpdateXML_Lenn" [C:\Users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe]
"C:\Windows\system32\tasks\Registration 1und1 Task" ["C:\Program Files\1und1Softwareaktualisierung\cdsupdclient.exe"]
"C:\Windows\system32\tasks\RNUpgradeHelperLogonPrompt_Lenn" [C:\Users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe]
"C:\Windows\system32\tasks\RNUpgradeHelperResumePrompt_Lenn" [C:\Users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe]
"C:\Windows\system32\tasks\Start Registry Reviver" [C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe]
"C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\TuneUp Utilities 2014\OneClick.exe]
"C:\Windows\system32\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{7687FB70-559F-449A-AC86-62F985FAE489}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\{0EE04CBA-F50A-4B40-8AF9-5E10464277F4}" ["c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent]
"C:\Windows\system32\tasks\{18A37269-3762-4833-B3D1-37FE3EE75E82}" ["c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent]
"C:\Windows\system32\tasks\{3870829B-7182-4A37-85F8-1FF645B64155}" [C:\Program Files\DelphineSoft\Moto Racer 3\mr3.exe]
"C:\Windows\system32\tasks\{4CAA96F5-8998-4764-9C3A-3EADF6A78D35}" [C:\program files\real\realplayer\RealPlay.exe]
"C:\Windows\system32\tasks\{6C727168-DA00-4CD6-82F8-AD2E43BEC2B5}" [C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe]
"C:\Windows\system32\tasks\{7ED3C634-DE8C-4B39-85B0-1D8E68FE0AA2}" [C:\Program Files\DelphineSoft\Moto Racer 3\mr3.exe]
"C:\Windows\system32\tasks\{99642768-62ED-4431-BC38-07657E74A26E}" ["c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent]
"C:\Windows\system32\tasks\{A9C04EBE-A861-49F9-B58C-F7A6F06CECBB}" [C:\Program Files\Skype\Phone\Skype.exe]
"C:\Windows\system32\tasks\{B35772F3-2D6F-4EA3-AAF2-5B3B654A3D5E}" ["c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent]
"C:\Windows\system32\tasks\{B966C6D7-50C6-4225-B6EF-BFCAD12D2478}" [C:\Program Files\DelphineSoft\Moto Racer 3\mr3.exe]
"C:\Windows\system32\tasks\{D2A3313C-9DD5-4F58-B8F6-2219B1B88C35}" ["c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent]
"C:\Windows\system32\tasks\{E05670E5-C995-4F16-8C75-DCDB02D91E66}" [C:\Program Files\DelphineSoft\Moto Racer 3\mr3.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [19.12.2012 19:36]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files\Common Files\DVDVideoSoft\plugins\ff" [01.02.2014 19:46]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Lenn\AppData\Roaming\Philips-Songbird\Profiles\8yoz892d.default
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\7digital@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\albumart@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\concerts-philips@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\ewh264dec@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\ewmpeg4dec@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\fileassociation@philips.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\gogear@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\langpack-de@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\msc@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\mtp@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\philips-skin@philips.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\philips-ui@philips.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com
- Philips Branding - %ProfilePath%\extensions\philips-branding@philips.com
- QuickTime Playback - %ProfilePath%\extensions\quicktime@songbirdnest.com
- Windows Media Playback - %ProfilePath%\extensions\windowsmedia@songbirdnest.com

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29.11.2012 21:35]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 15:13]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[30.12.2013 14:51]

Google Docs - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
RealDownloader - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
DVDVideoSoft - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Google Wallet - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
DivX Plus Web Player HTML5 \u003Cvideo> - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
Gmail - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.browse-search.com_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{7DCA3330-EE88-4C16-8FB4-95EEF6EE1AD4} WEB.DE Suche Url="hxxp://suche.web.de/search/web/?su={searchTerms}&origin=searchplugin"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\22F4F78BD116C3042A0A5524D60E5790 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B87F4F22-611D-403C-A2A0-55426DE07509} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\22F4F78BD116C3042A0A5524D60E5790 deleted successfully

==== Empty IE Cache ======================

C:\Users\Lenn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lenn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Lenn\Desktop\Desktopfverknüpfungen\Alen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lenn\Desktop\Desktopfverknüpfungen\Alen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=819 folders=79 322547916 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Lenn\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Lenn\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Lenn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H35RLNZ7\sensic.net" not found

==== EOF on 02.05.2014 at 19:15:31,39 ======================

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Lenn on 02.05.2014 at 18:49:11,25.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lenn\Downloads\zoek (1).exe [Scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

02.05.2014 18:51:11 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\InstallJammer Registry deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Philips deleted successfully
C:\PROGRA~2\ProductData deleted successfully
C:\PROGRA~2\WinZip deleted successfully
C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\Lenn\AppData\Roaming\kock deleted successfully
C:\Users\Lenn\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Lenn\AppData\Roaming\Nokia Ovi Suite deleted successfully
C:\Users\Lenn\AppData\Roaming\Reviversoft deleted successfully
C:\Users\Lenn\AppData\Roaming\xmldm deleted successfully
C:\Users\Lenn\AppData\Local\BlueStacksSetup deleted successfully
C:\Users\Lenn\AppData\Local\Lexware deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2E0E1FD5-B8E3-4D03-B223-0AC28770E591} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{2E0E1FD5-B8E3-4D03-B223-0AC28770E591} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{E16DC1FE-7C34-43F2-B754-F3AD12DDF97C} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{E16DC1FE-7C34-43F2-B754-F3AD12DDF97C} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{20C28584-8F10-4D92-987C-0A1008E2435A} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{20C28584-8F10-4D92-987C-0A1008E2435A} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{522AAEF4-58F1-4198-B04B-866ACC37284A} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{522AAEF4-58F1-4198-B04B-866ACC37284A} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{17166733-40EA-4432-A85C-AE672FF0E236} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511421146} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511421146} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511311172} deleted successfully
HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110511311172} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\Users\Lenn\Desktop\Desktopfverknüpfungen\Favorites\Kostenlose Software-Downloads, Freeware & Spiele - Softonic.url not found
"C:\Windows\Installer\9bd50.msi" not found
C:\Program Files\GUT30D0.tmp deleted
C:\Program Files\GUM30CF.tmp deleted
C:\Program Files\Common Files\DVDVideoSoft\bin deleted
C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar deleted
C:\Program Files\MyFree Codec deleted
C:\Users\Lenn\AppData\Roaming\AutoGK.ini deleted
C:\Users\Lenn\AppData\Roaming\blckdom.res deleted
C:\PROGRA~2\Search Protection deleted
C:\Users\Lenn\AppData\Local\CRE deleted
C:\Users\Lenn\AppData\Local\avgchrome deleted
C:\Users\Lenn\AppData\Local\adawarebp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Users\Lenn\Downloads\FreeYouTubeToMP3Converter (1).exe deleted
C:\Users\Lenn\Downloads\FreeYouTubeToMP3Converter (2).exe deleted
C:\Users\Lenn\Downloads\FreeYouTubeToMP3Converter (3).exe deleted
C:\Users\Lenn\Downloads\FreeYouTubeToMP3Converter (4).exe deleted
C:\Users\Lenn\Downloads\FreeYouTubeToMP3Converter.exe deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\user.js deleted
C:\prefs.js deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
"C:\Users\Lenn\AppData\Local\{08F60A8A-F592-45D2-BF7A-7B3C6DB935FB}" deleted
"C:\Users\Lenn\AppData\Local\{1662E562-FE69-4416-8D6A-4C6BD09123B2}" deleted
"C:\Users\Lenn\AppData\Local\{8F71DC2D-BE26-46E3-9039-1C68F395DC31}" deleted
"C:\Users\Lenn\AppData\Roaming\Temp" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-05-01 16:00:03 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2014-05-01 16:00:03 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2014-05-01 16:00:03 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2014-05-01 16:00:03 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2014-05-01 16:00:03 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
====== C:\Users\Lenn\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2014-05-01 18:48:30 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\System32\sqlite3.dll
2014-04-28 17:34:50 7753FC56F9CAC4B5AFDA3196DB654F21 144664 ----a-w- C:\Windows\System32\secman.dll
====== C:\Windows\system32\drivers =====
2014-05-01 09:32:16 661B911FA04E73FB073FF9B1C9BD2E05 107736 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-01 09:31:53 2BB23932978D623D3D395AEAB1825BF1 73432 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-01 09:31:53 18898A87CBA96DEA2074C19E140938A8 51416 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-04-28 17:30:33 585FDB94DB04AC1C56298D1FD1F1389E 184192 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2014-04-28 17:30:33 560B0DCE52DFED6623B27C9BAFA6F236 88576 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2014-04-09 13:34:35 F1A449D762657230629D8BFC107ABC14 149440 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-04-09 13:34:35 EB34CE31FABD4DC4343FD2AD16D2CAF9 234432 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-04-09 13:34:35 5FB4F271032B6435F3B2252F577A4815 27072 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-04-09 13:34:30 C8DFF8D07755A66C7A4A738930F0FEAC 1212352 ----a-w- C:\Windows\System32\drivers\ntfs.sys
====== C:\Windows\Tasks ======
2014-04-29 16:48:29 E203DF9723AA50513E18B5E331E0B457 3154 ----a-w- C:\Windows\system32\Tasks\{1ED38574-7B40-4523-B10F-69DB66A733F3}
2014-04-29 11:49:14 0AB492F850ABC923B6A4BAB34529DCB0 3080 ----a-w- C:\Windows\system32\Tasks\ASC7_PerformanceMonitor
2014-04-29 11:49:01 14415D0CB35ED016A5F6B10E3BDCF61D 2872 ----a-w- C:\Windows\system32\Tasks\Uninstaller_SkipUac_Administrator
2014-04-29 11:48:38 720A790DDB79E27C349273CFED88CDC7 2836 ----a-w- C:\Windows\system32\Tasks\ASC7_SkipUac_Lenn
2014-04-19 16:20:28 A88440BA214BF6FF544E6727119B4101 3606 ----a-w- C:\Windows\system32\Tasks\RNUpgradeHelperResumePrompt_Lenn
2014-04-19 16:20:25 9C250F7E8CCC7BEB77566887C356391F 2952 ----a-w- C:\Windows\system32\Tasks\ReclaimerUpdateFiles_Lenn
2014-04-19 16:20:24 76AD408FD2F4C62285D96380189C7149 366 ----a-w- C:\Windows\Tasks\ReclaimerUpdateFiles_Lenn.job
2014-04-19 16:20:23 F471C3BAFBFD3DFC16A2DBD149EF7A18 362 ----a-w- C:\Windows\Tasks\ReclaimerUpdateXML_Lenn.job
2014-04-19 16:20:23 86D6276DB8A7D5CAFDF1C169B21EEDA5 2948 ----a-w- C:\Windows\system32\Tasks\ReclaimerUpdateXML_Lenn
2014-04-14 17:47:32 ED933849EAF8ACBD6A2C0CB59C30D7A6 3346 ----a-w- C:\Windows\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3972869702-3957550254-3659153023-1000
2014-04-05 17:59:25 ED706BB221339560AA91FB865364DB7E 3116 ----a-w- C:\Windows\system32\Tasks\{8F73B9F2-7B19-4705-9112-DF05612123D8}
2014-04-02 17:40:22 743668099D74E636D6BD12EE10146134 3822 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater
2014-04-02 17:40:21 F91818BB80824DED9254DAAB22C6DA28 884 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-01 18:53:31 -------- d-----w- C:\Program Files\WEB.DE MailCheck
2014-04-29 16:51:23 -------- d-----w- C:\Program Files\Lavasoft
2014-04-29 11:48:30 -------- d-----w- C:\Program Files\IObit
======= C: =====
2014-05-01 16:27:47 9343A0D7470D4577B3255AE5F0B36EEF 44739 ----a-w- C:\scan vom 01.05.14.txt
====== C:\Users\Lenn\AppData\Roaming ======
2014-05-01 16:16:48 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp
2014-05-01 16:16:48 -------- d-----w- C:\Users\Public\AppData\Local\temp
2014-05-01 16:16:48 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-05-01 16:16:48 -------- d-----w- C:\Users\Default User\AppData\Local\temp
2014-04-29 16:54:54 -------- d-----w- C:\Users\Lenn\AppData\Roaming\LavasoftStatistics
2014-04-29 16:48:53 -------- d-----w- C:\Users\Lenn\AppData\Roaming\Lavasoft
2014-04-29 14:56:22 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\IObit
2014-04-29 11:49:00 -------- d-----w- C:\Users\Lenn\AppData\Locallow\IObit
2014-04-29 11:47:40 -------- d-----w- C:\Users\Lenn\AppData\Roaming\IObit
2014-04-03 19:52:31 55FBB20133E651DA44BA425657B03A57 110080 ----a-w- C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
====== C:\Users\Lenn ======
2014-05-01 18:59:16 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-05-01 18:53:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck
2014-05-01 18:47:53 A8DDCC18FC3706A5752713E9CC05A0BD 1310621 ----a-w- C:\Users\Lenn\Downloads\adwcleaner (1).exe
2014-05-01 16:16:48 -------- d-----w- C:\Users\Public\AppData
2014-05-01 14:27:01 -------- d-----w- C:\ProgramData\UUdb
2014-05-01 12:54:28 E4618FBD76BE214F7F9258B2654E3A1C 1050624 ----a-w- C:\Users\Lenn\Downloads\FRST (1).exe
2014-05-01 09:53:11 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-01 09:46:04 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-01 09:35:01 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000 (1).exe
2014-05-01 09:30:02 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000.exe
2014-05-01 09:19:22 E4618FBD76BE214F7F9258B2654E3A1C 1050624 ----a-w- C:\Users\Lenn\Downloads\FRST.exe
2014-04-29 16:51:57 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
2014-04-29 16:47:01 -------- d-----w- C:\ProgramData\Lavasoft
2014-04-29 16:46:53 6420175B127BFEAEC0019BB56DD41AA8 1727624 ----a-w- C:\Users\Lenn\Downloads\Adaware_Installer_11.1.5354.exe
2014-04-29 11:48:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2014-04-29 11:48:38 -------- d-----w- C:\ProgramData\IObit
2014-04-29 11:48:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-04-29 11:47:02 08AFCE040C919AA2548E6487B01528DF 41807824 ----a-w- C:\Users\Lenn\Downloads\advanced-72systemcare-setup.exe
2014-04-02 17:35:50 5AC8EC6172C46FF4D67A3E9E36BA9C9D 444 --sha-r- C:\ProgramData\ntuser.pol

====== C: exe-files ==
2014-05-01 18:59:16 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-05-01 18:53:35 7D1B3E8BE52B4E17778EFFDCAC712259 241962 ----a-w- C:\Program Files\WEB.DE MailCheck\IE\uninst.exe
2014-05-01 18:47:53 A8DDCC18FC3706A5752713E9CC05A0BD 1310621 ----a-w- C:\Users\Lenn\Downloads\adwcleaner (1).exe
2014-05-01 16:00:03 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2014-05-01 16:00:03 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2014-05-01 16:00:03 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2014-05-01 16:00:03 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2014-05-01 16:00:03 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
2014-05-01 14:26:55 6C5A8C5ABAEFEA42F65295F817FB58C9 104210 ----a-w- C:\ProgramData\1und1DesktopIconsInstaller\uninst.exe
2014-05-01 12:54:28 E4618FBD76BE214F7F9258B2654E3A1C 1050624 ----a-w- C:\Users\Lenn\Downloads\FRST (1).exe
2014-05-01 09:53:11 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-01 09:46:04 302103AF95A8F43AD85F80DAE14BDB9C 17305616 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-01 09:35:01 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000 (1).exe
2014-05-01 09:30:02 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Lenn\Downloads\mbam-setup-2.0.0.1000.exe
2014-05-01 09:19:22 E4618FBD76BE214F7F9258B2654E3A1C 1050624 ----a-w- C:\Users\Lenn\Downloads\FRST.exe
2014-05-01 09:12:20 79CACA103DA5AB8EBED082503615CD37 1119448 ----a-w- C:\Users\Lenn\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.131\34.0.1847.131_34.0.1847.116_chrome_updater.exe
2014-04-29 16:46:53 6420175B127BFEAEC0019BB56DD41AA8 1727624 ----a-w- C:\Users\Lenn\Downloads\Adaware_Installer_11.1.5354.exe
2014-04-29 11:48:59 A9E39A061CF55238D9BBD8113EDA929D 7560992 ----a-w- C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
2014-04-29 11:48:56 C098B4EA64D8C957486ACD736031435C 588608 ----a-w- C:\Program Files\IObit\IObit Uninstaller\Install_PintoStartMenu.exe
2014-04-29 11:48:56 5D4ACF36CF6B3E2453C2E39216BD173B 629568 ----a-w- C:\Program Files\IObit\IObit Uninstaller\UninstallDisplay.exe
2014-04-29 11:48:55 78148DC7BA8C46551929FF7E47FA4133 1114944 ----a-w- C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
2014-04-29 11:48:54 497AF28F6231FA74DE734C9628F30FAD 1362240 ----a-w- C:\Program Files\IObit\Surfing Protection\SPUpdate.exe
2014-04-29 11:48:54 11ED7276A769DA7CC3511FE361C784F4 1264960 ----a-w- C:\Program Files\IObit\Surfing Protection\PluginInstall.exe
2014-04-29 11:48:53 398AA8F18B72F46F40E9D42A6C714B0E 1185088 ----a-w- C:\Program Files\IObit\Surfing Protection\unins000.exe
2014-04-29 11:48:50 935E2093CEED8198C820B7F60BB63167 2151200 ----a-w- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
2014-04-29 11:48:50 1B39F4B8BA2EA0063C054ABD9C8C5F14 2129728 ----a-w- C:\Program Files\IObit\IObit Uninstaller\UninstallPromote.exe
2014-04-29 11:48:35 DAD88CD4525202FE432A3F2876B11480 27456 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\win7_amd64\RegistryDefragBootTime.exe
2014-04-29 11:48:35 D9D93EBAAC14D950AF51371DFD72DCFE 24384 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wnet_x86\RegistryDefragBootTime.exe
2014-04-29 11:48:35 AA91773A8B756B26735FE15A2E1ACE6F 27456 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wlh_amd64\RegistryDefragBootTime.exe
2014-04-29 11:48:35 6B236C4D124658754C47151794F0F988 24384 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wlh_x86\RegistryDefragBootTime.exe
2014-04-29 11:48:35 3FDF59C5038A156E9013571A56DC3BB1 24384 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\win7_x86\RegistryDefragBootTime.exe
2014-04-29 11:48:35 3A684080CEE903F54D7F42980668BD8E 26944 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wxp_amd64\RegistryDefragBootTime.exe
2014-04-29 11:48:35 158718C3AC8535E4EE02DAE77BD50054 26944 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wnet_amd64\RegistryDefragBootTime.exe
2014-04-29 11:48:35 003C55620F5FBA7D8339117DF0AC6D0F 24384 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\drivers\wxp_x86\RegistryDefragBootTime.exe
2014-04-29 11:48:33 F8A99F3FCBA96E04C967D4037FAF01D2 5391000 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\SPSetup.exe
2014-04-29 11:48:33 F60C0473885A838C48F5A71C0FEEC901 542496 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe
2014-04-29 11:48:33 B7600792B16CA0D6811D4297BE8BDDA5 1852192 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Suo11_InternetBooster.exe
2014-04-29 11:48:33 B5AAD6E454E1F542335A020003F61837 586048 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Suc12_DiskCleaner.exe
2014-04-29 11:48:33 A9E39A061CF55238D9BBD8113EDA929D 7560992 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\IObitUninstaller.exe
2014-04-29 11:48:33 9100EA060BA3D3EEC330CE791E9BACA9 243488 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\TbAppCaller.exe
2014-04-29 11:48:33 743E8C8E1A56B6065DB83BD3EE2A7901 2229024 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Suc11_RegistryCleaner.exe
2014-04-29 11:48:33 5C74AD321FDD45D4562F6F67D9A75C84 1145120 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ProjectOnUninstall.exe
2014-04-29 11:48:33 427CCAB531F6FFB48487572293C2CFD0 959264 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Sur13_WinFix.exe
2014-04-29 11:48:33 248542B258B9D8D34472C5CB71748FA0 1896224 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Sua11_DiskExplorer.exe
2014-04-29 11:48:33 1157313BE0C81895F49B1D25CE77826A 687392 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ProgramDeactivator.exe
2014-04-29 11:48:33 0B5EFC97C708D2C70FC6806649CF21F1 698144 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Homepage.exe
2014-04-29 11:48:33 03B68DAFE092D9CC3A052A4058C715C6 943392 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Suo12_StartupManager.exe
2014-04-29 11:48:32 EB11CD296594C6FDE57C9407F239BFBC 781088 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
2014-04-29 11:48:32 DFBA16F3983B2FB5C9B479B577BCDE67 92960 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\PerformUpdate.exe
2014-04-29 11:48:32 D3029F71E7F453C833D28AA8CD08D14A 1873184 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\QuickSettings.exe
2014-04-29 11:48:32 D2F3674FB4BCB1244E6028755B90AC27 603424 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Report.exe
2014-04-29 11:48:32 A2D598483C3D21ABC0B41C56704BB6C7 578336 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\UpgradeTip.exe
2014-04-29 11:48:32 935E2093CEED8198C820B7F60BB63167 2151200 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\LiveUpdate.exe
2014-04-29 11:48:32 812B33FA3B554E53E426FFA1A2B2AD7B 236832 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ProTip.exe
2014-04-29 11:48:32 7B44D4796E929393EC9B330AD52DFF4F 562464 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\SendBugReportNew.exe
2014-04-29 11:48:32 62946010D97FA38835D47C0E14909DD4 259872 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Nfeatures.exe
2014-04-29 11:48:32 3EF183CD81F9792303812714D883FBF6 1264928 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\SPInit.exe
2014-04-29 11:48:32 3B74149C570AD751B377132D7C28411F 1084192 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\RescueCenter.exe
2014-04-29 11:48:32 32AE2F1A4CEB3588F50611FD27BFA7E8 441120 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\MonitorDisk.exe
2014-04-29 11:48:32 2EBBF65F25852F69C790BB7DEE59DAC3 2042176 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Register.exe
2014-04-29 11:48:32 212BE27E48344EFD78BF173C5CA27C4A 167712 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\AutoReactivator.exe
2014-04-29 11:48:32 1B39F4B8BA2EA0063C054ABD9C8C5F14 2129728 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\UninstallPromote.exe
2014-04-29 11:48:32 13D946D32A1E816341D7FA3D48F5B468 947488 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\SendBugReport.exe
2014-04-29 11:48:32 0C2F9B66D80EE02A51D0CB15E2F61864 1214240 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\RealTimeProtector.exe
2014-04-29 11:48:32 0570F2C064199108A5D5679A5D927D59 885024 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Wizard.exe
2014-04-29 11:48:31 FBC25AE0FF76FFFE0FCC7F4CEC5E6489 44320 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\DiskScan.exe
2014-04-29 11:48:31 F5ADB51BC6EBF55B052B581FBC23C1E1 1107744 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\CheckDevice.exe
2014-04-29 11:48:31 D317A623E1AE31C1AC5CC4D7D5AB4BC8 1126176 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\AutoSweep.exe
2014-04-29 11:48:31 CC67CE28BCD1CE1738E64ED8ADED6588 1846560 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\AutoCare.exe
2014-04-29 11:48:31 66ED963FBA998E887C88FE6FCA46E2B9 43808 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\DiskDefrag.exe
2014-04-29 11:48:31 62F631A0DD7AAD708AD61A821B421188 1324832 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\AutoUpdate.exe
2014-04-29 11:48:31 59581F33E5863AC831935F14BE68D904 4093800 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\game-assistant.exe
2014-04-29 11:48:31 49F4367F0885E9A77210EA9AC5835A16 468768 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\DelayLoad.exe
2014-04-29 11:48:31 1F98172C060A5328459A56CB7ECDA779 96032 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\Display.exe
2014-04-29 11:48:31 1949B89CE646F06C1283266EDA514E29 547104 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCUpgrade.exe
2014-04-29 11:48:30 EDBBDEBE0FDF577A647216C452773A90 2288928 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
2014-04-29 11:48:30 D1EC64EA0C8151E41C3CD10140E6D143 4456224 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe
2014-04-29 11:48:30 CC6B26C922B4480FCBDFF565C9ABFB6F 36640 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCFixer.exe
2014-04-29 11:48:30 6C856C581ACE1785CE3FC2414E9859A3 881952 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
2014-04-29 11:48:30 6A30A6E6164C1AC03B4F00356DED9607 645408 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCDownload.exe
2014-04-29 11:48:30 4065C15F66B71817A33443189AA5464D 1749280 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ActionCenterDownloader.exe
2014-04-29 11:48:30 37E24A946C409B7A0F7BE1FBC02218ED 1198368 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\unins000.exe
2014-04-29 11:48:30 322A5A6E56DE315945EBC59ED0343E94 574240 ----a-w- C:\Program Files\IObit\Advanced SystemCare 7\ASCInit.exe
2014-04-29 11:47:02 08AFCE040C919AA2548E6487B01528DF 41807824 ----a-w- C:\Users\Lenn\Downloads\advanced-72systemcare-setup.exe
2014-04-28 17:32:30 8F25CE4AA306887394A70FFEDB920263 41310112 ----a-w- C:\Users\Lenn\AppData\Roaming\Samsung\Kies3.0\TempFiles\Kies_3.2.14034_17.exe
=== C: other files ==
2014-05-01 09:32:16 661B911FA04E73FB073FF9B1C9BD2E05 107736 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-01 09:31:53 2BB23932978D623D3D395AEAB1825BF1 73432 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-01 09:31:53 18898A87CBA96DEA2074C19E140938A8 51416 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-04-29 11:48:55 032694B0FE8D2AE6EC544B989E1CBF75 341164 ----a-w- C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
2014-04-28 17:45:49 9E4F403107CEE96B3F7AC0A763A214F5 1139 ----a-w- C:\Users\Lenn\AppData\Roaming\Samsung\Kies3.0\TempFiles\GT-I9305\BnR\SPlanner\splanner.zip
2014-04-28 17:45:45 983E27B60DC058A787450D1A7D35979C 2618793 ----a-w- C:\Users\Lenn\AppData\Roaming\Samsung\Kies3.0\TempFiles\GT-I9305\BnR\SMemo\smemo.zip
2014-04-28 17:30:33 E0B86430E0B26C10B355B9E590FD25E0 184192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudserd.inf_x86_neutral_cdc93dd783760daf\i386\ssudserd.sys
2014-04-28 17:30:33 E0B86430E0B26C10B355B9E590FD25E0 184192 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudserd.sys
2014-04-28 17:30:33 C637F575380C360A55E678368407CCF4 46848 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudnd5.inf_x86_neutral_f9c94249ac7700c9\i386\ssudnd5.sys
2014-04-28 17:30:33 C637F575380C360A55E678368407CCF4 46848 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudnd5.sys
2014-04-28 17:30:33 A0A987A949968A3DC38C1430FB9A0D9C 61696 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudrmnet.inf_x86_neutral_d6d301a52627a9f2\i386\ssudrmnet.sys
2014-04-28 17:30:33 A0A987A949968A3DC38C1430FB9A0D9C 61696 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudrmnet.sys
2014-04-28 17:30:33 995E5E1F29E2035C11456646974B4FFD 23296 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ss_conn_usb_driver.inf_x86_neutral_62574e34f3250cd8\i386\ss_conn_usb_driver.sys
2014-04-28 17:30:33 995E5E1F29E2035C11456646974B4FFD 23296 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ss_conn_usb_driver.sys
2014-04-28 17:30:33 863DA00F0532FEBCCC4237FC32D1DEC5 34688 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudeadb.inf_x86_neutral_67f04345cdb1ebf1\i386\ssudeadb.sys
2014-04-28 17:30:33 863DA00F0532FEBCCC4237FC32D1DEC5 34688 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudeadb.sys
2014-04-28 17:30:33 81B15F32A0D3C85FA2E0FF52AD6C0D4D 184192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudobex.inf_x86_neutral_9f7452e0e242b483\i386\ssudobex.sys
2014-04-28 17:30:33 81B15F32A0D3C85FA2E0FF52AD6C0D4D 184192 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudobex.sys
2014-04-28 17:30:33 6E2AF5BBE451356A848C7455462A6D89 83200 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudrmnetmp.inf_x86_neutral_f2b7f7376f8efc77\i386\ssudrmnetmp.sys
2014-04-28 17:30:33 6E2AF5BBE451356A848C7455462A6D89 83200 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudrmnetmp.sys
2014-04-28 17:30:33 585FDB94DB04AC1C56298D1FD1F1389E 184192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudmdm.inf_x86_neutral_d75346347b4e138e\i386\ssudmdm.sys
2014-04-28 17:30:33 585FDB94DB04AC1C56298D1FD1F1389E 184192 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2014-04-28 17:30:33 585FDB94DB04AC1C56298D1FD1F1389E 184192 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudmdm.sys
2014-04-28 17:30:33 560B0DCE52DFED6623B27C9BAFA6F236 88576 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssudbus.inf_x86_neutral_302ec72745f0f50d\i386\ssudbus.sys
2014-04-28 17:30:33 560B0DCE52DFED6623B27C9BAFA6F236 88576 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2014-04-28 17:30:33 560B0DCE52DFED6623B27C9BAFA6F236 88576 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssudbus.sys
2014-04-28 17:30:33 40BE86C70C0A40DC87A4C7A53C6EA9CC 184192 ----a-w- C:\Windows\System32\DriverStore\FileRepository\ssuddmgr.inf_x86_neutral_cac6836fb7542af2\i386\ssuddmgr.sys
2014-04-28 17:30:33 40BE86C70C0A40DC87A4C7A53C6EA9CC 184192 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\i386\ssuddmgr.sys
2014-04-28 17:30:32 E8195EA6F92FE9FA02DA150B10F25708 52480 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudnd5.sys
2014-04-28 17:30:32 BFB405D9197CE252B6D440F6250728FC 70400 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudrmnet.sys
2014-04-28 17:30:32 A82A4BED3D84BE21F83A97F0B7E86907 26368 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ss_conn_usb_driver.sys
2014-04-28 17:30:32 7AEA4596C74F0D7DBC73BA1F5F8E1800 40704 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudeadb.sys
2014-04-28 17:30:32 76F7D7217FBDAB77798A2A244ACD641F 206080 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudserd.sys
2014-04-28 17:30:32 73BDD44A6088916964945886F9025409 108800 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudbus.sys
2014-04-28 17:30:32 660CEFE643CBB3C533375777EC14143B 95488 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudrmnetmp.sys
2014-04-28 17:30:32 5252D7BC56E5E0ED715AEA8FE173A455 206080 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudmdm.sys
2014-04-28 17:30:32 423BAEA1A1A7FF889EC46C11A45F90B9 206080 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssuddmgr.sys
2014-04-28 17:30:32 117DF2CC1758A097CC30305C4B8908C6 206080 ----a-w- C:\Program Files\Samsung\USB Drivers\25_escape\amd64\ssudobex.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"RfxSrvTray"="C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup"
"GoogleChromeAutoLaunch_C125459A4FAAD383F7DA0EEF6D2C6FBD"="C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN29R1G10005SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"
"KiesPDLR.exe"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

[HKEY_USERS\S-1-5-21-3972869702-3957550254-3659153023-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run]
"RfxSrvTray"="C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup"
"GoogleChromeAutoLaunch_C125459A4FAAD383F7DA0EEF6D2C6FBD"="C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN29R1G10005SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"
"KiesPDLR.exe"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot"
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
"AVMWlanClient"="C:\Program Files\avmwlanstick\wlangui.exe"
"NokiaMusic FastStart"="C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe /command:faststart"
"ContentTransferWMDetector.exe"="C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe -osboot"
"DivXMediaServer"="C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe"
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe"
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Ad-Aware Browsing Protection"="C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
"MailCheck IE Broker"="C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RfxSrvTray"="C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup"
"GoogleChromeAutoLaunch_C125459A4FAAD383F7DA0EEF6D2C6FBD"="C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN29R1G10005SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"
"KiesPDLR.exe"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DivXUpdate"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GrooveMonitor"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaMServer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NokiaMServer"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Nokia\\MPlatform\\NokiaMServer /watchfiles startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\rfxsrvtray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="rfxsrvtray"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Tobit Radio.fx\\Client\\rfx-tray.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Photo Loader resident.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Photo Loader resident.lnk"
"backup"="C:\\Windows\\pss\\Photo Loader resident.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\CASIO\\PHOTOL~1\\Plauto.exe "
"item"="Photo Loader resident"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Lenn^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Groove.lnk]
"path"="C:\\Users\\Lenn\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Microsoft Office Groove.lnk"
"backup"="C:\\Windows\\pss\\Microsoft Office Groove.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\MICROS~2\\Office12\\GROOVE.EXE -background"
"item"="Microsoft Office Groove"


==== Startup Folders ======================

2011-09-16 11:24:44 1047 ----a-w- C:\Users\Lenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\@C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03.08.2010 21:52]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03.08.2010 21:52]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3972869702-3957550254-3659153023-1000UA.job --a------ C:\Users\Lenn\AppData\Local\Google\Update\GoogleUpdate.exe [03.11.2011 12:29]
C:\Windows\tasks\ReclaimerUpdateFiles_Lenn.job --a------ C:\Users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [19.04.2014 15:18]
C:\Windows\tasks\ReclaimerUpdateXML_Lenn.job --a------ [Undetermined Task]
C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Lenn.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\1und1 Konfiguration" ["C:\ProgramData\1und1InternetExplorerAddon\ConfigTask.exe"]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\ASC7_PerformanceMonitor" [C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe]
"C:\Windows\system32\tasks\ASC7_SkipUac_Lenn" [C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3972869702-3957550254-3659153023-1000Core" [C:\Users\Lenn\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3972869702-3957550254-3659153023-1000UA" [C:\Users\Lenn\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 3520 series" ["C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe"]
"C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-3972869702-3957550254-3659153023-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\ReclaimerUpdateFiles_Lenn" [C:\Users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe]
"C:\Windows\system32\tasks\ReclaimerUpdateXML_Lenn" [C:\Users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe]
"C:\Windows\system32\tasks\Registration 1und1 Task" ["C:\Program Files\1und1Softwareaktualisierung\cdsupdclient.exe"]
"C:\Windows\system32\tasks\RNUpgradeHelperLogonPrompt_Lenn" [C:\Users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe]
"C:\Windows\system32\tasks\RNUpgradeHelperResumePrompt_Lenn" [C:\Users\Lenn\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe]
"C:\Windows\system32\tasks\Start Registry Reviver" [C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe]
"C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\TuneUp Utilities 2014\OneClick.exe]
"C:\Windows\system32\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{7687FB70-559F-449A-AC86-62F985FAE489}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\{0EE04CBA-F50A-4B40-8AF9-5E10464277F4}" ["c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent]
"C:\Windows\system32\tasks\{18A37269-3762-4833-B3D1-37FE3EE75E82}" ["c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent]
"C:\Windows\system32\tasks\{3870829B-7182-4A37-85F8-1FF645B64155}" [C:\Program Files\DelphineSoft\Moto Racer 3\mr3.exe]
"C:\Windows\system32\tasks\{4CAA96F5-8998-4764-9C3A-3EADF6A78D35}" [C:\program files\real\realplayer\RealPlay.exe]
"C:\Windows\system32\tasks\{6C727168-DA00-4CD6-82F8-AD2E43BEC2B5}" [C:\Users\Lenn\AppData\Local\Google\Chrome\Application\chrome.exe]
"C:\Windows\system32\tasks\{7ED3C634-DE8C-4B39-85B0-1D8E68FE0AA2}" [C:\Program Files\DelphineSoft\Moto Racer 3\mr3.exe]
"C:\Windows\system32\tasks\{99642768-62ED-4431-BC38-07657E74A26E}" ["c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent]
"C:\Windows\system32\tasks\{A9C04EBE-A861-49F9-B58C-F7A6F06CECBB}" [C:\Program Files\Skype\Phone\Skype.exe]
"C:\Windows\system32\tasks\{B35772F3-2D6F-4EA3-AAF2-5B3B654A3D5E}" ["c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent]
"C:\Windows\system32\tasks\{B966C6D7-50C6-4225-B6EF-BFCAD12D2478}" [C:\Program Files\DelphineSoft\Moto Racer 3\mr3.exe]
"C:\Windows\system32\tasks\{D2A3313C-9DD5-4F58-B8F6-2219B1B88C35}" ["c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/5.3.0.120/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;userlevelpresent]
"C:\Windows\system32\tasks\{E05670E5-C995-4F16-8C75-DCDB02D91E66}" [C:\Program Files\DelphineSoft\Moto Racer 3\mr3.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [19.12.2012 19:36]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files\Common Files\DVDVideoSoft\plugins\ff" [01.02.2014 19:46]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Lenn\AppData\Roaming\Philips-Songbird\Profiles\8yoz892d.default
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\7digital@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\albumart@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\concerts-philips@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\ewh264dec@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\ewmpeg4dec@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\fileassociation@philips.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\gogear@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\langpack-de@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\msc@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\mtp@songbirdnest.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\philips-skin@philips.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\philips-ui@philips.com
- Undetermined - C:\Program Files\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com
- Philips Branding - %ProfilePath%\extensions\philips-branding@philips.com
- QuickTime Playback - %ProfilePath%\extensions\quicktime@songbirdnest.com
- Windows Media Playback - %ProfilePath%\extensions\windowsmedia@songbirdnest.com

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29.11.2012 21:35]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 15:13]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[30.12.2013 14:51]

Google Docs - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
RealDownloader - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
DVDVideoSoft - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Google Wallet - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
DivX Plus Web Player HTML5 \u003Cvideo> - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
Gmail - Lenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.browse-search.com_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{7DCA3330-EE88-4C16-8FB4-95EEF6EE1AD4} WEB.DE Suche Url="hxxp://suche.web.de/search/web/?su={searchTerms}&origin=searchplugin"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\22F4F78BD116C3042A0A5524D60E5790 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B87F4F22-611D-403C-A2A0-55426DE07509} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\22F4F78BD116C3042A0A5524D60E5790 deleted successfully

==== Empty IE Cache ======================

C:\Users\Lenn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lenn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Lenn\Desktop\Desktopfverknüpfungen\Alen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lenn\Desktop\Desktopfverknüpfungen\Alen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Lenn\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=819 folders=79 322547916 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Lenn\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Lenn\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Lenn\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H35RLNZ7\sensic.net" not found

==== EOF on 02.05.2014 at 19:15:31,39 ======================

Alt 03.05.2014, 10:06   #10
M-K-D-B
/// TB-Ausbilder
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Was noch fehlt:
  • Fragen beantworten
  • neues FRST logfile (FRST.txt + Addition.txt)
Alt 04.05.2014, 10:41   #11
Alen2525
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Hallo,welche Fragen meinst du?

Alt 04.05.2014, 11:20   #12
M-K-D-B
/// TB-Ausbilder
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Zitat:
Zitat von Alen2525 Beitrag anzeigen
Hallo,welche Fragen meinst du?
Bitte lesen ...

Alt 07.05.2014, 18:35   #13
M-K-D-B
/// TB-Ausbilder
 
unerwünschte Seiten gehen beim surfen auf - Standard

unerwünschte Seiten gehen beim surfen auf


Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Antwort

Themen zu unerwünschte Seiten gehen beim surfen auf
dauernd, google, hilfe, malware, nervt, pup.adware.agent, pup.optional.domalq, pup.optional.hqvid.a, pup.optional.koyote.a, pup.optional.mediaplayerplus.a, pup.optional.opencandy, pup.optional.smartbar.a, pup.optional.somoto, seite, seiten, surfe, surfen, unerwünschte, unerwünschte seiten, werbung


« PcPerformer kann nicht gelöscht werden | Websites laden sehr langsam, teils gar nicht trotz ausreichender Verbindung »


Ähnliche Themen: unerwünschte Seiten gehen beim surfen auf


  1. Es öffnen sich beim surfen mehrer Seiten.
    Log-Analyse und Auswertung - 18.10.2016 (15)
  2. Ich werde oft beim Surfen auf Seiten mit Werbung umgeleitet & Pop-Up-Fenster erscheinen
    Plagegeister aller Art und deren Bekämpfung - 02.09.2014 (31)
  3. Windows 7: Popups, unerwünschte Seiten, unerwünschte Weiterleitungen bei Internetnutzung
    Log-Analyse und Auswertung - 11.04.2014 (13)
  4. Popups, neue unerwünschte Seiten beim Browsen ..WIN7 Ultimate
    Plagegeister aller Art und deren Bekämpfung - 27.02.2014 (18)
  5. Trojaner gelöscht, kann jetzt surfen, doch alle E-Mail clients, Dropbox etc gehen nicht!
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (1)
  6. Hab ich mir was eingefangen? rechner lahmt seiten gehen auf otl log anbei
    Plagegeister aller Art und deren Bekämpfung - 23.07.2012 (4)
  7. ungutes Gefühl - beim Surfen auf Seiten gelandet - trotz diverser Pop-Up-Blocker - erotik-seiten
    Log-Analyse und Auswertung - 30.08.2010 (17)
  8. plötzlicher aufbau diverser seiten beim surfen + langsames starten von win7
    Plagegeister aller Art und deren Bekämpfung - 03.05.2010 (1)
  9. Internet Seiten gehen nicht auf
    Mülltonne - 13.06.2009 (1)
  10. IE öffnet beim surfen selbsständig neue seiten
    Log-Analyse und Auswertung - 04.04.2009 (14)
  11. icq, msn, qip und seiten wie schülervz gehen nicht mehr
    Log-Analyse und Auswertung - 07.01.2009 (14)
  12. Nach dem TR/Vundo immernoch komische Seiten die beim Surfen aufpoppen
    Log-Analyse und Auswertung - 19.12.2008 (1)
  13. Seiten gehen von aleeine auf
    Mülltonne - 16.11.2008 (0)
  14. Firefox öffnet automatisch neue seiten beim surfen...
    Plagegeister aller Art und deren Bekämpfung - 07.11.2007 (3)
  15. Nervige Seiten öffnen sich beim surfen!
    Plagegeister aller Art und deren Bekämpfung - 03.08.2007 (1)
  16. Hab Problem mit meinem IE, gehen dauernd Seiten auf.
    Log-Analyse und Auswertung - 05.06.2006 (2)
  17. seiten gehen nicht mehr auf.. bitte um hilfe
    Log-Analyse und Auswertung - 13.01.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema unerwünschte Seiten gehen beim surfen auf - Hallo,bitte um eure Mitthilfe: Bei surfen mit google gehen dauernd seiten oder werbung auf ,das nervt ohne ende weiss nicht wie ich den Mist wieder loskriege...eventuell über Malware oder wie? - unerwünschte Seiten gehen beim surfen auf...
Archiv
Du betrachtest: unerwünschte Seiten gehen beim surfen auf auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129