Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.10.2014, 22:43   #1
yussi28
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



hi,

versuche schon seit einigen Wochen erfolglos mystartsearch zu deinstallieren.
Kann mir da jemand weiterhelfen, habe da noch ein logfile angehängt (malware)

gruß yussi28

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 19.10.2014
Suchlauf-Zeit: 23:32:31
Logdatei: malware.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.10.17.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Yusuf2

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 410611
Verstrichene Zeit: 16 Min, 45 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 15
PUP.Optional.SweetPacks, HKU\S-1-5-21-441663326-3335054071-3486475473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [96b322dd1d5df2441a51ea5712f07d83], 
PUP.Optional.SweetPacks, HKU\S-1-5-21-441663326-3335054071-3486475473-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [96b322dd1d5df2441a51ea5712f07d83], 
PUP.Optional.SweetPacks, HKU\S-1-5-21-441663326-3335054071-3486475473-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [96b322dd1d5df2441a51ea5712f07d83], 
PUP.Optional.SweetPacks, HKU\S-1-5-21-441663326-3335054071-3486475473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [96b322dd1d5df2441a51ea5712f07d83], 
PUP.Optional.SweetPacks, HKU\S-1-5-21-441663326-3335054071-3486475473-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [96b322dd1d5df2441a51ea5712f07d83], 
PUP.Optional.SweetPacks, HKU\S-1-5-21-441663326-3335054071-3486475473-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [96b322dd1d5df2441a51ea5712f07d83], 
PUP.Optional.Delta.A, HKU\S-1-5-21-441663326-3335054071-3486475473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, , [f45533cc601a4de955ae7ef5c14109f7], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-441663326-3335054071-3486475473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [7fca7b84a9d18da976fa155ee41e34cc], 
PUP.Optional.SeeSimilar, HKU\S-1-5-21-441663326-3335054071-3486475473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F225A2E3-8EE1-4204-B7A0-F4C551578A87}, , [64e52ed15a201b1b80eb7af9a45ec63a], 
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-1.2, , [5bee2dd2b5c5bb7bc0fd117e32d01be5], 
PUP.Optional.DealPly.A, HKU\S-1-5-21-441663326-3335054071-3486475473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPlyLive, , [f554b44bef8bb08614247636877cec14], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-441663326-3335054071-3486475473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, , [a2a7fb0457236cca056e0a8bd9296e92], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-441663326-3335054071-3486475473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, , [4efb22dd5e1cd95dc3fabaf148bb639d], 
PUP.Optional.PriceGong.A, HKU\S-1-5-21-441663326-3335054071-3486475473-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [2d1cb54a453564d22e73dbb32fd30bf5], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-441663326-3335054071-3486475473-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, , [de6b659a85f56dc9af0e0c9f15ee8779], 

Registrierungswerte: 3
Trojan.ZbotR.Gen, HKU\S-1-5-21-441663326-3335054071-3486475473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|{1CA76D26-B393-82F4-B5C1-160F5BF36743}, C:\Users\Yusuf\AppData\Roaming\Igza\amlug.exe, , [d277fc030575e254e3b4acb8ad569868]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-441663326-3335054071-3486475473-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {2890C51F-3ACF-41A7-808D-E13A15DF5058}, , [4efb22dd5e1cd95dc3fabaf148bb639d]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-441663326-3335054071-3486475473-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {2890C51F-3ACF-41A7-808D-E13A15DF5058}, , [de6b659a85f56dc9af0e0c9f15ee8779]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 4
PUP.Optional.Conduit.A, C:\Users\Yusuf2\AppData\Local\Temp\ct2269050, , [a4a59e61c4b6bf776c9843447d8554ac], 
PUP.Optional.Conduit.A, C:\Users\Yusuf2\AppData\Local\Temp\ct2625848, , [dd6cf10eef8b979f9f6547409a68e818], 
PUP.Optional.FlashEnhancer.A, C:\Users\Yusuf2\AppData\Local\Temp\flashEnhancer1, , [e26799667a007cba692c8dfd19e944bc], 
PUP.Optional.FlashEnhancer.A, C:\Users\Yusuf2\AppData\Local\Temp\flashEnhancer1\Install, , [e26799667a007cba692c8dfd19e944bc], 

Dateien: 25
PUP.Optional.OpenCandy, C:\Users\Yusuf2\Desktop\FreeYouTubeDownload.exe, , [53f6a25d6b0f2313ae6282cd32cf8080], 
PUP.Optional.OpenCandy, C:\$Recycle.Bin\S-1-5-21-441663326-3335054071-3486475473-1004\$RJ4VGV3.exe, , [74d56c93710992a40c04410ef9086b95], 
PUP.Optional.OpenCandy, C:\$Recycle.Bin\S-1-5-21-441663326-3335054071-3486475473-1004\$RS5OM0U.exe, , [5aef38c7adcd93a3a16f92bd1ce54fb1], 
PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-441663326-3335054071-3486475473-1012\$R9UZ050.exe, , [8fba9b64bcbe63d3e5cc5e31d72ab64a], 
PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-441663326-3335054071-3486475473-1012\$RO1PAH9.exe, , [c782976897e32115f3be99f6f809c040], 
PUP.Optional.BundleInstaller.A, C:\Users\Yusuf2\AppData\Local\Temp\parent.txt, , [ee5ba45b3c3ea096b3c8cabd0ef30ff1], 
PUP.Optional.OpenCandy, C:\Users\Yusuf2\AppData\Local\Temp\tmp9061.exe, , [2f1afb0477036dc9b15f69e6af52a858], 
PUP.Optional.SmartBar.A, C:\Users\Yusuf2\AppData\Local\Temp\1965\12023.msi, , [4603837c631715215a6444317c84e11f], 
PUP.Optional.OpenCandy, C:\Users\Yusuf2\AppData\Local\Temp\is-L4B5N.tmp\OCSetupHlp.dll, , [18311be414668caa07df9ab7c044cb35], 
PUP.Optional.Amonetize.A, C:\Users\Yusuf2\AppData\Local\Temp\flashEnhancer1\Install\flashEnhancerInstaller.exe, , [202937c8126880b6f9bbabd141bf01ff], 
PUP.Optional.NationZoom.A, C:\Users\Yusuf2\AppData\Local\Temp\fullpackage_temp1388533078\Baofeng.exe, , [0445d22d80fa35014a0781fa3dc3bb45], 
PUP.Optional.BundleInstaller.A, C:\Users\Yusuf2\AppData\Local\Temp\73a68f36-e5c5-407c-9b23-3dfc70fa6a9c0\parent.txt, , [b29749b6e09a53e32457ceb910f16d93], 
PUP.Optional.OneClickDownloader.A, C:\Users\Hüsna.Yusuf-PC\Downloads\HDvid-codec-Chrome.exe, , [19302fd0116943f3995e9ab9c140e020], 
MSIL.Solimba, C:\Users\Yusuf\Downloads\Plugin.exe, , [a7a286794733e6509dfe85d925dc60a0], 
PUP.Optional.DomaIQ, C:\Users\Yusuf\Downloads\Setup.exe, , [82c76a95e298e452eac86ef9966b0ff1], 
PUP.Optional.BundleInstaller.A, C:\Users\Yusuf2\Downloads\Java(1).exe, , [3118708fe199e353aaa888f3cc343cc4], 
PUP.Optional.BundleInstaller.A, C:\Users\Yusuf2\Downloads\Java(2).exe, , [75d48b74700a90a676dc8fece7192cd4], 
PUP.Optional.BundleInstaller.A, C:\Users\Yusuf2\Downloads\Java.exe, , [1435d12e8bef1f1774de661518e87789], 
PUP.Optional.Softonic, C:\Users\Yusuf2\Downloads\SoftonicDownloader_for_video-performer.exe, , [193010efcab0e551bae9b096b74a7f81], 
PUP.Optional.OpenCandy, C:\Users\Yusuf2\Downloads\DTLite4471-0333.exe, , [6bde7b84ff7bfd39ffe75ff2a163a25e], 
PUP.Optional.SweetIM, C:\Windows\Installer\78f55a1.msi, , [272201fed9a1ad89b2c52b26f50f01ff], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSI1E12.tmp, , [2c1d4fb0adcdf64059a6fd7e9f6121df], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSI10E5.tmp-\Smartbar.Installer.CustomActions.dll, , [2d1cf8071565f24416e9e7947789df21], 
PUP.Optional.SmartBar, C:\Windows\Installer\MSI1E12.tmp-\Smartbar.Installer.CustomActions.dll, , [ba8fa55a5a2012247f80b0cb0df3b44c], 
PUP.Optional.FlashEnhancer.A, C:\Users\Yusuf2\AppData\Local\Temp\flashEnhancer1\Install\Lightspark-0.5.3-win32.exe, , [e26799667a007cba692c8dfd19e944bc], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Alt 20.10.2014, 23:21   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 20.10.2014, 23:41   #3
yussi28
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



Habe keine weiteren logs, hier die beiden logs von FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-10-2014 01
Ran by Yusuf2 (administrator) on YUSUF-PC on 20-10-2014 23:34:52
Running from C:\Users\Yusuf2\Downloads
Loaded Profile: Yusuf2 (Available profiles: Yusuf2 & Gast2 & UpdatusUser & Hüsna & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxducoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
(Akamai Technologies, Inc.) C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Akamai Technologies, Inc.) C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-02] (Realtek Semiconductor)
HKLM\...\Run: [lxdumon.exe] => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe [676520 2008-09-10] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-13] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [Lexmark 5600-6600 Series] => C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe [311976 2008-09-10] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [mbot_de_107] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [] => [X]
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-09-20] (Google Inc.)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [Akamai NetSession Interface] => C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\MountPoints2: {251e21db-3127-11e3-84eb-90fba62e9fb3} - I:\SETUP.EXE
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\MountPoints2: {6ccbf6b6-dc1e-11df-83de-90fba62e9fb3} - J:\LaunchU3.exe -a
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Gast2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (No File)
Startup: C:\Users\Hüsna.Yusuf-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RC.lnk
ShortcutTarget: RC.lnk -> C:\Program Files (x86)\C&E\DTV\RC.exe (Computer & Entertainment, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
GroupPolicyUsers\S-1-5-21-441663326-3335054071-3486475473-1010\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lexmark Symbolleiste -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Lexmark  -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0-rc2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-19]
FF Extension: Adblock Plus - C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync [2011-03-16]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-06-05]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-06-05]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-19]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{6339663B-F26F-4FE3-B813-0E1DEC4ED976}\Installer\InstallerService.exe [119296 2011-06-05] () [File not signed]
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [33960 2008-05-23] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1040552 2008-05-23] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [594600 2008-05-23] ( )
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-16] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-10-09] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 23:34 - 2014-10-20 23:35 - 00021654 _____ () C:\Users\Yusuf2\Downloads\FRST.txt
2014-10-20 23:33 - 2014-10-20 23:34 - 00000000 ____D () C:\FRST
2014-10-20 23:33 - 2014-10-20 23:33 - 02110976 _____ (Farbar) C:\Users\Yusuf2\Downloads\FRST64.exe
2014-10-20 22:15 - 2014-10-20 22:15 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Yusuf2\Downloads\sc-cleaner.exe
2014-10-20 22:15 - 2014-10-20 22:15 - 00001802 _____ () C:\sc-cleaner.txt
2014-10-20 22:12 - 2014-10-20 22:12 - 00001475 _____ () C:\Users\Yusuf2\Desktop\JRT.txt
2014-10-20 22:09 - 2014-10-20 22:09 - 00000000 ____D () C:\Windows\ERUNT
2014-10-20 22:07 - 2014-10-20 22:08 - 01705698 _____ (Thisisu) C:\Users\Yusuf2\Downloads\JRT.exe
2014-10-20 17:27 - 2014-10-20 17:27 - 00008636 _____ () C:\Users\Yusuf2\Desktop\malware2.txt
2014-10-20 17:23 - 2014-10-20 17:23 - 00008647 _____ () C:\Users\Yusuf2\Desktop\malware.txt
2014-10-19 23:17 - 2014-10-20 22:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-19 23:17 - 2014-10-19 23:17 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-19 23:17 - 2014-10-19 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-19 23:17 - 2014-10-19 23:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-19 23:17 - 2014-10-19 23:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-19 23:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-19 23:17 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-19 23:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-19 23:16 - 2014-10-19 23:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Yusuf2\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-19 22:36 - 2014-10-20 21:51 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-10-19 22:36 - 2014-10-19 22:36 - 04892480 _____ (WinZip International LLC ) C:\Users\Yusuf2\Desktop\wzmp_8.exe
2014-10-19 22:36 - 2014-10-19 22:36 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Nico Mak Computing
2014-10-19 22:36 - 2014-10-19 22:36 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-10-19 22:36 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-10-19 21:25 - 2014-10-19 21:25 - 00001440 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-10-19 21:25 - 2014-10-19 21:25 - 00001243 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-10-19 21:25 - 2014-10-19 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-10-19 21:25 - 2014-10-19 21:25 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-19 20:52 - 2014-10-19 20:52 - 00000000 ____D () C:\Users\Yusuf2\Documents\YouTube Downloader Suite
2014-10-19 20:52 - 2014-10-19 20:52 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Apowersoft
2014-10-17 23:11 - 2014-10-17 23:11 - 00001030 _____ () C:\Users\Public\Desktop\FLV Player.lnk
2014-10-17 23:11 - 2014-10-17 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-10-17 23:11 - 2014-10-17 23:11 - 00000000 ____D () C:\Program Files (x86)\FLV Player
2014-10-17 23:05 - 2014-10-17 23:05 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-17 23:05 - 2014-10-17 23:05 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-17 19:05 - 2014-10-17 19:05 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-17 19:05 - 2014-10-17 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 22:08 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 22:08 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-16 22:08 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-16 22:08 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 22:08 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 22:08 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 22:08 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 22:07 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 22:07 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 22:07 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 22:07 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 22:07 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 22:07 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 22:07 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 22:07 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 22:07 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 22:07 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 22:07 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 22:07 - 2014-09-20 04:43 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-16 22:07 - 2014-09-20 04:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-16 22:07 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 22:07 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 22:07 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 22:07 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 22:07 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 22:07 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 22:07 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 22:07 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 21:50 - 2014-10-16 21:50 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-29 21:27 - 2014-09-29 21:27 - 00244408 _____ () C:\Users\Yusuf2\Desktop\Firefox Setup Stub 32.0.3.exe
2014-09-26 14:17 - 2014-09-26 14:17 - 00003158 _____ () C:\Windows\System32\Tasks\{2D8B4FF0-CC8D-4082-BDCD-81A39CF1B3D4}
2014-09-26 14:11 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-26 14:11 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-26 13:35 - 2014-09-26 13:35 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\com
2014-09-25 19:51 - 2014-09-26 14:16 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\mystartsearch
2014-09-25 19:23 - 2014-09-26 14:12 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Opera Software
2014-09-25 19:23 - 2014-09-26 14:12 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Opera Software
2014-09-25 10:02 - 2014-09-29 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 14:17 - 2014-09-23 14:17 - 00695808 _____ () C:\ProgramData\SPL3A35.tmp
2014-09-23 13:59 - 2014-09-23 13:59 - 00070568 _____ () C:\Users\Hüsna.Yusuf-PC\Downloads\Entschuldigungsformular 05_13.swf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 22:45 - 2011-01-03 19:27 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-20 22:39 - 2013-06-28 23:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-20 22:10 - 2009-07-14 06:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-20 22:10 - 2009-07-14 06:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-20 22:08 - 2007-10-10 13:06 - 01822616 _____ () C:\Windows\WindowsUpdate.log
2014-10-20 22:04 - 2011-01-03 19:27 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-20 22:01 - 2014-01-03 23:45 - 00000000 ____D () C:\AdwCleaner
2014-10-20 22:01 - 2009-11-26 19:58 - 01153786 _____ () C:\Windows\PFRO.log
2014-10-20 22:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-20 22:01 - 2009-07-14 06:51 - 00165292 _____ () C:\Windows\setupact.log
2014-10-20 22:01 - 2007-10-10 13:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-20 21:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Performance
2014-10-20 00:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-19 21:25 - 2012-01-26 14:14 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\DVDVideoSoft
2014-10-19 21:25 - 2012-01-26 14:13 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Youtube
2014-10-19 20:40 - 2011-01-03 19:27 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 20:40 - 2011-01-03 19:27 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 23:05 - 2014-09-03 11:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-17 23:05 - 2014-09-03 11:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-17 23:05 - 2013-11-11 21:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 23:05 - 2010-05-17 18:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-17 22:56 - 2011-01-03 19:27 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Google
2014-10-17 19:08 - 2013-06-28 23:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-17 19:08 - 2013-06-28 23:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-17 19:08 - 2013-06-28 23:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-17 19:06 - 2014-07-06 14:01 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Adobe
2014-10-17 19:05 - 2009-11-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-17 14:00 - 2009-07-14 06:45 - 00465288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 23:52 - 2013-08-16 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 23:41 - 2010-04-26 22:17 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 22:48 - 2014-01-02 21:09 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Programme shortcuts
2014-10-16 21:50 - 2014-08-07 14:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-16 21:50 - 2013-06-25 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-16 21:50 - 2013-06-25 15:10 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-16 21:48 - 2013-06-25 15:11 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-16 21:48 - 2013-06-25 15:10 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-16 21:48 - 2013-06-25 15:10 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-01 00:29 - 2012-03-26 12:07 - 00000000 ____D () C:\Users\Yusuf2\Desktop\PDF
2014-09-30 18:21 - 2014-01-06 14:30 - 00000000 ____D () C:\Users\Hüsna.Yusuf-PC\Desktop\Handy
2014-09-29 20:51 - 2011-01-03 15:30 - 00000000 ____D () C:\Users\Yusuf2
2014-09-29 20:22 - 2011-01-03 16:30 - 00001154 _____ () C:\Users\Yusuf2\Desktop\Internet Explorer.lnk
2014-09-29 20:20 - 2009-11-26 19:56 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-29 20:20 - 2009-11-26 19:56 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-26 14:00 - 2010-05-11 22:25 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-09-25 19:13 - 2013-10-09 23:31 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-25 19:01 - 2011-07-29 01:00 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Verein
2014-09-20 17:28 - 2014-06-11 15:16 - 00000000 ____D () C:\Users\Hüsna.Yusuf-PC\Desktop\London 2014
2014-09-20 17:23 - 2014-01-06 14:31 - 00000000 ____D () C:\Users\Hüsna.Yusuf-PC\AppData\Roaming\vlc

Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\msg5CF0.exe
C:\Users\Gast\AppData\Local\Temp\msg7C61.exe
C:\Users\Gast2\AppData\Local\Temp\contentDATs.exe
C:\Users\Gast2\AppData\Local\Temp\msg41B3.exe
C:\Users\Gast2\AppData\Local\Temp\msgF96E.exe
C:\Users\Hüsna.Yusuf-PC\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf\AppData\Local\Temp\AskSLib.dll
C:\Users\Yusuf\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Yusuf\AppData\Local\Temp\msgBA78.exe
C:\Users\Yusuf\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Yusuf2\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf2\AppData\Local\Temp\BackupSetup.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\Quarantine.exe
C:\Users\Yusuf2\AppData\Local\Temp\SpOrder.dll
C:\Users\Yusuf2\AppData\Local\Temp\sqlite3.dll
C:\Users\Yusuf2\AppData\Local\Temp\uninst1.exe
C:\Users\Yusuf2\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Yusuf2\AppData\Local\Temp\wgapeuvubjtcez.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-20 00:27

==================== End Of Log ============================
         
--- --- ---



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2014 01
Ran by Yusuf2 at 2014-10-20 23:35:48
Running from C:\Users\Yusuf2\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AAA Logo 3.10 Free Trial (HKLM-x32\...\AAA Logo Free Trial_is1) (Version:  - SWGSoft.com)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.2.7110 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.2.7110 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.2.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
calibre (HKLM-x32\...\{B652DD9C-F162-4B40-B38F-A1D0F866CAFA}) (Version: 0.9.41 - Kovid Goyal)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DTV 1.3 (HKLM-x32\...\DTV_1.0) (Version: 1.3 - C&E)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2565057) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2565057) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Lexmark  (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )
Lexmark 5600-6600 Series (HKLM\...\Lexmark 5600-6600 Series) (Version:  - Lexmark International, Inc.)
Lexmark Symbolleiste (HKLM-x32\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.0.53.0 - )
Lexmark Tools for Office (HKLM-x32\...\{10812DE7-2E57-4740-B226-6B3BE34AF9D7}) (Version: 1.24.0.0 - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ATTENTION
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{9d5299f9-f94e-43ed-9632-a5e045b51f7d}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.11.208 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{25CFEF55-A945-41FC-86ED-76469F31DF37}) (Version: 7.1.41.0 - Nokia)
Nokia Ovi Suite (HKLM-x32\...\Nokia Ovi Suite) (Version: 3.1.0.91 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.0.91 - Nokia) Hidden
Nokia Ovi Suite Software Updater (HKLM-x32\...\{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}) (Version: 02.07.004.45780 - Nokia Corporation)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.60.0 - Nokia)
Nokia PC Suite (x32 Version: 7.1.60.0 - Nokia) Hidden
Nokia Software Updater (HKLM-x32\...\{4D568C38-0552-4CDD-A643-01FAFA2957EF}) (Version: 02.06.006.44298 - Nokia Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Ovi Desktop Sync Engine (x32 Version: 1.5.257.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.66.0 - Nokia) Hidden
PC Connectivity Solution (HKLM-x32\...\{3DE96337-68D2-48E0-A863-6E4A5CD3BC25}) (Version: 11.4.16.0 - Nokia)
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.0.0 - Frank Heindörfer, Philip Chinery)
pdfsam (HKLM-x32\...\pdfsam) (Version: 2.2.1 - )
PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.201.0 - Tracker Software Products Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5930 - Realtek Semiconductor Corp.)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SIW version 2010.03.10 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.03.10 - Topala Software Solutions)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.0-rc2 (HKLM\...\VLC media player) (Version: 2.1.0-rc2 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.8) (HKLM\...\E5372C32E8562C76C24DBA6525002B1031495F34) (Version: 06/09/2010 7.01.0.8 - Nokia)
Windows-Treiberpaket - Nokia Modem  (10/07/2010 4.6) (HKLM\...\6DA48AFDE796708D5A4C9121A83E7617A63A9A15) (Version: 10/07/2010 4.6 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

29-09-2014 20:37:33 Geplanter Prüfpunkt
30-09-2014 22:44:31 Windows Update
16-10-2014 19:55:02 Windows-Sicherung
16-10-2014 21:39:20 Windows Update
17-10-2014 21:03:51 Installed Java 7 Update 71
19-10-2014 18:40:12 Windows-Sicherung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {098A1C2B-6A82-4610-B395-FFB0783AA69C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {4A593338-E60D-4FA3-B5CE-60E942388728} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe [2008-09-10] ()
Task: {6F440FB9-4376-448D-ACF1-7E1E3FB9D8A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {7209BDD2-1013-49BD-BDAE-E9C58156B4D1} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd [2009-08-29] ()
Task: {78C441E7-71BF-4720-B9F0-332326DD5D9E} - System32\Tasks\{A61CBFD5-3AF2-4E86-8DAB-2FFEF4700114} => C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [2011-01-17] (OpenOffice.org)
Task: {9D59A5C7-4577-4778-B645-8178601C7253} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {BE9E97C6-3061-43DF-BA80-55177563BDCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {BFBECC0E-B1D2-43DD-ABEB-97F8960A76EB} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
Task: {F2C51F4F-203B-4A18-A729-10A02E8F7158} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {F78DCCDC-2410-42EF-A57A-FA69C3C911A0} - System32\Tasks\Egis technology-Online-Aktualisierungsprogramm => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04] (Egis Technology Inc.)
Task: {FDA8D6FE-375A-4398-8E63-4D8B8E65B4B2} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-05-11 22:21 - 2008-05-01 02:44 - 00045568 _____ () C:\Windows\System32\LXDUPMON.DLL
2010-05-11 22:21 - 2008-09-10 11:43 - 00086016 _____ () C:\Windows\System32\LXDUOEM.DLL
2010-05-11 22:21 - 2008-09-10 11:41 - 00081408 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\ipcmt64.dll
2010-05-28 21:33 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-05-11 22:24 - 2008-05-23 14:17 - 00147456 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdudrpp.dll
2012-11-18 00:27 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2010-05-11 22:19 - 2008-09-10 13:11 - 00676520 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
2009-08-18 09:27 - 2009-08-18 09:27 - 00629280 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2010-05-11 22:19 - 2008-09-10 11:56 - 00380928 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll
2010-05-11 22:19 - 2008-05-23 14:02 - 00188416 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll
2010-05-11 22:19 - 2008-05-23 14:02 - 00073728 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducats.dll
2010-05-11 22:19 - 2008-09-10 11:56 - 01036288 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduDRS.dll
2010-05-11 22:19 - 2008-09-10 11:56 - 00081920 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll
2010-05-11 22:19 - 2008-09-10 11:40 - 00069632 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll
2009-08-18 09:31 - 2009-08-18 09:31 - 00163840 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2014-09-29 21:32 - 2014-09-24 07:09 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-17 19:05 - 2014-10-17 19:05 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:444C53BA
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: lxduamon => "C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe"
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray                                                                                                                                                                                                     
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun                                                                                                                                                                                                        
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

========================= Accounts: ==========================

Administrator (S-1-5-21-441663326-3335054071-3486475473-500 - Administrator - Disabled)
Gast (S-1-5-21-441663326-3335054071-3486475473-501 - Limited - Disabled) => C:\Users\Gast
Gast2 (S-1-5-21-441663326-3335054071-3486475473-1010 - Limited - Enabled) => C:\Users\Gast2
HomeGroupUser$ (S-1-5-21-441663326-3335054071-3486475473-1002 - Limited - Enabled)
Hüsna (S-1-5-21-441663326-3335054071-3486475473-1012 - Limited - Enabled) => C:\Users\Hüsna.Yusuf-PC
UpdatusUser (S-1-5-21-441663326-3335054071-3486475473-1011 - Limited - Enabled) => C:\Users\UpdatusUser
Yusuf2 (S-1-5-21-441663326-3335054071-3486475473-1004 - Administrator - Enabled) => C:\Users\Yusuf2

==================== Faulty Device Manager Devices =============

Name: avipbb
Description: avipbb
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avipbb
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HTTP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (10/20/2014 11:33:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/20/2014 11:23:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/20/2014 11:13:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/20/2014 11:03:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/20/2014 10:53:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/20/2014 10:43:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/20/2014 10:33:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/20/2014 10:23:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/20/2014 10:13:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-09-25 19:56:16.954
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:56:16.361
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:56:15.966
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:56:15.521
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:55:47.505
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:55:47.139
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:55:46.774
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:55:46.371
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 48%
Total physical RAM: 3959.09 MB
Available physical RAM: 2045.38 MB
Total Pagefile: 7916.37 MB
Available Pagefile: 5424.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:458.87 GB) (Free:303.24 GB) NTFS
Drive d: (Data) (Fixed) (Total:458.87 GB) (Free:458.76 GB) NTFS
Drive i: (15.0.4420.1017) (CDROM) (Total:0.76 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F467897B)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 21.10.2014, 00:23   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



Adware/Junkware/Toolbars entfernen

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Alt 21.10.2014, 12:14   #5
yussi28
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



Hi cosinus,

habe alte adwcleaner gelöscht, alle 3 programme neu installiert; hier die logs:

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.000 - Bericht erstellt am 21/10/2014 um 11:58:32
# DB v201.19
# Aktualisiert 12/10/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Yusuf2 - YUSUF-PC
# Gestartet von : C:\Users\Yusuf2\Downloads\AdwCleaner_4.000.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Yusuf2\AppData\Roaming\mystartsearch

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.17116


-\\ Mozilla Firefox v32.0.3 (x86 de)


-\\ Google Chrome v35.0.1916.114


*************************

AdwCleaner[R0].txt - [53715 octets] - [03/01/2014 23:45:28]
AdwCleaner[R1].txt - [35502 octets] - [29/09/2014 20:44:39]
AdwCleaner[R2].txt - [3150 octets] - [20/10/2014 21:58:19]
AdwCleaner[R3].txt - [1534 octets] - [21/10/2014 11:54:47]
AdwCleaner[S0].txt - [50279 octets] - [03/01/2014 23:46:52]
AdwCleaner[S1].txt - [32638 octets] - [29/09/2014 20:51:05]
AdwCleaner[S2].txt - [2956 octets] - [20/10/2014 22:00:58]
AdwCleaner[S3].txt - [1439 octets] - [21/10/2014 11:58:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1499 octets] ##########
         
--- --- ---

JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Home Premium x64
Ran by Yusuf2 on 21.10.2014 at 12:02:40,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.10.2014 at 12:05:44,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Yusuf2 (administrator) on YUSUF-PC on 21-10-2014 12:08:24
Running from C:\Users\Yusuf2\Downloads
Loaded Profile: Yusuf2 (Available profiles: Yusuf2 & Gast2 & UpdatusUser & Hüsna & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxducoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
(Akamai Technologies, Inc.) C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Akamai Technologies, Inc.) C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Yusuf2\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-02] (Realtek Semiconductor)
HKLM\...\Run: [lxdumon.exe] => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe [676520 2008-09-10] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-13] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [Lexmark 5600-6600 Series] => C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe [311976 2008-09-10] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [mbot_de_107] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [] => [X]
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-09-20] (Google Inc.)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [Akamai NetSession Interface] => C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\MountPoints2: {251e21db-3127-11e3-84eb-90fba62e9fb3} - I:\SETUP.EXE
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\MountPoints2: {6ccbf6b6-dc1e-11df-83de-90fba62e9fb3} - J:\LaunchU3.exe -a
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Gast2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (No File)
Startup: C:\Users\Hüsna.Yusuf-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RC.lnk
ShortcutTarget: RC.lnk -> C:\Program Files (x86)\C&E\DTV\RC.exe (Computer & Entertainment, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
GroupPolicyUsers\S-1-5-21-441663326-3335054071-3486475473-1010\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lexmark Symbolleiste -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Lexmark  -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0-rc2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Adblock Plus - C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync [2011-03-16]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-06-05]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-06-05]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{6339663B-F26F-4FE3-B813-0E1DEC4ED976}\Installer\InstallerService.exe [119296 2011-06-05] () [File not signed]
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [33960 2008-05-23] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1040552 2008-05-23] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [594600 2008-05-23] ( )
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-16] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-10-09] (DT Soft Ltd)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 12:07 - 2014-10-21 12:07 - 02110976 _____ (Farbar) C:\Users\Yusuf2\Downloads\FRST64(1).exe
2014-10-21 12:05 - 2014-10-21 12:05 - 00000626 _____ () C:\Users\Yusuf2\Desktop\JRT.txt
2014-10-21 12:02 - 2014-10-21 12:02 - 01705698 _____ (Thisisu) C:\Users\Yusuf2\Downloads\JRT(1).exe
2014-10-21 12:00 - 2014-10-21 12:00 - 00001587 _____ () C:\Users\Yusuf2\Desktop\AdwCleaner[S3].txt
2014-10-21 11:52 - 2014-10-21 11:52 - 01976320 _____ () C:\Users\Yusuf2\Downloads\AdwCleaner_4.000.exe
2014-10-21 00:03 - 2014-10-21 11:44 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Trojaner Board 2014
2014-10-20 23:35 - 2014-10-20 23:36 - 00033723 _____ () C:\Users\Yusuf2\Downloads\Addition.txt
2014-10-20 23:34 - 2014-10-21 12:08 - 00020276 _____ () C:\Users\Yusuf2\Downloads\FRST.txt
2014-10-20 23:33 - 2014-10-21 12:08 - 00000000 ____D () C:\FRST
2014-10-20 23:33 - 2014-10-20 23:33 - 02110976 _____ (Farbar) C:\Users\Yusuf2\Downloads\FRST64.exe
2014-10-20 22:15 - 2014-10-20 22:15 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Yusuf2\Downloads\sc-cleaner.exe
2014-10-20 22:15 - 2014-10-20 22:15 - 00001802 _____ () C:\sc-cleaner.txt
2014-10-20 22:09 - 2014-10-20 22:09 - 00000000 ____D () C:\Windows\ERUNT
2014-10-20 22:07 - 2014-10-20 22:08 - 01705698 _____ (Thisisu) C:\Users\Yusuf2\Downloads\JRT.exe
2014-10-19 23:17 - 2014-10-19 23:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-19 23:16 - 2014-10-19 23:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Yusuf2\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-19 22:36 - 2014-10-20 21:51 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-10-19 22:36 - 2014-10-19 22:36 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Nico Mak Computing
2014-10-19 22:36 - 2014-10-19 22:36 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-10-19 22:36 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-10-19 20:52 - 2014-10-19 20:52 - 00000000 ____D () C:\Users\Yusuf2\Documents\YouTube Downloader Suite
2014-10-19 20:52 - 2014-10-19 20:52 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Apowersoft
2014-10-17 23:11 - 2014-10-17 23:11 - 00001030 _____ () C:\Users\Public\Desktop\FLV Player.lnk
2014-10-17 23:11 - 2014-10-17 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-10-17 23:11 - 2014-10-17 23:11 - 00000000 ____D () C:\Program Files (x86)\FLV Player
2014-10-17 23:05 - 2014-10-17 23:05 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-17 23:05 - 2014-10-17 23:05 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-17 19:05 - 2014-10-17 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 22:08 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 22:08 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-16 22:08 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-16 22:08 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 22:08 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 22:08 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 22:08 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 22:07 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 22:07 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 22:07 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 22:07 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 22:07 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 22:07 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 22:07 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 22:07 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 22:07 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 22:07 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 22:07 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 22:07 - 2014-09-20 04:43 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-16 22:07 - 2014-09-20 04:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-16 22:07 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 22:07 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 22:07 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 22:07 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 22:07 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 22:07 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 22:07 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 22:07 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 21:50 - 2014-10-16 21:50 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-29 21:27 - 2014-09-29 21:27 - 00244408 _____ () C:\Users\Yusuf2\Desktop\Firefox Setup Stub 32.0.3.exe
2014-09-26 14:17 - 2014-09-26 14:17 - 00003158 _____ () C:\Windows\System32\Tasks\{2D8B4FF0-CC8D-4082-BDCD-81A39CF1B3D4}
2014-09-26 14:11 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-26 14:11 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-26 13:35 - 2014-09-26 13:35 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\com
2014-09-25 19:23 - 2014-09-26 14:12 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Opera Software
2014-09-25 19:23 - 2014-09-26 14:12 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Opera Software
2014-09-25 10:02 - 2014-09-29 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 14:17 - 2014-09-23 14:17 - 00695808 _____ () C:\ProgramData\SPL3A35.tmp
2014-09-23 13:59 - 2014-09-23 13:59 - 00070568 _____ () C:\Users\Hüsna.Yusuf-PC\Downloads\Entschuldigungsformular 05_13.swf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 12:07 - 2009-07-14 06:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-21 12:07 - 2009-07-14 06:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-21 11:59 - 2011-01-03 19:27 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 11:59 - 2009-11-26 19:58 - 01155754 _____ () C:\Windows\PFRO.log
2014-10-21 11:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-21 11:59 - 2009-07-14 06:51 - 00165460 _____ () C:\Windows\setupact.log
2014-10-21 11:59 - 2007-10-10 13:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-21 11:58 - 2014-01-03 23:45 - 00000000 ____D () C:\AdwCleaner
2014-10-21 11:58 - 2007-10-10 13:06 - 01858277 _____ () C:\Windows\WindowsUpdate.log
2014-10-21 11:46 - 2012-01-26 14:14 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\DVDVideoSoft
2014-10-21 11:45 - 2011-01-03 19:27 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-21 11:39 - 2013-06-28 23:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-21 00:03 - 2011-10-19 13:02 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Yusuf
2014-10-21 00:03 - 2011-10-19 13:01 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Abdullah
2014-10-21 00:03 - 2011-03-10 00:54 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Hüsna
2014-10-20 21:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Performance
2014-10-20 00:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-19 21:25 - 2012-01-26 14:13 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Youtube
2014-10-19 20:40 - 2011-01-03 19:27 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 20:40 - 2011-01-03 19:27 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 23:05 - 2014-09-03 11:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-17 23:05 - 2014-09-03 11:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-17 23:05 - 2013-11-11 21:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 23:05 - 2010-05-17 18:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-17 22:56 - 2011-01-03 19:27 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Google
2014-10-17 19:08 - 2013-06-28 23:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-17 19:08 - 2013-06-28 23:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-17 19:08 - 2013-06-28 23:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-17 19:06 - 2014-07-06 14:01 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Adobe
2014-10-17 19:05 - 2009-11-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-17 14:00 - 2009-07-14 06:45 - 00465288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 23:52 - 2013-08-16 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 23:41 - 2010-04-26 22:17 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 22:48 - 2014-01-02 21:09 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Programme shortcuts
2014-10-16 21:50 - 2014-08-07 14:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-16 21:50 - 2013-06-25 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-16 21:50 - 2013-06-25 15:10 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-16 21:48 - 2013-06-25 15:11 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-16 21:48 - 2013-06-25 15:10 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-16 21:48 - 2013-06-25 15:10 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-01 00:29 - 2012-03-26 12:07 - 00000000 ____D () C:\Users\Yusuf2\Desktop\PDF
2014-09-30 18:21 - 2014-01-06 14:30 - 00000000 ____D () C:\Users\Hüsna.Yusuf-PC\Desktop\Handy
2014-09-29 20:51 - 2011-01-03 15:30 - 00000000 ____D () C:\Users\Yusuf2
2014-09-29 20:22 - 2011-01-03 16:30 - 00001154 _____ () C:\Users\Yusuf2\Desktop\Internet Explorer.lnk
2014-09-29 20:20 - 2009-11-26 19:56 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-29 20:20 - 2009-11-26 19:56 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-26 14:00 - 2010-05-11 22:25 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-09-25 19:13 - 2013-10-09 23:31 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-25 19:01 - 2011-07-29 01:00 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Verein

Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\msg5CF0.exe
C:\Users\Gast\AppData\Local\Temp\msg7C61.exe
C:\Users\Gast2\AppData\Local\Temp\contentDATs.exe
C:\Users\Gast2\AppData\Local\Temp\msg41B3.exe
C:\Users\Gast2\AppData\Local\Temp\msgF96E.exe
C:\Users\Hüsna.Yusuf-PC\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf\AppData\Local\Temp\AskSLib.dll
C:\Users\Yusuf\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Yusuf\AppData\Local\Temp\msgBA78.exe
C:\Users\Yusuf\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Yusuf2\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf2\AppData\Local\Temp\BackupSetup.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\Quarantine.exe
C:\Users\Yusuf2\AppData\Local\Temp\SpOrder.dll
C:\Users\Yusuf2\AppData\Local\Temp\sqlite3.dll
C:\Users\Yusuf2\AppData\Local\Temp\uninst1.exe
C:\Users\Yusuf2\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Yusuf2\AppData\Local\Temp\wgapeuvubjtcez.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-20 00:27

==================== End Of Log ============================
         
--- --- ---

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Yusuf2 (administrator) on YUSUF-PC on 21-10-2014 12:08:24
Running from C:\Users\Yusuf2\Downloads
Loaded Profile: Yusuf2 (Available profiles: Yusuf2 & Gast2 & UpdatusUser & Hüsna & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxducoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
(Akamai Technologies, Inc.) C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Akamai Technologies, Inc.) C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Yusuf2\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-02] (Realtek Semiconductor)
HKLM\...\Run: [lxdumon.exe] => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe [676520 2008-09-10] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-13] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [Lexmark 5600-6600 Series] => C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe [311976 2008-09-10] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [mbot_de_107] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [] => [X]
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-09-20] (Google Inc.)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [Akamai NetSession Interface] => C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\MountPoints2: {251e21db-3127-11e3-84eb-90fba62e9fb3} - I:\SETUP.EXE
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\MountPoints2: {6ccbf6b6-dc1e-11df-83de-90fba62e9fb3} - J:\LaunchU3.exe -a
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Gast2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (No File)
Startup: C:\Users\Hüsna.Yusuf-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RC.lnk
ShortcutTarget: RC.lnk -> C:\Program Files (x86)\C&E\DTV\RC.exe (Computer & Entertainment, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
GroupPolicyUsers\S-1-5-21-441663326-3335054071-3486475473-1010\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lexmark Symbolleiste -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Lexmark  -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0-rc2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Adblock Plus - C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync [2011-03-16]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-06-05]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-06-05]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{6339663B-F26F-4FE3-B813-0E1DEC4ED976}\Installer\InstallerService.exe [119296 2011-06-05] () [File not signed]
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [33960 2008-05-23] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1040552 2008-05-23] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [594600 2008-05-23] ( )
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-16] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-10-09] (DT Soft Ltd)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 12:07 - 2014-10-21 12:07 - 02110976 _____ (Farbar) C:\Users\Yusuf2\Downloads\FRST64(1).exe
2014-10-21 12:05 - 2014-10-21 12:05 - 00000626 _____ () C:\Users\Yusuf2\Desktop\JRT.txt
2014-10-21 12:02 - 2014-10-21 12:02 - 01705698 _____ (Thisisu) C:\Users\Yusuf2\Downloads\JRT(1).exe
2014-10-21 12:00 - 2014-10-21 12:00 - 00001587 _____ () C:\Users\Yusuf2\Desktop\AdwCleaner[S3].txt
2014-10-21 11:52 - 2014-10-21 11:52 - 01976320 _____ () C:\Users\Yusuf2\Downloads\AdwCleaner_4.000.exe
2014-10-21 00:03 - 2014-10-21 11:44 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Trojaner Board 2014
2014-10-20 23:35 - 2014-10-20 23:36 - 00033723 _____ () C:\Users\Yusuf2\Downloads\Addition.txt
2014-10-20 23:34 - 2014-10-21 12:08 - 00020276 _____ () C:\Users\Yusuf2\Downloads\FRST.txt
2014-10-20 23:33 - 2014-10-21 12:08 - 00000000 ____D () C:\FRST
2014-10-20 23:33 - 2014-10-20 23:33 - 02110976 _____ (Farbar) C:\Users\Yusuf2\Downloads\FRST64.exe
2014-10-20 22:15 - 2014-10-20 22:15 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Yusuf2\Downloads\sc-cleaner.exe
2014-10-20 22:15 - 2014-10-20 22:15 - 00001802 _____ () C:\sc-cleaner.txt
2014-10-20 22:09 - 2014-10-20 22:09 - 00000000 ____D () C:\Windows\ERUNT
2014-10-20 22:07 - 2014-10-20 22:08 - 01705698 _____ (Thisisu) C:\Users\Yusuf2\Downloads\JRT.exe
2014-10-19 23:17 - 2014-10-19 23:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-19 23:16 - 2014-10-19 23:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Yusuf2\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-19 22:36 - 2014-10-20 21:51 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-10-19 22:36 - 2014-10-19 22:36 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Nico Mak Computing
2014-10-19 22:36 - 2014-10-19 22:36 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-10-19 22:36 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-10-19 20:52 - 2014-10-19 20:52 - 00000000 ____D () C:\Users\Yusuf2\Documents\YouTube Downloader Suite
2014-10-19 20:52 - 2014-10-19 20:52 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Apowersoft
2014-10-17 23:11 - 2014-10-17 23:11 - 00001030 _____ () C:\Users\Public\Desktop\FLV Player.lnk
2014-10-17 23:11 - 2014-10-17 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-10-17 23:11 - 2014-10-17 23:11 - 00000000 ____D () C:\Program Files (x86)\FLV Player
2014-10-17 23:05 - 2014-10-17 23:05 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-17 23:05 - 2014-10-17 23:05 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-17 19:05 - 2014-10-17 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 22:08 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 22:08 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-16 22:08 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-16 22:08 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 22:08 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 22:08 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 22:08 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 22:07 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 22:07 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 22:07 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 22:07 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 22:07 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 22:07 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 22:07 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 22:07 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 22:07 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 22:07 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 22:07 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 22:07 - 2014-09-20 04:43 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-16 22:07 - 2014-09-20 04:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-16 22:07 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 22:07 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 22:07 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 22:07 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 22:07 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 22:07 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 22:07 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 22:07 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 21:50 - 2014-10-16 21:50 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-29 21:27 - 2014-09-29 21:27 - 00244408 _____ () C:\Users\Yusuf2\Desktop\Firefox Setup Stub 32.0.3.exe
2014-09-26 14:17 - 2014-09-26 14:17 - 00003158 _____ () C:\Windows\System32\Tasks\{2D8B4FF0-CC8D-4082-BDCD-81A39CF1B3D4}
2014-09-26 14:11 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-26 14:11 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-26 13:35 - 2014-09-26 13:35 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\com
2014-09-25 19:23 - 2014-09-26 14:12 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Opera Software
2014-09-25 19:23 - 2014-09-26 14:12 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Opera Software
2014-09-25 10:02 - 2014-09-29 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 14:17 - 2014-09-23 14:17 - 00695808 _____ () C:\ProgramData\SPL3A35.tmp
2014-09-23 13:59 - 2014-09-23 13:59 - 00070568 _____ () C:\Users\Hüsna.Yusuf-PC\Downloads\Entschuldigungsformular 05_13.swf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 12:07 - 2009-07-14 06:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-21 12:07 - 2009-07-14 06:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-21 11:59 - 2011-01-03 19:27 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 11:59 - 2009-11-26 19:58 - 01155754 _____ () C:\Windows\PFRO.log
2014-10-21 11:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-21 11:59 - 2009-07-14 06:51 - 00165460 _____ () C:\Windows\setupact.log
2014-10-21 11:59 - 2007-10-10 13:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-21 11:58 - 2014-01-03 23:45 - 00000000 ____D () C:\AdwCleaner
2014-10-21 11:58 - 2007-10-10 13:06 - 01858277 _____ () C:\Windows\WindowsUpdate.log
2014-10-21 11:46 - 2012-01-26 14:14 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\DVDVideoSoft
2014-10-21 11:45 - 2011-01-03 19:27 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-21 11:39 - 2013-06-28 23:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-21 00:03 - 2011-10-19 13:02 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Yusuf
2014-10-21 00:03 - 2011-10-19 13:01 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Abdullah
2014-10-21 00:03 - 2011-03-10 00:54 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Hüsna
2014-10-20 21:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Performance
2014-10-20 00:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-19 21:25 - 2012-01-26 14:13 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Youtube
2014-10-19 20:40 - 2011-01-03 19:27 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 20:40 - 2011-01-03 19:27 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 23:05 - 2014-09-03 11:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-17 23:05 - 2014-09-03 11:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-17 23:05 - 2013-11-11 21:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 23:05 - 2010-05-17 18:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-17 22:56 - 2011-01-03 19:27 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Google
2014-10-17 19:08 - 2013-06-28 23:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-17 19:08 - 2013-06-28 23:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-17 19:08 - 2013-06-28 23:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-17 19:06 - 2014-07-06 14:01 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Adobe
2014-10-17 19:05 - 2009-11-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-17 14:00 - 2009-07-14 06:45 - 00465288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 23:52 - 2013-08-16 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 23:41 - 2010-04-26 22:17 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 22:48 - 2014-01-02 21:09 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Programme shortcuts
2014-10-16 21:50 - 2014-08-07 14:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-16 21:50 - 2013-06-25 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-16 21:50 - 2013-06-25 15:10 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-16 21:48 - 2013-06-25 15:11 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-16 21:48 - 2013-06-25 15:10 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-16 21:48 - 2013-06-25 15:10 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-01 00:29 - 2012-03-26 12:07 - 00000000 ____D () C:\Users\Yusuf2\Desktop\PDF
2014-09-30 18:21 - 2014-01-06 14:30 - 00000000 ____D () C:\Users\Hüsna.Yusuf-PC\Desktop\Handy
2014-09-29 20:51 - 2011-01-03 15:30 - 00000000 ____D () C:\Users\Yusuf2
2014-09-29 20:22 - 2011-01-03 16:30 - 00001154 _____ () C:\Users\Yusuf2\Desktop\Internet Explorer.lnk
2014-09-29 20:20 - 2009-11-26 19:56 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-29 20:20 - 2009-11-26 19:56 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-26 14:00 - 2010-05-11 22:25 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-09-25 19:13 - 2013-10-09 23:31 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-25 19:01 - 2011-07-29 01:00 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Verein

Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\msg5CF0.exe
C:\Users\Gast\AppData\Local\Temp\msg7C61.exe
C:\Users\Gast2\AppData\Local\Temp\contentDATs.exe
C:\Users\Gast2\AppData\Local\Temp\msg41B3.exe
C:\Users\Gast2\AppData\Local\Temp\msgF96E.exe
C:\Users\Hüsna.Yusuf-PC\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf\AppData\Local\Temp\AskSLib.dll
C:\Users\Yusuf\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Yusuf\AppData\Local\Temp\msgBA78.exe
C:\Users\Yusuf\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Yusuf2\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf2\AppData\Local\Temp\BackupSetup.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\Quarantine.exe
C:\Users\Yusuf2\AppData\Local\Temp\SpOrder.dll
C:\Users\Yusuf2\AppData\Local\Temp\sqlite3.dll
C:\Users\Yusuf2\AppData\Local\Temp\uninst1.exe
C:\Users\Yusuf2\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Yusuf2\AppData\Local\Temp\wgapeuvubjtcez.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-20 00:27

==================== End Of Log ============================
         
--- --- ---
Vielen Dank für Deine Mühe
[/CODE]
[/CODE]
[/CODE]


Alt 21.10.2014, 15:57   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



adwCleaner bitte neu runterladen (auf den Desktop!!!) und erneut ausführen. Sieht aus, als hättest du eine leicht veraltete Version verwendet.
__________________
--> Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!

Alt 21.10.2014, 18:59   #7
yussi28
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



So jetzt habe ich die neue Vesion von AdwareCleaner, hier das logfile:

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.001 - Bericht erstellt am 21/10/2014 um 18:55:34
# DB v2014-10-20.3
# Aktualisiert 20/10/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Yusuf2 - YUSUF-PC
# Gestartet von : C:\Users\Yusuf2\Downloads\AdwCleaner_4.001.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.17116


-\\ Mozilla Firefox v32.0.3 (x86 de)


-\\ Google Chrome v35.0.1916.114


*************************

AdwCleaner[R0].txt - [53715 octets] - [03/01/2014 23:45:28]
AdwCleaner[R1].txt - [35502 octets] - [29/09/2014 20:44:39]
AdwCleaner[R2].txt - [3150 octets] - [20/10/2014 21:58:19]
AdwCleaner[R3].txt - [1534 octets] - [21/10/2014 11:54:47]
AdwCleaner[R4].txt - [6501 octets] - [21/10/2014 18:50:30]
AdwCleaner[S0].txt - [50279 octets] - [03/01/2014 23:46:52]
AdwCleaner[S1].txt - [32638 octets] - [29/09/2014 20:51:05]
AdwCleaner[S2].txt - [2956 octets] - [20/10/2014 22:00:58]
AdwCleaner[S3].txt - [1587 octets] - [21/10/2014 11:58:32]
AdwCleaner[S4].txt - [6334 octets] - [21/10/2014 18:55:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [6394 octets] ##########
         
--- --- ---

Alt 21.10.2014, 23:07   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken


Alt 22.10.2014, 10:38   #9
yussi28
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



Hier die frischen FRST Logs:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Yusuf2 (administrator) on YUSUF-PC on 22-10-2014 09:55:03
Running from C:\Users\Yusuf2\Downloads
Loaded Profile: Yusuf2 (Available profiles: Yusuf2 & Gast2 & UpdatusUser & Hüsna & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxducoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Akamai Technologies, Inc.) C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Farbar) C:\Users\Yusuf2\Downloads\FRST64(2).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-02] (Realtek Semiconductor)
HKLM\...\Run: [lxdumon.exe] => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe [676520 2008-09-10] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-13] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [Lexmark 5600-6600 Series] => C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe [311976 2008-09-10] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [mbot_de_107] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [] => [X]
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-09-20] (Google Inc.)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [Akamai NetSession Interface] => C:\Users\Yusuf2\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\MountPoints2: {251e21db-3127-11e3-84eb-90fba62e9fb3} - I:\SETUP.EXE
HKU\S-1-5-21-441663326-3335054071-3486475473-1004\...\MountPoints2: {6ccbf6b6-dc1e-11df-83de-90fba62e9fb3} - J:\LaunchU3.exe -a
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Gast2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (No File)
Startup: C:\Users\Hüsna.Yusuf-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Yusuf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RC.lnk
ShortcutTarget: RC.lnk -> C:\Program Files (x86)\C&E\DTV\RC.exe (Computer & Entertainment, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
GroupPolicyUsers\S-1-5-21-441663326-3335054071-3486475473-1010\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lexmark Symbolleiste -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Lexmark  -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0-rc2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Adblock Plus - C:\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-25]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync [2011-03-16]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-06-05]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-06-05]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{6339663B-F26F-4FE3-B813-0E1DEC4ED976}\Installer\InstallerService.exe [119296 2011-06-05] () [File not signed]
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [33960 2008-05-23] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1040552 2008-05-23] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [594600 2008-05-23] ( )
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed]
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-16] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-10-09] (DT Soft Ltd)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 09:54 - 2014-10-22 09:54 - 02110976 _____ (Farbar) C:\Users\Yusuf2\Downloads\FRST64(2).exe
2014-10-21 18:57 - 2014-10-21 18:57 - 00006554 _____ () C:\Users\Yusuf2\Desktop\AdwCleaner[S4].txt
2014-10-21 18:50 - 2014-10-21 18:50 - 01962496 _____ () C:\Users\Yusuf2\Downloads\AdwCleaner_4.001.exe
2014-10-21 12:10 - 2014-10-21 12:10 - 00040409 _____ () C:\Users\Yusuf2\Desktop\FRST.txt
2014-10-21 12:07 - 2014-10-21 12:07 - 02110976 _____ (Farbar) C:\Users\Yusuf2\Downloads\FRST64(1).exe
2014-10-21 12:05 - 2014-10-21 12:05 - 00000626 _____ () C:\Users\Yusuf2\Desktop\JRT.txt
2014-10-21 12:02 - 2014-10-21 12:02 - 01705698 _____ (Thisisu) C:\Users\Yusuf2\Downloads\JRT(1).exe
2014-10-21 12:00 - 2014-10-21 12:00 - 00001587 _____ () C:\Users\Yusuf2\Desktop\AdwCleaner[S3].txt
2014-10-21 11:52 - 2014-10-21 11:52 - 01976320 _____ () C:\Users\Yusuf2\Downloads\AdwCleaner_4.000.exe
2014-10-21 00:03 - 2014-10-21 11:44 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Trojaner Board 2014
2014-10-20 23:35 - 2014-10-20 23:36 - 00033723 _____ () C:\Users\Yusuf2\Downloads\Addition.txt
2014-10-20 23:34 - 2014-10-22 09:56 - 00020577 _____ () C:\Users\Yusuf2\Downloads\FRST.txt
2014-10-20 23:33 - 2014-10-22 09:55 - 00000000 ____D () C:\FRST
2014-10-20 23:33 - 2014-10-20 23:33 - 02110976 _____ (Farbar) C:\Users\Yusuf2\Downloads\FRST64.exe
2014-10-20 22:15 - 2014-10-20 22:15 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Yusuf2\Downloads\sc-cleaner.exe
2014-10-20 22:15 - 2014-10-20 22:15 - 00001802 _____ () C:\sc-cleaner.txt
2014-10-20 22:09 - 2014-10-20 22:09 - 00000000 ____D () C:\Windows\ERUNT
2014-10-20 22:07 - 2014-10-20 22:08 - 01705698 _____ (Thisisu) C:\Users\Yusuf2\Downloads\JRT.exe
2014-10-19 23:17 - 2014-10-19 23:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-19 23:16 - 2014-10-19 23:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Yusuf2\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-19 22:36 - 2014-10-20 21:51 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-10-19 22:36 - 2014-10-19 22:36 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Nico Mak Computing
2014-10-19 22:36 - 2014-10-19 22:36 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-10-19 22:36 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-10-19 20:52 - 2014-10-19 20:52 - 00000000 ____D () C:\Users\Yusuf2\Documents\YouTube Downloader Suite
2014-10-19 20:52 - 2014-10-19 20:52 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Apowersoft
2014-10-17 23:11 - 2014-10-17 23:11 - 00001030 _____ () C:\Users\Public\Desktop\FLV Player.lnk
2014-10-17 23:11 - 2014-10-17 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-10-17 23:11 - 2014-10-17 23:11 - 00000000 ____D () C:\Program Files (x86)\FLV Player
2014-10-17 23:05 - 2014-10-17 23:05 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-17 23:05 - 2014-10-17 23:05 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-17 19:05 - 2014-10-17 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 22:08 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 22:08 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-16 22:08 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-16 22:08 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 22:08 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 22:08 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 22:08 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 22:08 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 22:07 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 22:07 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 22:07 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 22:07 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 22:07 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 22:07 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 22:07 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 22:07 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 22:07 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 22:07 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 22:07 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 22:07 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 22:07 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 22:07 - 2014-09-20 04:43 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-16 22:07 - 2014-09-20 04:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-16 22:07 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 22:07 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 22:07 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 22:07 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 22:07 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 22:07 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 22:07 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 22:07 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 22:07 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 22:07 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 21:50 - 2014-10-16 21:50 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-29 21:32 - 2014-09-29 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-29 21:27 - 2014-09-29 21:27 - 00244408 _____ () C:\Users\Yusuf2\Desktop\Firefox Setup Stub 32.0.3.exe
2014-09-26 14:17 - 2014-09-26 14:17 - 00003158 _____ () C:\Windows\System32\Tasks\{2D8B4FF0-CC8D-4082-BDCD-81A39CF1B3D4}
2014-09-26 14:11 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-26 14:11 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-26 13:35 - 2014-09-26 13:35 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\com
2014-09-25 19:23 - 2014-09-26 14:12 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\Opera Software
2014-09-25 19:23 - 2014-09-26 14:12 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Opera Software
2014-09-25 10:02 - 2014-09-29 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 14:17 - 2014-09-23 14:17 - 00695808 _____ () C:\ProgramData\SPL3A35.tmp
2014-09-23 13:59 - 2014-09-23 13:59 - 00070568 _____ () C:\Users\Hüsna.Yusuf-PC\Downloads\Entschuldigungsformular 05_13.swf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-22 09:53 - 2007-10-10 13:06 - 01883869 _____ () C:\Windows\WindowsUpdate.log
2014-10-22 09:45 - 2011-01-03 19:27 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-22 09:42 - 2013-06-28 23:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-21 20:45 - 2011-01-03 19:27 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 19:04 - 2009-07-14 06:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-21 19:04 - 2009-07-14 06:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-21 18:56 - 2009-11-26 19:58 - 01156072 _____ () C:\Windows\PFRO.log
2014-10-21 18:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-21 18:56 - 2009-07-14 06:51 - 00165516 _____ () C:\Windows\setupact.log
2014-10-21 18:56 - 2007-10-10 13:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-21 18:55 - 2014-01-03 23:45 - 00000000 ____D () C:\AdwCleaner
2014-10-21 11:46 - 2012-01-26 14:14 - 00000000 ____D () C:\Users\Yusuf2\AppData\Roaming\DVDVideoSoft
2014-10-21 00:03 - 2011-10-19 13:02 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Yusuf
2014-10-21 00:03 - 2011-10-19 13:01 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Abdullah
2014-10-21 00:03 - 2011-03-10 00:54 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Hüsna
2014-10-20 21:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Performance
2014-10-20 00:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-19 21:25 - 2012-01-26 14:13 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Youtube
2014-10-19 20:40 - 2011-01-03 19:27 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 20:40 - 2011-01-03 19:27 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 23:05 - 2014-09-03 11:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-17 23:05 - 2014-09-03 11:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-17 23:05 - 2013-11-11 21:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 23:05 - 2010-05-17 18:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-17 22:56 - 2011-01-03 19:27 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Google
2014-10-17 19:08 - 2013-06-28 23:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-17 19:08 - 2013-06-28 23:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-17 19:08 - 2013-06-28 23:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-17 19:06 - 2014-07-06 14:01 - 00000000 ____D () C:\Users\Yusuf2\AppData\Local\Adobe
2014-10-17 19:05 - 2009-11-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-17 14:00 - 2009-07-14 06:45 - 00465288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 23:52 - 2013-08-16 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 23:41 - 2010-04-26 22:17 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 22:48 - 2014-01-02 21:09 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Programme shortcuts
2014-10-16 21:50 - 2014-08-07 14:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-16 21:50 - 2013-06-25 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-16 21:50 - 2013-06-25 15:10 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-16 21:48 - 2013-06-25 15:11 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-16 21:48 - 2013-06-25 15:10 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-16 21:48 - 2013-06-25 15:10 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-01 00:29 - 2012-03-26 12:07 - 00000000 ____D () C:\Users\Yusuf2\Desktop\PDF
2014-09-30 18:21 - 2014-01-06 14:30 - 00000000 ____D () C:\Users\Hüsna.Yusuf-PC\Desktop\Handy
2014-09-29 20:51 - 2011-01-03 15:30 - 00000000 ____D () C:\Users\Yusuf2
2014-09-29 20:22 - 2011-01-03 16:30 - 00001154 _____ () C:\Users\Yusuf2\Desktop\Internet Explorer.lnk
2014-09-29 20:20 - 2009-11-26 19:56 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-29 20:20 - 2009-11-26 19:56 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-26 14:00 - 2010-05-11 22:25 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-09-25 19:13 - 2013-10-09 23:31 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-25 19:01 - 2011-07-29 01:00 - 00000000 ____D () C:\Users\Yusuf2\Desktop\Verein

Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\msg5CF0.exe
C:\Users\Gast\AppData\Local\Temp\msg7C61.exe
C:\Users\Gast2\AppData\Local\Temp\contentDATs.exe
C:\Users\Gast2\AppData\Local\Temp\msg41B3.exe
C:\Users\Gast2\AppData\Local\Temp\msgF96E.exe
C:\Users\Hüsna.Yusuf-PC\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf\AppData\Local\Temp\AskSLib.dll
C:\Users\Yusuf\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Yusuf\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Yusuf\AppData\Local\Temp\msgBA78.exe
C:\Users\Yusuf\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Yusuf2\AppData\Local\Temp\avgnt.exe
C:\Users\Yusuf2\AppData\Local\Temp\BackupSetup.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Yusuf2\AppData\Local\Temp\Quarantine.exe
C:\Users\Yusuf2\AppData\Local\Temp\SpOrder.dll
C:\Users\Yusuf2\AppData\Local\Temp\sqlite3.dll
C:\Users\Yusuf2\AppData\Local\Temp\uninst1.exe
C:\Users\Yusuf2\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Yusuf2\AppData\Local\Temp\wgapeuvubjtcez.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-20 00:27

==================== End Of Log ============================
         
--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
Ran by Yusuf2 at 2014-10-22 09:57:28
Running from C:\Users\Yusuf2\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AAA Logo 3.10 Free Trial (HKLM-x32\...\AAA Logo Free Trial_is1) (Version:  - SWGSoft.com)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.2.7110 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.2.7110 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.2.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
calibre (HKLM-x32\...\{B652DD9C-F162-4B40-B38F-A1D0F866CAFA}) (Version: 0.9.41 - Kovid Goyal)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DTV 1.3 (HKLM-x32\...\DTV_1.0) (Version: 1.3 - C&E)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2565057) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2565057) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Lexmark  (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )
Lexmark 5600-6600 Series (HKLM\...\Lexmark 5600-6600 Series) (Version:  - Lexmark International, Inc.)
Lexmark Symbolleiste (HKLM-x32\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.0.53.0 - )
Lexmark Tools for Office (HKLM-x32\...\{10812DE7-2E57-4740-B226-6B3BE34AF9D7}) (Version: 1.24.0.0 - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ATTENTION
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{9d5299f9-f94e-43ed-9632-a5e045b51f7d}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.11.208 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{25CFEF55-A945-41FC-86ED-76469F31DF37}) (Version: 7.1.41.0 - Nokia)
Nokia Ovi Suite (HKLM-x32\...\Nokia Ovi Suite) (Version: 3.1.0.91 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.0.91 - Nokia) Hidden
Nokia Ovi Suite Software Updater (HKLM-x32\...\{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}) (Version: 02.07.004.45780 - Nokia Corporation)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.60.0 - Nokia)
Nokia PC Suite (x32 Version: 7.1.60.0 - Nokia) Hidden
Nokia Software Updater (HKLM-x32\...\{4D568C38-0552-4CDD-A643-01FAFA2957EF}) (Version: 02.06.006.44298 - Nokia Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Ovi Desktop Sync Engine (x32 Version: 1.5.257.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.66.0 - Nokia) Hidden
PC Connectivity Solution (HKLM-x32\...\{3DE96337-68D2-48E0-A863-6E4A5CD3BC25}) (Version: 11.4.16.0 - Nokia)
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.0.0 - Frank Heindörfer, Philip Chinery)
pdfsam (HKLM-x32\...\pdfsam) (Version: 2.2.1 - )
PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.201.0 - Tracker Software Products Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5930 - Realtek Semiconductor Corp.)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SIW version 2010.03.10 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.03.10 - Topala Software Solutions)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.0-rc2 (HKLM\...\VLC media player) (Version: 2.1.0-rc2 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.8) (HKLM\...\E5372C32E8562C76C24DBA6525002B1031495F34) (Version: 06/09/2010 7.01.0.8 - Nokia)
Windows-Treiberpaket - Nokia Modem  (10/07/2010 4.6) (HKLM\...\6DA48AFDE796708D5A4C9121A83E7617A63A9A15) (Version: 10/07/2010 4.6 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

29-09-2014 20:37:33 Geplanter Prüfpunkt
30-09-2014 22:44:31 Windows Update
16-10-2014 19:55:02 Windows-Sicherung
16-10-2014 21:39:20 Windows Update
17-10-2014 21:03:51 Installed Java 7 Update 71
19-10-2014 18:40:12 Windows-Sicherung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {098A1C2B-6A82-4610-B395-FFB0783AA69C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {4A593338-E60D-4FA3-B5CE-60E942388728} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe [2008-09-10] ()
Task: {6F440FB9-4376-448D-ACF1-7E1E3FB9D8A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {7209BDD2-1013-49BD-BDAE-E9C58156B4D1} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd [2009-08-29] ()
Task: {78C441E7-71BF-4720-B9F0-332326DD5D9E} - System32\Tasks\{A61CBFD5-3AF2-4E86-8DAB-2FFEF4700114} => C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [2011-01-17] (OpenOffice.org)
Task: {9D59A5C7-4577-4778-B645-8178601C7253} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {BE9E97C6-3061-43DF-BA80-55177563BDCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {BFBECC0E-B1D2-43DD-ABEB-97F8960A76EB} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
Task: {F2C51F4F-203B-4A18-A729-10A02E8F7158} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {F78DCCDC-2410-42EF-A57A-FA69C3C911A0} - System32\Tasks\Egis technology-Online-Aktualisierungsprogramm => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04] (Egis Technology Inc.)
Task: {FDA8D6FE-375A-4398-8E63-4D8B8E65B4B2} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-05-11 22:21 - 2008-05-01 02:44 - 00045568 _____ () C:\Windows\System32\LXDUPMON.DLL
2010-05-11 22:21 - 2008-09-10 11:43 - 00086016 _____ () C:\Windows\System32\LXDUOEM.DLL
2010-05-11 22:21 - 2008-09-10 11:41 - 00081408 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\ipcmt64.dll
2010-05-28 21:33 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-05-11 22:24 - 2008-05-23 14:17 - 00147456 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdudrpp.dll
2012-11-18 00:27 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2010-05-11 22:19 - 2008-09-10 13:11 - 00676520 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
2009-08-18 09:27 - 2009-08-18 09:27 - 00629280 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2010-05-11 22:19 - 2008-09-10 11:56 - 00380928 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll
2010-05-11 22:19 - 2008-05-23 14:02 - 00188416 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll
2010-05-11 22:19 - 2008-05-23 14:02 - 00073728 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducats.dll
2010-05-11 22:19 - 2008-09-10 11:56 - 01036288 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduDRS.dll
2010-05-11 22:19 - 2008-09-10 11:56 - 00081920 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll
2010-05-11 22:19 - 2008-09-10 11:40 - 00069632 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll
2009-08-18 09:31 - 2009-08-18 09:31 - 00163840 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2014-09-29 21:32 - 2014-09-24 07:09 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-17 19:05 - 2014-10-17 19:05 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:444C53BA
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: lxduamon => "C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe"
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray                                                                                                                                                                                                     
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun                                                                                                                                                                                                        
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

========================= Accounts: ==========================

Administrator (S-1-5-21-441663326-3335054071-3486475473-500 - Administrator - Disabled)
Gast (S-1-5-21-441663326-3335054071-3486475473-501 - Limited - Disabled) => C:\Users\Gast
Gast2 (S-1-5-21-441663326-3335054071-3486475473-1010 - Limited - Enabled) => C:\Users\Gast2
HomeGroupUser$ (S-1-5-21-441663326-3335054071-3486475473-1002 - Limited - Enabled)
Hüsna (S-1-5-21-441663326-3335054071-3486475473-1012 - Limited - Enabled) => C:\Users\Hüsna.Yusuf-PC
UpdatusUser (S-1-5-21-441663326-3335054071-3486475473-1011 - Limited - Enabled) => C:\Users\UpdatusUser
Yusuf2 (S-1-5-21-441663326-3335054071-3486475473-1004 - Administrator - Enabled) => C:\Users\Yusuf2

==================== Faulty Device Manager Devices =============

Name: avipbb
Description: avipbb
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avipbb
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HTTP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (10/22/2014 09:50:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/22/2014 09:42:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/22/2014 09:42:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HTTP" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (10/22/2014 09:42:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/22/2014 09:42:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HTTP" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (10/22/2014 09:42:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (10/22/2014 09:42:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/22/2014 09:42:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Funktionssuchanbieter-Host" ist vom Dienst "HTTP" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/22/2014 09:42:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HTTP" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (10/21/2014 09:55:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-09-25 19:56:16.954
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:56:16.361
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:56:15.966
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:56:15.521
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:55:47.505
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:55:47.139
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:55:46.774
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-25 19:55:46.371
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 39%
Total physical RAM: 3959.09 MB
Available physical RAM: 2381.78 MB
Total Pagefile: 7916.37 MB
Available Pagefile: 5327.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:458.87 GB) (Free:303.31 GB) NTFS
Drive d: (Data) (Fixed) (Total:458.87 GB) (Free:458.76 GB) NTFS
Drive i: (15.0.4420.1017) (CDROM) (Total:0.76 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F467897B)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

[/CODE]

Alt 22.10.2014, 11:06   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    mystartsearch


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 


Alt 22.10.2014, 16:26   #11
yussi28
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



mystartsearch war hartnäckig, bekam die Meldung, "Uninstaller war nicht erfolgreich",
aber im letzten Schritt , Markieren - Löschen und Weiter, danach war mystartsearch auch endlich verschwunden.

Vielen Dank und Erfolg weiterhin

gruß yussi28

Alt 22.10.2014, 17:29   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Alt 23.10.2014, 23:12   #13
yussi28
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



hier die beiden logs:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Scan, 23.10.2014 00:08:49, SYSTEM, YUSUF-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 22 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 39-Malwareerkennung, 
Protection, 23.10.2014 00:51:52, SYSTEM, YUSUF-PC, Protection, Malware Protection, Starting, 
Protection, 23.10.2014 00:51:52, SYSTEM, YUSUF-PC, Protection, Malware Protection, Started, 
Protection, 23.10.2014 00:51:52, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Starting, 
Protection, 23.10.2014 00:53:39, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Started, 
Update, 23.10.2014 09:22:46, SYSTEM, YUSUF-PC, Scheduler, Malware Database, 2014.10.22.10, 2014.10.23.2, 
Protection, 23.10.2014 09:22:46, SYSTEM, YUSUF-PC, Protection, Refresh, Starting, 
Protection, 23.10.2014 09:22:46, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 23.10.2014 09:22:46, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 23.10.2014 09:22:51, SYSTEM, YUSUF-PC, Protection, Refresh, Success, 
Protection, 23.10.2014 09:22:51, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Starting, 
Protection, 23.10.2014 09:22:51, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Started, 
Scan, 23.10.2014 09:44:04, SYSTEM, YUSUF-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 20 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, 
Update, 23.10.2014 13:51:54, SYSTEM, YUSUF-PC, Scheduler, Malware Database, 2014.10.23.2, 2014.10.23.3, 
Protection, 23.10.2014 13:51:54, SYSTEM, YUSUF-PC, Protection, Refresh, Starting, 
Protection, 23.10.2014 13:51:54, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 23.10.2014 13:51:54, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 23.10.2014 13:52:35, SYSTEM, YUSUF-PC, Protection, Refresh, Success, 
Protection, 23.10.2014 13:52:35, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Starting, 
Protection, 23.10.2014 13:52:36, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Started, 
Update, 23.10.2014 16:51:12, SYSTEM, YUSUF-PC, Scheduler, Malware Database, 2014.10.23.3, 2014.10.23.5, 
Protection, 23.10.2014 16:51:12, SYSTEM, YUSUF-PC, Protection, Refresh, Starting, 
Protection, 23.10.2014 16:51:12, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 23.10.2014 16:51:12, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 23.10.2014 16:51:18, SYSTEM, YUSUF-PC, Protection, Refresh, Success, 
Protection, 23.10.2014 16:51:18, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Starting, 
Protection, 23.10.2014 16:51:18, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Started, 
Scan, 23.10.2014 17:22:21, SYSTEM, YUSUF-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 27 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, 
Update, 23.10.2014 17:40:31, SYSTEM, YUSUF-PC, Manual, Malware Database, 2014.10.23.5, 2014.10.23.6, 
Protection, 23.10.2014 17:40:31, SYSTEM, YUSUF-PC, Protection, Refresh, Starting, 
Protection, 23.10.2014 17:40:31, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 23.10.2014 17:40:31, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 23.10.2014 17:41:08, SYSTEM, YUSUF-PC, Protection, Refresh, Success, 
Protection, 23.10.2014 17:41:08, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Starting, 
Protection, 23.10.2014 17:41:08, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Started, 
Scan, 23.10.2014 18:00:39, SYSTEM, YUSUF-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 18 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, 
Protection, 23.10.2014 18:29:56, SYSTEM, YUSUF-PC, Protection, Malware Protection, Starting, 
Protection, 23.10.2014 18:29:56, SYSTEM, YUSUF-PC, Protection, Malware Protection, Started, 
Protection, 23.10.2014 18:29:56, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Starting, 
Protection, 23.10.2014 18:32:41, SYSTEM, YUSUF-PC, Protection, Malicious Website Protection, Started, 

(end)
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=e037d71ed0492a479570b126cae51b49
# engine=20747
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-23 08:46:51
# local_time=2014-10-23 10:46:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 15441 279520501 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 40467123 165727061 0 0
# scanned=297447
# found=183
# cleaned=0
# scan_time=14417
sh=004B033470416A8A4375361D8CA8B4B6A7FAB37B ft=1 fh=75f334efa6b5ba80 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-441663326-3335054071-3486475473-1004\$RSF0VJB.exe"
sh=A981E3D6F03D3BD57D1472F33A4093A01533F8A8 ft=1 fh=7aaf7b3d0491af48 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-441663326-3335054071-3486475473-1004\$RZ45FX5.exe"
sh=02C41C911A9FF440DED0FE65334ED8E4AE764F27 ft=1 fh=9099217250f17dfd vn="Variante von Win32/AdWare.EasySpeedCheck.A Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-441663326-3335054071-3486475473-1004\$R2XGNIR\easyspeedcheck.exe"
sh=C5E60CCD154DB4E5978E33285DB016171C80ED79 ft=1 fh=58635ab0e5696ad2 vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\monitorsvc.exe.vir"
sh=741518CA17409E0C108EA202464829E6C664ED1E ft=1 fh=52477f93f91d8732 vn="Variante von MSIL/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Uninstaller\Uninstall.exe.vir"
sh=B447F970CFF528D8D8960F8FC1634BFF146B9C48 ft=1 fh=057e48937a3e0c83 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\AviraBrowserSecurity.exe.vir"
sh=ACD3B40592A7FBF9180531A66620672FF7220575 ft=1 fh=c63366c2cc61cc7e vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\AviraCallingIDhelper.dll.vir"
sh=707B19478BF14B7C394F32BE601D29527A85B630 ft=1 fh=e438163caccb7bcf vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\GenericAskToolbar.dll.vir"
sh=84B6043FB58D74BF32F8312ED147B13BE87BBEBD ft=1 fh=0ac84cefd73db588 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\precache.exe.vir"
sh=F127D097C257A955B9D9E7C434A49BFDD03C8A86 ft=1 fh=1f7d437f58332614 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\SaUpdate.exe.vir"
sh=152B2C03A8423138147BC6F6E69BEA5B96B7158D ft=1 fh=5c46a4ad6fc2e292 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\UpdateTask.exe.vir"
sh=2874ABE5DDA530E460050F99875F80278AD79D33 ft=1 fh=9a570d377033be53 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\Updater\Updater.exe.vir"
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=BF5216BA0FC39EA5AD1A0C9A757E902C265A823B ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir"
sh=359A92C15F0AD3A7D1029D260148EC522E18BA3F ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.xpi.vir"
sh=301D76EDD0C41858B28915E06D395B746B434187 ft=1 fh=669084b2e965dc27 vn="Variante von Win32/DealPly.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyIE.dll.vir"
sh=4A83D07CD3A2E23C41B47609301AB8F6D835918C ft=1 fh=4beb8c61673c35e8 vn="Win32/DealPly.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdate.exe.vir"
sh=15A8BE96BCAAD50B1F987603FC7ADA1C61EE2671 ft=1 fh=17dc8e215076b726 vn="Variante von Win32/DealPly.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateRun.exe.vir"
sh=548957F540E363553DEC20AFBC4B2EA814D5E17E ft=1 fh=cdfbdc51a30f9cbb vn="Win32/DealPly.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateVer.exe.vir"
sh=0F081DBA3288108E77AA7797D5EE28B077C43B88 ft=1 fh=827545bc3cf01bf5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe.vir"
sh=0F081DBA3288108E77AA7797D5EE28B077C43B88 ft=1 fh=827545bc3cf01bf5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLive.exe.vir"
sh=D1337408DE8FC6409BCB0F52A3F84F2863A94C40 ft=1 fh=b4f71a4e9c68bca5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe.vir"
sh=0F081DBA3288108E77AA7797D5EE28B077C43B88 ft=1 fh=827545bc3cf01bf5 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHandler.exe.vir"
sh=E1124A98F09A6EBCE59FEA2E918FFE2DCB245146 ft=1 fh=c29d58234e843b86 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe.vir"
sh=A658B92B519F7898937EE2AE8CF53A62F620C923 ft=1 fh=7f9bfa912e5e181c vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dll.vir"
sh=6D00C85C60CAF98D39E5CD07AACE53C757A99C49 ft=1 fh=ed4a7cab0d6835d6 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir"
sh=7489D541CA03F640A02B20A33A88C70691D689D5 ft=1 fh=5216003ac57facf4 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=0652CF8AA5ACCADDDD31EE32521742F0CF6A62B0 ft=1 fh=6730b7aa2ee36939 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir"
sh=4F1A1ECBC53648728576DC417328B2DD70532367 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\1293297481.mxaddon.vir"
sh=A7E2C379EA07E344B57102FEE9D390EE00A06DB6 ft=1 fh=bcea7f4e44a6bd32 vn="Variante von Win32/Toolbar.CrossRider.BC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\291b4486-9bbb-4d0e-a8bb-5ea93028ddde.exe.vir"
sh=B5DF9D2492D14BCFA7CB3F4BAFDCECF0B92EBA7C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\34760806-89b1-49be-be6a-847bc1fcec83.crx.vir"
sh=AC1AEAD3C657A73AEA7F94C637A898192765130B ft=1 fh=53cfe99016ce7f1a vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\b97f1733-836c-406b-8222-72d0fda7b377-2.exe.vir"
sh=897B5F84DF292A980E7EE5EE7A4970C568B33166 ft=1 fh=15675e257b611756 vn="Variante von Win32/Toolbar.CrossRider.AX evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\b97f1733-836c-406b-8222-72d0fda7b377-4.exe.vir"
sh=AE5F5950DC8D5148067974CF54EB9BAA4AAFC640 ft=1 fh=4b7f33faa63df77b vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\b97f1733-836c-406b-8222-72d0fda7b377-5.exe.vir"
sh=B5DF9D2492D14BCFA7CB3F4BAFDCECF0B92EBA7C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\b97f1733-836c-406b-8222-72d0fda7b377.crx.vir"
sh=27790113AD9B53F4A4E2FEDEBBEA099C8D157137 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\b97f1733-836c-406b-8222-72d0fda7b377.xpi.vir"
sh=7C3B8F1A0E3BF0624FE95609FEEEAEA441582CF3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\e187816c-e344-4f52-8ef6-793ddddec730.crx.vir"
sh=F003A368CAF107ABE453CA427AE57099B1307170 ft=1 fh=ffe11ebd1a9025e9 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\HQVP1.9V25.09-bg.exe.vir"
sh=1370568A1170B5205064A9D4FBA208D41BE32B90 ft=1 fh=8bafc7f27363fb05 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\HQVP1.9V25.09-bho.dll.vir"
sh=CFCA407F494C21E1AAB73C3FCCE1882DF3D984A4 ft=1 fh=1c03edd6cd0dddf0 vn="Variante von Win64/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\HQVP1.9V25.09-bho64.dll.vir"
sh=5963F49C2832DE83089E239759EB8F49DE79079E ft=1 fh=146d7f38159bde65 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\HQVP1.9V25.09-codedownloader.exe.vir"
sh=FB15E24EE3C2278EE8BAFDEC19CB5087E4F0FEC4 ft=1 fh=2b0d65fd2067af3e vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQVP1.9V25.09\utils.exe.vir"
sh=D911EB5507070609F9FC2392B495B9B20A3BB30F ft=1 fh=4c0bdf77751f2704 vn="Win32/AdWare.Loadshop.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\MyOSProtect.dll.vir"
sh=F91AADF2E65A4AE53F5002BB4A8E933ACAEF7B31 ft=1 fh=e17135eee6cb0126 vn="Win32/AdWare.Loadshop.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\MyOSProtect.exe.vir"
sh=85BA05E45279215B6BFD53A3E5C3830692D64845 ft=1 fh=a53a27a527ff292c vn="Win64/Adware.Loadshop.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\MyOSProtect64.dll.vir"
sh=C2E1C31E2E1FFCA5AA4EB341F50353EBC39F728D ft=1 fh=dbb833ddf89b2378 vn="Win64/Adware.Loadshop.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\pcwtc64f.sys.vir"
sh=1862E7F50BF013ACB2CE17E71E3D76E81A93CB00 ft=1 fh=98786c141e62063a vn="Win64/Adware.Loadshop.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\pcwtc64r.sys.vir"
sh=A8A25383F8F16E2337D1664E0055BD2B9DDA687D ft=1 fh=295c78733579e7ab vn="Win32/AdWare.Loadshop.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\postcollect.exe.vir"
sh=EAFFBE73877C256957F085F048A5F26015B4F44D ft=1 fh=486104c11900e37c vn="Win32/AdWare.Loadshop.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\precollect.exe.vir"
sh=A9E2E3401E2A6FD5B09535EE83FE2D70AC48C2A9 ft=1 fh=77c22f362384d262 vn="Win32/AdWare.Loadshop.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\WDCertInstaller.dll.vir"
sh=C0946D89D201E2629B8A01AE1C262612EA409195 ft=1 fh=f502333e17010768 vn="MSIL/Solimba.AC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\WPUninstall.exe.vir"
sh=53F226B3D1D3828304E40C6C7A50667ADF23B42A ft=1 fh=e1ea10a5e9416a5c vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=0CB68F399D491465198E3E86F1D2923A211614E7 ft=1 fh=021f675753f993f2 vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=86EA851108D635D9ED47C01E86899845DFDA3EC7 ft=1 fh=90733a3b10b3e858 vn="Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\HpUI.exe.vir"
sh=12EBF6FC8AD543662053CA101C2D5DA175137EB2 ft=1 fh=c71c00119e5c1a87 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir"
sh=8F0ABE23DDA3F9DC04497B1A4F455AF8CE9D45B8 ft=1 fh=787e176d56997de7 vn="Win64/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir"
sh=A8E3A9E6972C6F8B253EA0E1837AEEBF0A07B187 ft=1 fh=e2a5b168a3934371 vn="Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir"
sh=30E2FB1C671B2808D2E80518D793575965AF2416 ft=1 fh=d06e6f3f3f60e357 vn="Variante von Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=AC11914CC02E023E2EF06A80DEE1701419A5473A ft=1 fh=4cb2d0bd10147652 vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=36F969E522FD53A189312D946C430EFD02D5A982 ft=1 fh=5d022c015afe1524 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir"
sh=D037F58CF4B36F3B437FAA0D9500720445B27D65 ft=1 fh=b07c7921935b766c vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=4139F95644E13A650D4827C943BCC9F2F0F6AA93 ft=1 fh=3b96e1736604b8bc vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir"
sh=79C9BD304C93AB8FD0544108656A899993DB14EF ft=1 fh=e6f80544d6e8089f vn="Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll32.dll.vir"
sh=96B85214CD9E4FF85AC6144E7EF3DDF9E0F215E6 ft=1 fh=098a6735f96a550a vn="Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll64.dll.vir"
sh=4F8C3100B48DF415ADEF77023D5D36803EA291C0 ft=1 fh=35a0ead0f9a77081 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll.vir"
sh=014DA0755CF6C85F8F991A715CB06BB2FB8DAE5D ft=1 fh=3438226097335392 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgAIMAuto.dll.vir"
sh=A56B3DED61349DBC844E8708897E6874E2BF9A4F ft=1 fh=e54861818ddf06b3 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgAIMMessengerAdapter.dll.vir"
sh=A7B986121997F2C2FD2B4C601951FF8686BA0661 ft=1 fh=7e64f3c6a5394736 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgArchive.dll.vir"
sh=5A4A7E211CEEEF1E3064E0477BD19A418FACFD2C ft=1 fh=42cf723f8489fe83 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgcommon.dll.vir"
sh=0A6E4DAE01AD682E8C3DE043CFFBEABE652F5C82 ft=1 fh=45b7d2d9a9eb9e1f vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll.vir"
sh=556105172C5A9ABA618337F0BD51308B7501C1B4 ft=1 fh=e94f7bd70552e20b vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgconfig.dll.vir"
sh=7F151885186AA9CD58BE8E079236D38670AE6A61 ft=1 fh=b8fac3246d502ccb vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll.vir"
sh=724C7AC87B31FD2400B91DBD23E07FA9FE4E4E0F ft=1 fh=2498fdb3fead8df1 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mghooking.dll.vir"
sh=65E4001C51F795ADFFD30C4F2838DB6051F6DDE5 ft=1 fh=cc53e810f1f0f3e0 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll.vir"
sh=357C252E2482771EB9D4DF288CE25A02C450529A ft=1 fh=bdf19714f75769ab vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll.vir"
sh=991D00C5E5AECB7DE0D89E1ACAC15E1F50FFE774 ft=1 fh=5537318bf0de754b vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgIEPlayer.dll.vir"
sh=D820BABB40C4E41FC0B426A189DFAD61F9C209A9 ft=1 fh=e333bef58541ee82 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mglogger.dll.vir"
sh=201CFBF70821020DB77218C12B4AE19C080B4D46 ft=1 fh=49b031c912bbb199 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll.vir"
sh=BF659AB545B233EB04D1EA5B11DAC8BE0FF474E4 ft=1 fh=b0f6c6a51322155a vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll.vir"
sh=5FC6197A628A9EA9A8964332AF38308A4D4D4C41 ft=1 fh=7d872b3e617caf17 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll.vir"
sh=4B5109B254EEF74E79EB5E6B6E036143790E551F ft=1 fh=c95f5cf7a41f9d52 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll.vir"
sh=A1493B890F18045E9B64F5959DFBA12DC542C98D ft=1 fh=2a8a06bb2c7b6e82 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll.vir"
sh=0DA8A018F8F1C25C1C87A1B1D2F57679BFDCBDD3 ft=1 fh=a16efc4c74c1986d vn="Variante von Win32/SweetIM.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll.vir"
sh=F78A1A0D745F641641D64B5979B9B288E0A83493 ft=1 fh=bd443ba8152a8ab8 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll.vir"
sh=5328EE07B373B1278B02FECA970AD540A1DAE713 ft=1 fh=f28523f169b37dfc vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll.vir"
sh=45782EC2A06E53AE9494C4975EEDE2BDFD18B5FF ft=1 fh=bca0bcf1eea656b4 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll.vir"
sh=8DC602028FB2E3B92298C384B8EC2575E5D466D5 ft=1 fh=d5a4fd33a9e616cb vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\SweetIM.exe.vir"
sh=F560E7275D732CD17BB2FFA8C203A7F8B46EF15E ft=1 fh=3f55fe33bcf2a5d3 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe.vir"
sh=1293D2B0508E4111F394EF86245138638A263B8A ft=1 fh=fff71895bea336a4 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll.vir"
sh=96DC5EAE01414B50530400B88827117FEE4A7ED3 ft=1 fh=0889cac2f3e9ff47 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll.vir"
sh=BC1193947DD54A2637181B910703DB0662FE6680 ft=1 fh=37eb90d2f3e2da78 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll.vir"
sh=BA177B56A51CE766CB283DCB332723EC1DBF6B66 ft=1 fh=a4d6bf7ddea807c4 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe.vir"
sh=843C693A6E3F805F3572E1B3BC198DA2E8EA7041 ft=1 fh=4c4177b7f16b962c vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll.vir"
sh=CE8CB6D46DA52FFDA8000FBEE551D07E8C8ADAD6 ft=1 fh=f71a67583a6cade6 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll.vir"
sh=AD1EDA641A2BD2BB79C612716126343ABAEC908A ft=1 fh=3e82bfa6e1c19c5e vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll.vir"
sh=3E5546DC6337DE306BA152E9CF364D6005D24EDC ft=1 fh=ac92e880e799af26 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll.vir"
sh=0807BD3FCAC40D168F714AA2B910CD8B28857AC9 ft=1 fh=4716a2fb392475df vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll.vir"
sh=6A7DBA2839A297214A9F3C0DCAE223ECBDA03020 ft=1 fh=e7bea7b5bf582c5a vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll.vir"
sh=82D6689D84C5D50E1EEFDBFD18B7E4962CAEFA6D ft=1 fh=8ee7e6709c7ab98e vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\AppManager.exe.vir"
sh=68455014C9F982EB18796DB794CFFD040E2090F2 ft=1 fh=f4d54ce35c24d0a3 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\filetypehelper.exe.vir"
sh=274CB4E7C8B3515060E7854F9B657977002FF8C1 ft=1 fh=5a43b5222c5838ce vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\scandll.dll.vir"
sh=7560ADB6881D658A46F52AD1DCDF667B615F6EDE ft=1 fh=19f14dde2ee67322 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe.vir"
sh=246DDBC3A2C223A6B9072637D93DC2A2832D097A ft=1 fh=c71c0011b04f613a vn="Win32/Toolbar.Babylon.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir"
sh=36F969E522FD53A189312D946C430EFD02D5A982 ft=1 fh=5d022c015afe1524 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\LocalLow\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll.vir"
sh=062378FCB1EF81D9F4F66FBF4E64175462E72BC8 ft=1 fh=eb5603a0a888f259 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf\AppData\Local\AskToolbar\Downloaded Program Files\AviraWebSecurity.dll.vir"
sh=6B0D21D9388220446D6D0BD1C0D40740A2A44259 ft=1 fh=27a8aaeec2fbb9d6 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Local\AskToolbar\Downloaded Program Files\AviraWebSecurityBrowser.dll.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Local\genienext\nengine.dll.vir"
sh=709B4369F6835632B1E2B91AD778D1E0E8C73377 ft=1 fh=44b214468df37c3d vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Local\iLivid\Helper.dll.vir"
sh=299F6202BF38BD3C3DED1B5B3AB570F06036086A ft=1 fh=0980f24d60c5f981 vn="Variante von Win32/Toolbar.SearchSuite.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Local\iLivid\Uninstall.exe.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=00232951B2C6E94469E33B8AF1D5A6F4993F2BB4 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\LocalLow\AskToolbar\avr-4.cab.vir"
sh=1549CF4F9282F1B42A58B5E050E12EF0AD669798 ft=1 fh=ffe6693d8bc7d6c5 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir"
sh=548957F540E363553DEC20AFBC4B2EA814D5E17E ft=1 fh=cdfbdc51a30f9cbb vn="Win32/DealPly.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir"
sh=6CCFCEB87CA978D9F4893217F51114CD78B33D7F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com\extensionData\plugins\91.js.vir"
sh=DB6BA83C92F7FE6360E412C867FA0071148ED178 ft=1 fh=8fdff4e39944cd09 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\toolbar@ask.com\plugins\npAviraCallingID.dll.vir"
sh=9CA4774891E9538150DBC295BC303D11173CE7FB ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\Mozilla\Firefox\Profiles\7uq1kdpv.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}\chrome\content\dealplyshopping.xul.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\newnext.me\nengine.dll.vir"
sh=BD2FB2B5AB6E8D248C0FB11425B108C17B696835 ft=1 fh=75ed9a1f38cde0e4 vn="Variante von Win32/DealPly.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\OpenCandy\035E9DD55B9745BD9637C6B32EB5DA8B\dp.exe.vir"
sh=FB9B4B0EE9279CFE23CBACD4B2765483321A08DE ft=1 fh=643fe0264237b7d6 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\OpenCandy\17F548703E6440FEA0AA4824615BD6E0\Softonic_chr_p1v6.exe.vir"
sh=FCFC141CB28A8A953BCA361B1DD0BD509B956B08 ft=1 fh=448ed8c7ff6bbd69 vn="Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\OpenCandy\20F42262830E47C88764AEA62CDC60B5\SnapDo_RBCB_p3v9.exe.vir"
sh=8094DC3371B3770B6619B2A6DF0FDC33C40DA9A2 ft=1 fh=3daa94a3c8e304af vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\OpenCandy\A5B81829510D4519970E258FB38ECF8B\dlm309c.exe.vir"
sh=5E877F079FC2912CE8FB7CD6977B74B84827FD7E ft=1 fh=481830f7804beb9f vn="Variante von Win32/DealPly.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\RHEng\412100AE31184BA9BDA1EAA9F62D8135\pm.exe.vir"
sh=DAF32D45E01035772B8DBACAE0E709A53D6A691C ft=1 fh=c351f1684ab93541 vn="Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\RHEng\637C0440779244FE9595F09F38D1F0AC\0c3246.exe.vir"
sh=ED8CD814782D14B1C20A91EB1D78681F408D1328 ft=1 fh=e295b31a0ce14a28 vn="Variante von Win32/TrojanDropper.MsiDrop.A Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\RHEng\A5B81829510D4519970E258FB38ECF8B\Installer.exe.vir"
sh=344C0CA9CE65746409835B97B6D6DB0537C63648 ft=1 fh=749ec275d27c3115 vn="Variante von Win32/TrojanDropper.MsiDrop.A Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Yusuf2\AppData\Roaming\RHEng\A5B81829510D4519970E258FB38ECF8B\LinkuryYAHOO_RBCB_p5v5.exe.vir"
sh=85BA05E45279215B6BFD53A3E5C3830692D64845 ft=1 fh=a53a27a527ff292c vn="Win64/Adware.Loadshop.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\MyOSProtect64.dll.vir"
sh=D911EB5507070609F9FC2392B495B9B20A3BB30F ft=1 fh=4c0bdf77751f2704 vn="Win32/AdWare.Loadshop.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\MyOSProtect.dll.vir"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=FFA8B6510D624A55F3EB7FFD6D5221A44944681C ft=1 fh=3386eb0d6ed0e5e1 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe"
sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe"
sh=1087416D30709C840DDF8C26B9B7E93A4F9A424A ft=1 fh=263cb55aa8367f0b vn="Variante von Win32/RemoteAdmin.RemoteExec.AA potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\SIW\siw.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Yusuf\AppData\Local\Temp\AskSLib.dll"
sh=5E6FABF333108E2EB3012245F2FC37D11E7D9ED8 ft=1 fh=b135ee292edcc41f vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Users\Yusuf\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskPartnerCobrandingTool.exe"
sh=C10726527EFB9645127E65EBE3CCA2B2AFFFE90D ft=1 fh=d79b888c8bf86911 vn="Win32/Bundled.Toolbar.Ask.H potenziell unsichere Anwendung" ac=I fn="C:\Users\Yusuf\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe"
sh=E410DD1707D97E7AC5F13D81982D1A324D5A25E8 ft=1 fh=5d2688694540a297 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Yusuf2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6I8VLB00\freeyoutubedownload.exe"
sh=8DEE026BD21EB2835A31707300879E3D5C3FDAEF ft=1 fh=ef6fe4c0bb090e9e vn="Variante von MSIL/DomaIQ.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\wgapeuvubjtcez.exe"
sh=24F9E1F847CF977117E3DCF7E5E8C592AEFB5436 ft=1 fh=8587ebb5b3269683 vn="JS/Superfish.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\8B99tmp\fastplayersetup.exe"
sh=AF023CD20C85601E6874CB788BCAA49AE325A40D ft=1 fh=da3b4c00ec0bc47d vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\8B9Atmp\cloud_backup_setup.exe"
sh=771DFDE2DAEFA812748B36EEBB0E095BC1A9C1FA ft=1 fh=c5b413e131c57ef8 vn="Win32/SpeedingUpMyPC.R Anwendung" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\8B9Dtmp\easyspeedpc.exe"
sh=06CE8EFE75375E240380986B0577420CB6FA57CA ft=1 fh=e51088aad16fec40 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\8B9Etmp\mybestofferstoday.exe"
sh=F26EA8745B59D15A2D27FA86D19C69F7E62D29F5 ft=1 fh=f2f9cdc2253a7ecf vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\is-1AEQC.tmp\gentlemjmbot_img.exe"
sh=F26EA8745B59D15A2D27FA86D19C69F7E62D29F5 ft=1 fh=f2f9cdc2253a7ecf vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\is-B5DC7.tmp\gentlemjmbot_img.exe"
sh=F26EA8745B59D15A2D27FA86D19C69F7E62D29F5 ft=1 fh=f2f9cdc2253a7ecf vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\is-C0S2D.tmp\gentlemjmbot_img.exe"
sh=CCD90EE6E9B1ADFF9657E8F2C126BC6CB5C2EB24 ft=1 fh=91473923cd86549e vn="Variante von Win32/SProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\is-CUJA5.tmp\OptProCrash.dll"
sh=F26EA8745B59D15A2D27FA86D19C69F7E62D29F5 ft=1 fh=f2f9cdc2253a7ecf vn="Win32/AdWare.EoRezo.AW Anwendung" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\is-MNAEM.tmp\gentlemjmbot_img.exe"
sh=A87B7647DC34B5B6186209377786E946B677C574 ft=1 fh=c2834f18f25710d9 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Yusuf2\AppData\Local\Temp\{E1958E5B-E86A-495A-9CA3-42AB4A9C0872}\setup.exe"
sh=99961CD9D286C9F97362C29C7A9C91ABEDB4455B ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Yusuf2\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\cb37ca9-7f0a9a30"
sh=39CE0C48EBF2E925048173DFDA62D83319FBE75C ft=1 fh=08064668fc05246e vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Users\Yusuf2\Desktop\Programme\avira_antivir_personal_de.exe"
sh=9ED22B17AF956934B73F176C0AEB87AFA2F2B5B3 ft=1 fh=f57fa58ae860c262 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Users\Yusuf2\Desktop\Programme\avira_free_antivirus_de1200855.exe"
sh=1951424B2C9396E09E6ED9BC84BE3D9A04F7632B ft=1 fh=81e0d6a2d98bff1e vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Yusuf2\Desktop\Youtube\FreeYouTubeDownload3020.exe"
sh=806E6ACBF1D6D25FDAE7A18F528A79D6B07C9484 ft=1 fh=d568501489fb2ea5 vn="Variante von Win32/RemoteAdmin.RemoteExec.AA potenziell unsichere Anwendung" ac=I fn="C:\Users\Yusuf2\Desktop\Yusuf\Yusuf\Documents\Software\PC System\siw0310-setup.exe"
sh=806E6ACBF1D6D25FDAE7A18F528A79D6B07C9484 ft=1 fh=d568501489fb2ea5 vn="Variante von Win32/RemoteAdmin.RemoteExec.AA potenziell unsichere Anwendung" ac=I fn="C:\Users\Yusuf2\Documents\Documents\Software\PC System\siw0310-setup.exe"
sh=004B033470416A8A4375361D8CA8B4B6A7FAB37B ft=1 fh=75f334efa6b5ba80 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Yusuf2\Downloads\Office-Trial-Extender-1.0.0.7-Setup(1).exe"
sh=004B033470416A8A4375361D8CA8B4B6A7FAB37B ft=1 fh=75f334efa6b5ba80 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Yusuf2\Downloads\Office-Trial-Extender-1.0.0.7-Setup.exe"
sh=63F96F2C860A6C4ECACF317B8835BF9DFB43B12C ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\1fd4a.msi"
sh=1969D81C0AEF045E5D6E3BDFC7F9A59B1118BEC7 ft=1 fh=1828f8b9c0450694 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI10E5.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=AE0496E8B7EF7260A5A9A03C5283D6345D09A13C ft=1 fh=d5332291c5aae89f vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI10E5.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=2A202A2F429F4102BD3516F2C116925EEA12E7E1 ft=1 fh=b18d6bdb77076cb4 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI10E5.tmp-\spbe.dll"
sh=354DAE7D75BC3750A7C27F46E144689ADD69FECE ft=1 fh=56e124954a8ab304 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI10E5.tmp-\spbl.dll"
sh=B54A10A054F72B438B85B8C01A2FDDB9E4AA9D95 ft=1 fh=bad654b42602edb0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI10E5.tmp-\sppsm.dll"
sh=74E1FD38F895EE603C538EEB0CB62D2B7AD1F9EF ft=1 fh=eadc0e05b009aa54 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI10E5.tmp-\spusm.dll"
sh=C321BD2BA55FC1450102B52CF4320050F96E6ACE ft=1 fh=5f440c13eb246cc1 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI10E5.tmp-\srbs.dll"
sh=8BCF64604E5A8369D2032F0DEAD0FA65CED3959C ft=1 fh=de00f46990bdea72 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI10E5.tmp-\srbu.dll"
sh=39E0129484C7D4950D9E3ACB4016A95333C372C1 ft=1 fh=b2d51b366a5174b0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI10E5.tmp-\srptc.dll"
sh=A80CE1722B00015806A72129AD99D6CD456BC430 ft=1 fh=a0739cbdc3e3df69 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI10E5.tmp-\srpu.dll"
sh=1969D81C0AEF045E5D6E3BDFC7F9A59B1118BEC7 ft=1 fh=1828f8b9c0450694 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1E12.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=AE0496E8B7EF7260A5A9A03C5283D6345D09A13C ft=1 fh=d5332291c5aae89f vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1E12.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=2A202A2F429F4102BD3516F2C116925EEA12E7E1 ft=1 fh=b18d6bdb77076cb4 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1E12.tmp-\spbe.dll"
sh=354DAE7D75BC3750A7C27F46E144689ADD69FECE ft=1 fh=56e124954a8ab304 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1E12.tmp-\spbl.dll"
sh=B54A10A054F72B438B85B8C01A2FDDB9E4AA9D95 ft=1 fh=bad654b42602edb0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1E12.tmp-\sppsm.dll"
sh=74E1FD38F895EE603C538EEB0CB62D2B7AD1F9EF ft=1 fh=eadc0e05b009aa54 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1E12.tmp-\spusm.dll"
sh=C321BD2BA55FC1450102B52CF4320050F96E6ACE ft=1 fh=5f440c13eb246cc1 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1E12.tmp-\srbs.dll"
sh=8BCF64604E5A8369D2032F0DEAD0FA65CED3959C ft=1 fh=de00f46990bdea72 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1E12.tmp-\srbu.dll"
sh=39E0129484C7D4950D9E3ACB4016A95333C372C1 ft=1 fh=b2d51b366a5174b0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1E12.tmp-\srptc.dll"
sh=A80CE1722B00015806A72129AD99D6CD456BC430 ft=1 fh=a0739cbdc3e3df69 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1E12.tmp-\srpu.dll"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=D04F5CE37AB69B6B8DD354F5702625CB0EE893AF ft=1 fh=216b0453f739c4b3 vn="Variante von Win32/SProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Temp\2570bd6c.ftf.ftf"
         

Alt 23.10.2014, 23:31   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



Du hast leider das falsche Log von MBAM gepostet

Alt 24.10.2014, 00:46   #15
yussi28
 
Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - Standard

Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Error, 24.10.2014 00:05:12, SYSTEM, YUSUF-PC, Manual, 0, 
Update, 24.10.2014 00:05:12, SYSTEM, YUSUF-PC, Manual, Malware Database, Failed, Unable to access update server, 2014.9.19.5, 2014.10.23.8, 
Scan, 24.10.2014 00:06:17, SYSTEM, YUSUF-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 21 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 0-Malwareerkennung, 
Error, 24.10.2014 00:08:17, SYSTEM, YUSUF-PC, Manual, 0, 
Update, 24.10.2014 00:08:17, SYSTEM, YUSUF-PC, Manual, Malware Database, Failed, Unable to access update server, 2014.9.19.5, 2014.10.23.8, 
Error, 24.10.2014 00:11:35, SYSTEM, YUSUF-PC, Manual, 0, 
Update, 24.10.2014 00:11:35, SYSTEM, YUSUF-PC, Manual, Malware Database, Failed, Unable to access update server, 2014.9.19.5, 2014.10.23.8, 

(end)
         

Antwort

Themen zu Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!
fehlercode 22, fehlercode 24, msil.solimba, mystartsearch, mystartsearch uninstall entfernen, pup.optional.amonetize.a, pup.optional.bundleinstaller.a, pup.optional.conduit.a, pup.optional.dealply.a, pup.optional.delta.a, pup.optional.domaiq, pup.optional.flashenhancer.a, pup.optional.iminent.a, pup.optional.nationzoom.a, pup.optional.oneclickdownloader.a, pup.optional.opencandy, pup.optional.optimuminstaller.a, pup.optional.plushd.a, pup.optional.pricegong.a, pup.optional.seesimilar, pup.optional.smartbar.a, pup.optional.softonic, pup.optional.sweetim, pup.optional.sweetim.a, pup.optional.sweetpacks, trojan.zbotr.gen



Ähnliche Themen: Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!


  1. mystartsearch.com in Microsoft Edge läßt sich einfach nicht deinstallieren!
    Plagegeister aller Art und deren Bekämpfung - 30.10.2015 (10)
  2. mystartsearch.com in Microsoft Edge läßt sich einfach nicht deinstallieren!
    Antiviren-, Firewall- und andere Schutzprogramme - 29.10.2015 (11)
  3. ilivid add on eingefangen hab spyhunter 4 installiert bei windows 7 32 bit wie kann ich das deinstallieren
    Log-Analyse und Auswertung - 01.10.2015 (3)
  4. Windows 7: Trojaner eingefangen, werde ihn nicht los (Crossbrowser, Mystartsearch, Malware-gen, Adware-gen usw.)
    Log-Analyse und Auswertung - 18.09.2015 (14)
  5. Habe SpyHunter runtergeladen und kann nicht mehr deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 25.06.2015 (27)
  6. "mystartsearch" kann es nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 30.04.2015 (5)
  7. Win7: Rechner zickt und Malwarebytes kann nicht mehr gestartet werden.
    Log-Analyse und Auswertung - 26.01.2015 (25)
  8. MyStartSearch eingefangen und entfernen versucht
    Plagegeister aller Art und deren Bekämpfung - 21.01.2015 (19)
  9. mystartsearch.com oder ein browser der nicht mehr will
    Log-Analyse und Auswertung - 19.11.2014 (9)
  10. Win7 TR/Agent.37888.248 kann nicht gelöscht werden, Echtzeitscanner funktioniert nicht mehr
    Log-Analyse und Auswertung - 21.07.2014 (26)
  11. Virus? unter Win7, kann nicht mehr richtig Schreiben, Cursor wird ständig abgewählt.
    Plagegeister aller Art und deren Bekämpfung - 06.07.2014 (3)
  12. Windows 8 kann nichts mehr Installieren oder Deinstallieren!
    Log-Analyse und Auswertung - 26.06.2014 (11)
  13. Kann keine exe Dateien mehr ausführen um neue Programme zu installieren/deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 21.02.2014 (19)
  14. GVU Trojaner eingefangen-kann nicht mehr auf den Desktop zugreifen
    Plagegeister aller Art und deren Bekämpfung - 30.07.2013 (11)
  15. HILFE habe mir den Bundestrojaner eingefangen. Kann mich nicht mehr anmelden. Abgesicherter Modus geht auch nicht
    Plagegeister aller Art und deren Bekämpfung - 11.06.2013 (21)
  16. Ich kann nicht mehr installieren oder deinstallieren
    Alles rund um Windows - 06.01.2010 (1)
  17. kann nicht deinstallieren!
    Alles rund um Windows - 23.09.2005 (1)

Zum Thema Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! - hi, versuche schon seit einigen Wochen erfolglos mystartsearch zu deinstallieren. Kann mir da jemand weiterhelfen, habe da noch ein logfile angehängt (malware) gruß yussi28 Code: Alles auswählen Aufklappen ATTFilter Malwarebytes - Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren!...
Archiv
Du betrachtest: Win7 mystartsearch eingefangen, kann nicht mehr deinstallieren! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.