Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Problem mit Nativzoom (https://www.trojaner-board.de/147403-problem-nativzoom.html)

Bullyx 05.01.2014 20:26
Problem mit Nativzoom
 
Hallo Community,

ich habe das Problem das bei meinem Chrome Browser die Startseite und der Standard Such-Agent auf Nativezoom geändert wurden und immer wieder irgendwelche Tabs mit Werbung, trotz Ad-Block Plus, aufgehen.

OTL Einstellungen für den Scan:
Ausgabe: minimal
Standard-Registrierung: Alles
LOP und Purity Prüfung aktiviert
Restlichen sind Standard Einstellungen

OTL-Log:
Code:
OTL logfile created on: 05.01.2014 17:44:08 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Benny\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,89 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 50,29% Memory free
3,77 Gb Paging File | 2,37 Gb Available in Paging File | 62,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99,90 Gb Total Space | 69,63 Gb Free Space | 69,69% Space Free | Partition Type: NTFS
Drive D: | 60,56 Gb Total Space | 59,22 Gb Free Space | 97,78% Space Free | Partition Type: NTFS
Drive E: | 124,02 Gb Total Space | 117,12 Gb Free Space | 94,43% Space Free | Partition Type: NTFS
Drive G: | 14,89 Gb Total Space | 14,59 Gb Free Space | 97,96% Space Free | Partition Type: FAT32
Drive J: | 13,49 Gb Total Space | 13,49 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
 
Computer Name: BENNY-PC | User Name: Benny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Benny\Desktop\otl.exe (OldTimer Tools)
PRC - C:\ProgramData\WPM\wprotectmanager.exe (Cherished Technololgy LIMITED)
PRC - D:\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Wpm) -- C:\ProgramData\WPM\wprotectmanager.exe (Cherished Technololgy LIMITED)
SRV - (AntiVirSchedulerService) -- D:\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- D:\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirService) -- D:\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avnetflt) -- C:\Windows\SysNative\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\Netwsw00.sys (Intel Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1Qzu0ByE0ByCyByCtCtC0FtDyD0DzyyD0B0EtN0D0Tzu0CyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1280612943&ir=
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 4B 66 8C C6 EE CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1Qzu0ByE0ByCyByCtCtC0FtDyD0DzyyD0B0EtN0D0Tzu0CyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1280612943&ir=
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: D:\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5679f695-50a9-4857-8da9-727df7e74c94}: C:\Program Files (x86)\Re-markit\150.xpi [2014.01.05 15:00:16 | 000,008,360 | ---- | M] ()
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.de/
CHR - Extension: Google Docs = C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Plus-HD-5.5 = C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoilcbjfkbdplcfglkiedhefcomondlk\1.26.9_0\crossrider
CHR - Extension: Plus-HD-5.5 = C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoilcbjfkbdplcfglkiedhefcomondlk\1.26.9_0\
CHR - Extension: Google Drive = C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\
CHR - Extension: Adblock Plus = C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: Google-Suche = C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Mail = C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Plus-HD-5.5) - {11111111-1111-1111-1111-110411901160} - C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho64.dll (Plus HD)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - D:\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - D:\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (Plus-HD-5.5) - {11111111-1111-1111-1111-110411901160} - C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho.dll (Plus HD)
O2 - BHO: (Re-markit) - {1a8e49db-9399-4627-b52a-657a1a275a96} - C:\Program Files (x86)\Re-markit\150.dll ()
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - D:\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - D:\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - D:\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - D:\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [Classic Start Menu] D:\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avgnt] D:\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKCU..\Run: [NextLive] C:\Users\Benny\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - D:\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - D:\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD82F78E-3E94-4B18-8985-34F96D92F0EC}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk J:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.01.05 16:59:23 | 000,000,000 | ---D | C] -- C:\Users\Benny\AppData\Roaming\Malwarebytes
[2014.01.05 16:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.01.05 16:57:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.01.05 16:57:07 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.01.05 16:57:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014.01.05 16:55:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Benny\Desktop\otl.exe
[2014.01.05 15:21:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.01.05 15:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.01.05 15:20:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014.01.05 15:17:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014.01.05 15:03:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014.01.05 15:01:44 | 000,000,000 | ---D | C] -- C:\Users\Benny\Documents\Optimizer Pro
[2014.01.05 15:01:36 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014.01.05 15:01:35 | 000,000,000 | ---D | C] -- C:\Users\Benny\.android
[2014.01.05 15:01:33 | 000,000,000 | ---D | C] -- C:\Users\Benny\AppData\Local\cache
[2014.01.05 15:01:26 | 000,000,000 | ---D | C] -- C:\Users\Benny\AppData\Roaming\newnext.me
[2014.01.05 15:01:23 | 000,000,000 | ---D | C] -- C:\Users\Benny\AppData\Local\genienext
[2014.01.05 15:01:20 | 000,000,000 | ---D | C] -- C:\Users\Benny\Documents\Mobogenie
[2014.01.05 15:01:20 | 000,000,000 | ---D | C] -- C:\Users\Benny\AppData\Local\Mobogenie
[2014.01.05 15:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014.01.05 15:00:59 | 000,000,000 | ---D | C] -- C:\Users\Benny\AppData\Local\Programs
[2014.01.05 15:00:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-5.5
[2014.01.05 15:00:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Re-markit
[2013.12.25 00:50:57 | 000,000,000 | ---D | C] -- C:\Users\Benny\AppData\Roaming\OpenOffice
[2013.12.25 00:50:24 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
[2013.12.25 00:49:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice 4
[2013.12.23 13:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
[2013.12.23 13:57:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreePDF_XP
[2013.12.23 13:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\FreePDF
[2013.12.18 18:18:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2013.12.18 18:17:50 | 000,000,000 | ---D | C] -- C:\Users\Benny\AppData\Roaming\Canon
[2013.12.17 20:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.12.15 20:12:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2013.12.11 23:53:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013.12.11 23:53:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.12.11 23:53:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
 
========== Files - Modified Within 30 Days ==========
 
[2014.01.05 17:11:03 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.05 16:55:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Benny\Desktop\otl.exe
[2014.01.05 15:02:15 | 000,001,328 | ---- | M] () -- C:\Windows\tasks\Plus-HD-5.5-updater.job
[2014.01.05 15:02:08 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\Plus-HD-5.5-enabler.job
[2014.01.05 15:01:54 | 000,001,280 | ---- | M] () -- C:\Windows\tasks\Plus-HD-5.5-codedownloader.job
[2014.01.05 15:01:30 | 000,002,126 | ---- | M] () -- C:\Windows\tasks\Plus-HD-5.5-firefoxinstaller.job
[2014.01.05 15:00:51 | 000,002,120 | ---- | M] () -- C:\Windows\tasks\Plus-HD-5.5-chromeinstaller.job
[2014.01.05 15:00:17 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Re-markit Update.job
[2014.01.05 14:38:30 | 000,020,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.05 14:38:30 | 000,020,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.05 14:38:02 | 000,086,329 | ---- | M] () -- C:\Users\Benny\Desktop\Beleg2.pdf
[2014.01.05 14:36:12 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.05 14:36:12 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.01.05 14:36:12 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.05 14:36:12 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.01.05 14:36:12 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.05 14:30:57 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.05 14:30:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.05 14:30:34 | 1518,555,136 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.30 00:58:22 | 000,047,961 | ---- | M] () -- C:\Users\Benny\Desktop\Aufgaben_WS13,14LSG.pdf
[2013.12.30 00:58:22 | 000,004,812 | ---- | M] () -- C:\Users\Benny\Desktop\ListeWS13,14final.pdf
[2013.12.25 22:07:38 | 000,370,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.12.15 20:12:27 | 000,351,124 | ---- | M] () -- C:\Users\Benny\AppData\Local\mysearchdial-speeddial.crx
[2013.12.12 12:51:13 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.12.12 12:51:13 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.12.12 12:51:13 | 000,084,720 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.12.10 23:32:20 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.12.10 23:32:18 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
 
========== Files Created - No Company Name ==========
 
[2014.01.05 15:02:13 | 000,001,328 | ---- | C] () -- C:\Windows\tasks\Plus-HD-5.5-updater.job
[2014.01.05 15:02:02 | 000,001,152 | ---- | C] () -- C:\Windows\tasks\Plus-HD-5.5-enabler.job
[2014.01.05 15:01:44 | 000,001,280 | ---- | C] () -- C:\Windows\tasks\Plus-HD-5.5-codedownloader.job
[2014.01.05 15:01:22 | 000,002,126 | ---- | C] () -- C:\Windows\tasks\Plus-HD-5.5-firefoxinstaller.job
[2014.01.05 15:00:46 | 000,002,120 | ---- | C] () -- C:\Windows\tasks\Plus-HD-5.5-chromeinstaller.job
[2014.01.05 15:00:17 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\Re-markit Update.job
[2014.01.05 14:37:59 | 000,086,329 | ---- | C] () -- C:\Users\Benny\Desktop\Beleg2.pdf
[2013.12.30 00:58:43 | 000,047,961 | ---- | C] () -- C:\Users\Benny\Desktop\Aufgaben_WS13,14LSG.pdf
[2013.12.30 00:58:43 | 000,004,812 | ---- | C] () -- C:\Users\Benny\Desktop\ListeWS13,14final.pdf
[2013.12.23 13:57:58 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\redmonnt.dll
[2013.12.23 13:57:58 | 000,046,080 | ---- | C] () -- C:\Windows\SysNative\unredmon.exe
[2013.12.17 19:58:53 | 008,437,820 | ---- | C] () -- C:\Users\Benny\Desktop\Grundzüge der Betriebswirtschaftslehre (17. Auflage).pdf
[2013.12.15 20:12:52 | 000,351,124 | ---- | C] () -- C:\Users\Benny\AppData\Local\mysearchdial-speeddial.crx
[2013.12.10 23:32:20 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.12.10 23:32:18 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.11.07 01:52:54 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2013.11.07 01:52:42 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.11.07 01:52:40 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.12.18 18:18:22 | 000,000,000 | ---D | M] -- C:\Users\Benny\AppData\Roaming\Canon
[2014.01.05 15:15:02 | 000,000,000 | ---D | M] -- C:\Users\Benny\AppData\Roaming\ClassicShell
[2014.01.05 15:01:50 | 000,000,000 | ---D | M] -- C:\Users\Benny\AppData\Roaming\newnext.me
[2013.12.25 00:50:57 | 000,000,000 | ---D | M] -- C:\Users\Benny\AppData\Roaming\OpenOffice
 
========== Purity Check ==========
 
 

< End of report >
MBAM-Log:
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.05.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Benny :: BENNY-PC [Administrator]

05.01.2014 17:12:34
MBAM-log-2014-01-05 (17-18-18).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 259538
Laufzeit: 4 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 1
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> 3684 -> Keine Aktion durchgeführt.

Infizierte Speichermodule: 1
C:\Users\Benny\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungsschlüssel: 30
HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WPM (PUP.Optional.WpManager.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{11111111-1111-1111-1111-110411901160} (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{44444444-4444-4444-4444-440444904460} (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
HKCR\Interface\{55555555-5555-5555-5555-550455905560} (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0049060.BHO.1 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901160} (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Keine Aktion durchgeführt.
HKCR\CLSID\{1a8e49db-9399-4627-b52a-657a1a275a96} (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{65f43be7-4352-403b-b26f-0f18eca03389} (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
HKCR\Interface\{743240f5-a12c-4a11-a604-75bf0faf4b76} (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A8E49DB-9399-4627-B52A-657A1A275A96} (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e270d5e7-1e32-4f07-b39e-46703373a0ba (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0049060.BHO (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0049060.Sandbox (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCR\CrossriderApp0049060.Sandbox.1 (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Keine Aktion durchgeführt.
HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\nationzoomSoftware (PUP.Optional.NationZoom.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Plus-HD-5.5 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo (PUP.Optional.Elex.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-5.5 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Daten: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Benny\AppData\Roaming\newnext.me

\nengine.dll",EntryPoint -m l -> Keine Aktion durchgeführt.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0A2O0R1R1H2Z1S1G0H1F -> Keine Aktion durchgeführt.
HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Daten: C:\ProgramData\WPM\wprotectmanager.exe -service -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 8
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.NationZoom.A) -> Bösartig: (hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-

9YG142_W048LLKWXXXXW048LLKW) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKCU\Software\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.NationZoom.A) -> Bösartig: (hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-

9YG142_W048LLKWXXXXW048LLKW) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.NationZoom.A) -> Bösartig: (C:\Program Files\Internet Explorer\iexplore.exe

hxxp://www.nationzoom.com/?type=sc&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW) Gut: (iexplore.exe) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (PUP.Optional.NationZoom.A) -> Bösartig: (hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-

9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.NationZoom.A) -> Bösartig: (hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-

9YG142_W048LLKWXXXXW048LLKW) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Bösartig: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A})

-> Keine Aktion durchgeführt.
HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.NationZoom.A) -> Bösartig: (hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-

9YG142_W048LLKWXXXXW048LLKW) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.
HKLM\Software\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.NationZoom) -> Bösartig: (hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-

9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 5
C:\Users\Benny\Documents\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 46
C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho.dll (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\AppData\Local\Temp\parent.txt (PUP.Optional.BundleInstaller.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\AppData\Local\Temp\695bb80d-bcad-4108-bfee-a84bcf5b9a030\parent.txt (PUP.Optional.BundleInstaller.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\AppData\Local\Temp\fullpackage_temp1388930413\Baofeng.exe (PUP.Optional.NationZoom.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\AppData\Local\Temp\fullpackage_temp1388930413\tmp\NewGdp.exe (PUP.Optional.WpManager.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\AppData\Local\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Plus-HD-5.5-chromeinstaller.job (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Plus-HD-5.5-codedownloader.job (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Plus-HD-5.5-enabler.job (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Plus-HD-5.5-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Plus-HD-5.5-updater.job (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\Documents\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\150.crx (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\01.db (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\150.dat (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\150.dll (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\150.xpi (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\ReMarkit_up.exe (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\Sqlite3.dll (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Re-markit\Uninstall.exe (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\Re-markit Update.job (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\49060.crx (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\49060.xpi (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\background.html (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Installer.log (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bg.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho64.dll (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-buttonutil.dll (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-buttonutil.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-buttonutil64.dll (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-buttonutil64.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-codedownloader.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-enabler.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-helper.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-updater.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5.ico (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\Uninstall.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Plus-HD-5.5\utils.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Benny\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.

(Ende)
Soll ich noch irgendwelche logs posten?

aharonov 05.01.2014 20:34
Hallo,

mach bitte einen FRST-Scan:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Bullyx 06.01.2014 21:49
Sorry, das ich jetzt erst antworte. Ging leider nicht früher.

FRST Textdatei:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Benny (administrator) on BENNY-PC on 06-01-2014 00:34:14
Running from C:\Users\Benny\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IvoSoft) D:\Classic Shell\ClassicStartMenu.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avgnt.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Classic Start Menu] - D:\Classic Shell\ClassicStartMenu.exe [152576 2013-10-20] (IvoSoft)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - D:\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Benny\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
AppInit_DLLs:  [ ] ()
AppInit_DLLs-x32:  [ ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x704B668CC6EECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1Qzu0ByE0ByCyByCtCtC0FtDyD0DzyyD0B0EtN0D0Tzu0CyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1280612943&ir=
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1Qzu0ByE0ByCyByCtCtC0FtDyD0DzyyD0B0EtN0D0Tzu0CyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1280612943&ir=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW&q={searchTerms}
BHO: Plus-HD-5.5 - {11111111-1111-1111-1111-110411901160} - C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho64.dll (Plus HD)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - D:\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - D:\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Plus-HD-5.5 - {11111111-1111-1111-1111-110411901160} - C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho.dll (Plus HD)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Re-markit - {1a8e49db-9399-4627-b52a-657a1a275a96} - C:\Program Files (x86)\Re-markit\150.dll ()
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - D:\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - D:\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - D:\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - D:\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Plus-HD-5.5) - C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoilcbjfkbdplcfglkiedhefcomondlk\1.26.9_0
CHR Extension: (Google Drive) - C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Extended Protection) - C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0
CHR Extension: (Adblock Plus) - C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0
CHR Extension: (Google Search) - C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Benny\AppData\Local\mysearchdial-speeddial.crx
CHR HKLM-x32\...\Chrome\Extension: [dcpfhaghaadpjpgocojgnlhjcieeooel] - C:\Program Files (x86)\Re-markit\150.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Benny\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Benny\AppData\Local\mysearchdial-speeddial.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.nationzoom.com/?type=sc&ts=1388930437&from=tugs&uid=ST320LT020-9YG142_W048LLKWXXXXW048LLKW

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; D:\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; D:\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2014-01-05] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-06 00:33 - 2014-01-06 00:33 - 00015522 _____ C:\Users\Benny\Downloads\Addition.txt
2014-01-06 00:32 - 2014-01-06 00:34 - 00012035 _____ C:\Users\Benny\Downloads\FRST.txt
2014-01-06 00:32 - 2014-01-06 00:32 - 00000000 ____D C:\FRST
2014-01-06 00:31 - 2014-01-06 00:31 - 01931762 _____ (Farbar) C:\Users\Benny\Downloads\FRST64.exe
2014-01-06 00:30 - 2014-01-06 00:30 - 00014455 _____ C:\Users\Benny\Desktop\AdwCleaner[R0].txt
2014-01-05 18:17 - 2014-01-05 18:17 - 00072613 _____ C:\Users\Benny\Downloads\Unbenannt 1.odt
2014-01-05 16:59 - 2014-01-05 16:59 - 00000000 ____D C:\Users\Benny\AppData\Roaming\Malwarebytes
2014-01-05 16:57 - 2014-01-05 16:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-05 16:57 - 2014-01-05 16:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-05 16:57 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-05 16:54 - 2014-01-05 16:54 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Benny\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-05 15:20 - 2014-01-05 15:20 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-05 15:20 - 2014-01-05 15:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-05 15:20 - 2014-01-05 15:20 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-05 15:20 - 2014-01-05 15:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-05 15:20 - 2014-01-05 15:20 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-05 15:19 - 2014-01-05 15:19 - 29040552 _____ (Oracle Corporation) C:\Users\Benny\Downloads\jre-7u45-windows-i586.exe
2014-01-05 15:17 - 2014-01-05 15:17 - 00000000 ____D C:\Windows\system32\appmgmt
2014-01-05 15:03 - 2014-01-05 15:05 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2014-01-05 15:02 - 2014-01-05 21:02 - 00001328 _____ C:\Windows\Tasks\Plus-HD-5.5-updater.job
2014-01-05 15:02 - 2014-01-05 21:02 - 00001152 _____ C:\Windows\Tasks\Plus-HD-5.5-enabler.job
2014-01-05 15:02 - 2014-01-05 15:02 - 00004358 _____ C:\Windows\System32\Tasks\Plus-HD-5.5-updater
2014-01-05 15:02 - 2014-01-05 15:02 - 00004182 _____ C:\Windows\System32\Tasks\Plus-HD-5.5-enabler
2014-01-05 15:01 - 2014-01-05 21:01 - 00002126 _____ C:\Windows\Tasks\Plus-HD-5.5-firefoxinstaller.job
2014-01-05 15:01 - 2014-01-05 21:01 - 00001280 _____ C:\Windows\Tasks\Plus-HD-5.5-codedownloader.job
2014-01-05 15:01 - 2014-01-05 19:10 - 00000000 ____D C:\Users\Benny\AppData\Roaming\newnext.me
2014-01-05 15:01 - 2014-01-05 15:03 - 00000000 ____D C:\Users\Benny\AppData\Local\Mobogenie
2014-01-05 15:01 - 2014-01-05 15:01 - 00004310 _____ C:\Windows\System32\Tasks\Plus-HD-5.5-codedownloader
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\Documents\Optimizer Pro
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\Documents\Mobogenie
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\AppData\Local\genienext
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\AppData\Local\cache
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\.android
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\ProgramData\WPM
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 _____ C:\Users\Benny\daemonprocess.txt
2014-01-05 15:00 - 2014-01-05 21:05 - 00002120 _____ C:\Windows\Tasks\Plus-HD-5.5-chromeinstaller.job
2014-01-05 15:00 - 2014-01-05 19:09 - 00000384 _____ C:\Windows\Tasks\Re-markit Update.job
2014-01-05 15:00 - 2014-01-05 15:02 - 00000000 ____D C:\Program Files (x86)\Plus-HD-5.5
2014-01-05 15:00 - 2014-01-05 15:00 - 00003032 _____ C:\Windows\System32\Tasks\Re-markit Update
2014-01-05 15:00 - 2014-01-05 15:00 - 00000000 ____D C:\Program Files (x86)\Re-markit
2014-01-05 14:58 - 2014-01-05 14:58 - 00481840 _____ C:\Users\Benny\Downloads\Java.exe
2013-12-27 22:56 - 2013-12-28 13:32 - 00000423 _____ C:\Users\Benny\Desktop\fernseher.txt
2013-12-25 00:50 - 2013-12-25 00:50 - 00000000 ____D C:\Users\Benny\AppData\Roaming\OpenOffice
2013-12-25 00:49 - 2013-12-25 00:50 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-12-25 00:43 - 2013-12-25 00:44 - 163606685 _____ C:\Users\Benny\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-12-23 13:57 - 2013-12-23 13:57 - 00000000 ____D C:\ProgramData\FreePDF
2013-12-23 13:57 - 2013-12-23 13:57 - 00000000 ____D C:\Program Files (x86)\FreePDF_XP
2013-12-23 13:57 - 2010-06-17 20:56 - 00119152 _____ C:\Windows\system32\redmon.hlp
2013-12-23 13:57 - 2010-06-17 20:56 - 00087040 _____ C:\Windows\system32\redmonnt.dll
2013-12-23 13:57 - 2010-06-17 20:56 - 00046080 _____ C:\Windows\system32\unredmon.exe
2013-12-23 13:54 - 2013-12-23 13:54 - 03866624 _____ (Microsoft Corporation) C:\Users\Benny\Downloads\FreePDF4.08.EXE
2013-12-22 20:51 - 2013-12-22 20:52 - 02225154 _____ C:\Users\Benny\Downloads\WWE_2K14_PS3_ONLINE_MANUAL_GER.zip
2013-12-18 18:18 - 2013-12-18 18:18 - 00000000 ___HD C:\ProgramData\CanonIJScan
2013-12-18 18:18 - 2013-12-18 18:18 - 00000000 _____ C:\Users\Benny\Sti_Trace.log
2013-12-18 18:17 - 2013-12-18 18:18 - 00000000 ____D C:\Users\Benny\AppData\Roaming\Canon
2013-12-17 20:07 - 2013-12-17 20:07 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-17 20:06 - 2013-12-17 20:07 - 00000000 ____D C:\Program Files\CCleaner
2013-12-15 20:12 - 2013-12-17 20:17 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-15 20:12 - 2013-12-15 20:12 - 00351124 _____ C:\Users\Benny\AppData\Local\mysearchdial-speeddial.crx
2013-12-12 02:56 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 02:56 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 02:56 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 02:56 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 02:54 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 02:54 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 02:54 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 02:54 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 02:54 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 02:54 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 02:54 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 02:54 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 02:54 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 02:54 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 02:54 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 02:54 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 02:54 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 02:54 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 02:54 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 02:54 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 02:54 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 02:54 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 02:54 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 02:54 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 02:54 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 02:54 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 02:54 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 02:54 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 02:54 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 02:54 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 02:54 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 02:54 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 02:54 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 02:54 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 02:54 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 01:22 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 01:22 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 01:22 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 01:22 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 01:22 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 01:22 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 01:22 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 01:22 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 01:22 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 01:22 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 01:22 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 01:22 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 01:22 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 01:22 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 01:22 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 01:22 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 01:22 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 01:22 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 01:22 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 23:53 - 2013-12-27 04:22 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-10 23:37 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-10 23:32 - 2013-12-10 23:32 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-10 23:32 - 2013-12-10 23:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-10 23:32 - 2013-12-10 23:32 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-10 23:32 - 2013-12-10 23:32 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-10 23:32 - 2013-12-10 23:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-10 23:32 - 2013-12-10 23:32 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-10 23:32 - 2013-12-10 23:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-10 23:29 - 2013-12-10 23:37 - 00010277 _____ C:\Windows\IE11_main.log

==================== One Month Modified Files and Folders =======

2014-01-06 00:34 - 2014-01-06 00:32 - 00012035 _____ C:\Users\Benny\Downloads\FRST.txt
2014-01-06 00:33 - 2014-01-06 00:33 - 00015522 _____ C:\Users\Benny\Downloads\Addition.txt
2014-01-06 00:32 - 2014-01-06 00:32 - 00000000 ____D C:\FRST
2014-01-06 00:31 - 2014-01-06 00:31 - 01931762 _____ (Farbar) C:\Users\Benny\Downloads\FRST64.exe
2014-01-06 00:30 - 2014-01-06 00:30 - 00014455 _____ C:\Users\Benny\Desktop\AdwCleaner[R0].txt
2014-01-06 00:27 - 2013-12-01 21:45 - 00000000 ____D C:\Users\Benny\AppData\Roaming\ClassicShell
2014-01-06 00:11 - 2013-12-01 19:54 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-06 00:11 - 2013-12-01 19:54 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-06 00:07 - 2013-12-01 16:50 - 01869322 _____ C:\Windows\WindowsUpdate.log
2014-01-05 21:05 - 2014-01-05 15:00 - 00002120 _____ C:\Windows\Tasks\Plus-HD-5.5-chromeinstaller.job
2014-01-05 21:02 - 2014-01-05 15:02 - 00001328 _____ C:\Windows\Tasks\Plus-HD-5.5-updater.job
2014-01-05 21:02 - 2014-01-05 15:02 - 00001152 _____ C:\Windows\Tasks\Plus-HD-5.5-enabler.job
2014-01-05 21:01 - 2014-01-05 15:01 - 00002126 _____ C:\Windows\Tasks\Plus-HD-5.5-firefoxinstaller.job
2014-01-05 21:01 - 2014-01-05 15:01 - 00001280 _____ C:\Windows\Tasks\Plus-HD-5.5-codedownloader.job
2014-01-05 19:16 - 2009-07-14 05:45 - 00020800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-05 19:16 - 2009-07-14 05:45 - 00020800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-05 19:14 - 2009-07-14 18:58 - 00654166 _____ C:\Windows\system32\perfh007.dat
2014-01-05 19:14 - 2009-07-14 18:58 - 00130006 _____ C:\Windows\system32\perfc007.dat
2014-01-05 19:14 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-05 19:10 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\AppData\Roaming\newnext.me
2014-01-05 19:09 - 2014-01-05 15:00 - 00000384 _____ C:\Windows\Tasks\Re-markit Update.job
2014-01-05 19:09 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-05 19:08 - 2013-12-01 18:11 - 00064666 _____ C:\Windows\PFRO.log
2014-01-05 19:08 - 2009-07-14 05:51 - 00023454 _____ C:\Windows\setupact.log
2014-01-05 18:17 - 2014-01-05 18:17 - 00072613 _____ C:\Users\Benny\Downloads\Unbenannt 1.odt
2014-01-05 16:59 - 2014-01-05 16:59 - 00000000 ____D C:\Users\Benny\AppData\Roaming\Malwarebytes
2014-01-05 16:57 - 2014-01-05 16:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-05 16:57 - 2014-01-05 16:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-05 16:54 - 2014-01-05 16:54 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Benny\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-05 15:21 - 2013-12-01 21:52 - 00000000 ____D C:\ProgramData\Oracle
2014-01-05 15:20 - 2014-01-05 15:20 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-05 15:20 - 2014-01-05 15:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-05 15:20 - 2014-01-05 15:20 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-05 15:20 - 2014-01-05 15:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-05 15:20 - 2014-01-05 15:20 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-05 15:19 - 2014-01-05 15:19 - 29040552 _____ (Oracle Corporation) C:\Users\Benny\Downloads\jre-7u45-windows-i586.exe
2014-01-05 15:17 - 2014-01-05 15:17 - 00000000 ____D C:\Windows\system32\appmgmt
2014-01-05 15:05 - 2014-01-05 15:03 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2014-01-05 15:05 - 2013-12-01 16:59 - 00000000 ___RD C:\Users\Benny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-05 15:03 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\AppData\Local\Mobogenie
2014-01-05 15:02 - 2014-01-05 15:02 - 00004358 _____ C:\Windows\System32\Tasks\Plus-HD-5.5-updater
2014-01-05 15:02 - 2014-01-05 15:02 - 00004182 _____ C:\Windows\System32\Tasks\Plus-HD-5.5-enabler
2014-01-05 15:02 - 2014-01-05 15:00 - 00000000 ____D C:\Program Files (x86)\Plus-HD-5.5
2014-01-05 15:01 - 2014-01-05 15:01 - 00004310 _____ C:\Windows\System32\Tasks\Plus-HD-5.5-codedownloader
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\Documents\Optimizer Pro
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\Documents\Mobogenie
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\AppData\Local\genienext
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\AppData\Local\cache
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\Users\Benny\.android
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 ____D C:\ProgramData\WPM
2014-01-05 15:01 - 2014-01-05 15:01 - 00000000 _____ C:\Users\Benny\daemonprocess.txt
2014-01-05 15:01 - 2013-12-01 16:58 - 00000000 ____D C:\Users\Benny
2014-01-05 15:00 - 2014-01-05 15:00 - 00003032 _____ C:\Windows\System32\Tasks\Re-markit Update
2014-01-05 15:00 - 2014-01-05 15:00 - 00000000 ____D C:\Program Files (x86)\Re-markit
2014-01-05 15:00 - 2013-12-01 16:59 - 00001641 _____ C:\Users\Benny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-05 14:58 - 2014-01-05 14:58 - 00481840 _____ C:\Users\Benny\Downloads\Java.exe
2013-12-29 15:13 - 2013-12-01 21:50 - 00000000 ____D C:\Users\Benny\AppData\Roaming\vlc
2013-12-28 13:32 - 2013-12-27 22:56 - 00000423 _____ C:\Users\Benny\Desktop\fernseher.txt
2013-12-27 04:22 - 2013-12-11 23:53 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-25 22:07 - 2009-07-14 05:45 - 00370904 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 01:30 - 2013-12-01 18:17 - 00091376 _____ C:\Users\Benny\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 00:50 - 2013-12-25 00:50 - 00000000 ____D C:\Users\Benny\AppData\Roaming\OpenOffice
2013-12-25 00:50 - 2013-12-25 00:49 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-12-25 00:45 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-25 00:44 - 2013-12-25 00:43 - 163606685 _____ C:\Users\Benny\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-12-23 13:57 - 2013-12-23 13:57 - 00000000 ____D C:\ProgramData\FreePDF
2013-12-23 13:57 - 2013-12-23 13:57 - 00000000 ____D C:\Program Files (x86)\FreePDF_XP
2013-12-23 13:54 - 2013-12-23 13:54 - 03866624 _____ (Microsoft Corporation) C:\Users\Benny\Downloads\FreePDF4.08.EXE
2013-12-22 20:52 - 2013-12-22 20:51 - 02225154 _____ C:\Users\Benny\Downloads\WWE_2K14_PS3_ONLINE_MANUAL_GER.zip
2013-12-22 15:04 - 2013-12-03 18:23 - 00000000 ____D C:\Users\Benny\Desktop\desmume-0-9-8-win32
2013-12-18 18:18 - 2013-12-18 18:18 - 00000000 ___HD C:\ProgramData\CanonIJScan
2013-12-18 18:18 - 2013-12-18 18:18 - 00000000 _____ C:\Users\Benny\Sti_Trace.log
2013-12-18 18:18 - 2013-12-18 18:17 - 00000000 ____D C:\Users\Benny\AppData\Roaming\Canon
2013-12-17 20:17 - 2013-12-15 20:12 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-17 20:07 - 2013-12-17 20:07 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-17 20:07 - 2013-12-17 20:06 - 00000000 ____D C:\Program Files\CCleaner
2013-12-16 02:13 - 2013-12-01 18:52 - 00000000 ____D C:\Windows\system32\MRT
2013-12-16 02:11 - 2013-12-01 18:52 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 20:12 - 2013-12-15 20:12 - 00351124 _____ C:\Users\Benny\AppData\Local\mysearchdial-speeddial.crx
2013-12-13 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 12:51 - 2013-12-01 21:21 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-12 12:51 - 2013-12-01 21:21 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-12 12:51 - 2013-12-01 21:21 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-12 02:56 - 2013-12-01 21:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 00:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-10 23:37 - 2013-12-10 23:29 - 00010277 _____ C:\Windows\IE11_main.log
2013-12-10 23:32 - 2013-12-10 23:32 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-10 23:32 - 2013-12-10 23:32 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-10 23:32 - 2013-12-10 23:32 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-10 23:32 - 2013-12-10 23:32 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-10 23:32 - 2013-12-10 23:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-10 23:32 - 2013-12-10 23:32 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-10 23:32 - 2013-12-10 23:32 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-10 23:32 - 2013-12-10 23:32 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 23:32 - 2013-12-10 23:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-08 00:06 - 2013-12-01 19:54 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-08 00:06 - 2013-12-01 19:54 - 00003852 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Benny\AppData\Local\Temp\2673uninstall.exe
C:\Users\Benny\AppData\Local\Temp\avgnt.exe
C:\Users\Benny\AppData\Local\Temp\BackupSetup.exe
C:\Users\Benny\AppData\Local\Temp\bitool.dll
C:\Users\Benny\AppData\Local\Temp\htmlayout.dll
C:\Users\Benny\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Benny\AppData\Local\Temp\ose00000.exe
C:\Users\Benny\AppData\Local\Temp\Sqlite3.dll
C:\Users\Benny\AppData\Local\Temp\SRLDetectionLibrary5426330605061837757.dll
C:\Users\Benny\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Benny\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Benny\AppData\Local\Temp\zmkkghwlhsdjiuf.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-01 19:36

==================== End Of Log ============================
--- --- ---

--- --- ---
Additions.txt:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by Benny at 2014-01-06 00:34:52
Running from C:\Users\Benny\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Canon Easy-PhotoPrint EX (x32 Version:  - )
Canon Easy-WebPrint EX (x32 Version: 1.3.5.0 - Canon Inc.)
Canon MP Navigator EX 4.0 (x32 Version:  - )
Canon MP280 series Benutzerregistrierung (x32 Version:  - )
Canon MP280 series MP Drivers (Version:  - )
Canon My Printer (x32 Version:  - )
Canon Solution Menu EX (x32 Version:  - )
CCleaner (Version: 4.08 - Piriform)
Classic Shell (Version: 4.0.2 - IvoSoft)
FreePDF (Remove only) (x32 Version:  - )
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Intel(R) Processor Graphics (x32 Version: 9.17.10.3347 - Intel Corporation)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Plus-HD-5.5 (x32 Version: 1.33.153.1 - Plus HD) <==== ATTENTION
RedMon - Redirection Port Monitor (Version:  - )
Re-markit (x32 Version:  - Re-markit Software)
Steam (x32 Version:  - Valve Corporation)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VLC media player 2.1.1 (x32 Version: 2.1.1 - VideoLAN)
WinRAR 5.00 (64-Bit) (Version: 5.00.0 - win.rar GmbH)
WPM17.8.0.3159 (x32 Version: 17.8.0.3159 - Cherished Technololgy LIMITED) <==== ATTENTION

==================== Restore Points  =========================

23-12-2013 20:03:04 Geplanter Prüfpunkt
24-12-2013 23:44:52 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
24-12-2013 23:46:40 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
24-12-2013 23:49:22 OpenOffice 4.0.1 wird installiert
01-01-2014 18:43:01 Geplanter Prüfpunkt
05-01-2014 14:16:14 Removed Java 7 Update 45
05-01-2014 14:20:23 Installed Java 7 Update 45

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {3EA7ECBF-58FB-48D4-A51A-13BDEF6D6C53} - System32\Tasks\Plus-HD-5.5-chromeinstaller => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-chromeinstaller.exe [2014-01-05] (Plus HD) <==== ATTENTION
Task: {62102355-E720-4D5E-B9D6-D5F9BDD8A01F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.)
Task: {6F91F9ED-92DE-4F60-A1CC-A61151FFF489} - System32\Tasks\Plus-HD-5.5-updater => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-updater.exe [2014-01-05] (Plus HD) <==== ATTENTION
Task: {885A7671-92B4-4371-99A7-F25DCB6C7FFB} - System32\Tasks\Plus-HD-5.5-enabler => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-enabler.exe [2014-01-05] (Plus HD) <==== ATTENTION
Task: {CB2254B6-7D68-4079-A2E8-731301C202C8} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe [2014-01-05] () <==== ATTENTION
Task: {D85ED890-85AC-462C-A0E6-CB7D9422AF55} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-01] (Google Inc.)
Task: {E558A673-6491-4DD9-BBE7-C8B38982862F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {E96DCE39-61CF-413B-AED6-EF2DF3AFE639} - System32\Tasks\Plus-HD-5.5-codedownloader => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-codedownloader.exe [2014-01-05] (Plus HD) <==== ATTENTION
Task: {FDB10D4D-65E0-40D5-9EAF-8E0646B94DCD} - System32\Tasks\Plus-HD-5.5-firefoxinstaller => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-firefoxinstaller.exe [2014-01-05] (Plus HD) <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-5.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-5.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-5.5-enabler.job => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-5.5-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-5.5-updater.job => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-12-23 13:57 - 2010-06-17 20:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-01 21:21 - 2013-12-01 21:19 - 00394808 _____ () D:\Avira\AntiVir Desktop\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2014 05:49:52 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/05/2014 00:50:42 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/04/2014 03:55:52 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/03/2014 04:00:21 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/02/2014 08:34:09 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/01/2014 06:37:32 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/01/2014 05:28:26 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/28/2013 00:43:19 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/27/2013 06:05:55 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/26/2013 01:28:17 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005


System errors:
=============
Error: (01/05/2014 00:50:34 AM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (01/05/2014 00:50:34 AM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (01/04/2014 08:08:30 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (01/04/2014 08:08:30 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (01/04/2014 04:14:54 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (01/04/2014 04:14:54 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (01/03/2014 11:38:39 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (01/03/2014 11:38:39 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (01/03/2014 10:16:50 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (01/03/2014 10:16:50 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.


Microsoft Office Sessions:
=========================

aharonov 06.01.2014 21:52
ok.


Schritt 1
  • Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
  • Suche und deinstalliere dort der Reihe nach folgende Einträge:
    Plus-HD-5.5
    Re-markit
    WPM17.8.0.3159
  • Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.



Schritt 2

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 3

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von AdwCleaner
  • Log von FRST


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:53 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19