ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=e147763049632b42a475d5248f8a91a0
# engine=22581
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-21 02:05:38
# local_time=2015-02-21 03:05:38 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 8376 24900536 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 22978502 262060266 0 0
# scanned=250610
# found=10
# cleaned=0
# scan_time=7857
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=664270A860DDB3D6F23F617D0615070330A71A30 ft=1 fh=192f7aaecaa32147 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert0.dll.vir"
sh=8EE9FB5AE2B8B6679E36388F102438C3C72C628E ft=1 fh=fc1817d8cca0d243 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Janine\AppData\Local\Conduit\CT2269050\DVDVideoSoftTBAutoUpdateHelper.exe.vir"
sh=A3A19F143216420C723F2A37AA1C3460A3A4D37E ft=1 fh=67b56eb5768c75c3 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Winload\tbWin0.dll"
sh=4E8BC33C6DFBDD9727988EB0AA95AF115C08FA8F ft=1 fh=efa4d311e75fd867 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Winload\tbWin1.dll"
sh=E5C5C36DDD3DC414086EB9EC20DCEF13C06DDD94 ft=1 fh=f4eb487f30a3126f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Winload\tbWinl.dll"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janine\AppData\LocalLow\Winload\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
sh=463AD35F4737F0B587FA39485D70D74331B229F0 ft=1 fh=8a8ff7b6cbbc46f4 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janine\Desktop\Documents\Standartprogramme\FreeYouTubeToMp3Converter_3.8.exe"
sh=245C5D6AA77DC06BDE45EF37AD6A1C1797831D53 ft=1 fh=14bf317c03f7dc7f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Janine\Desktop\Documents\Standartprogramme\SoftonicToolbar.exe"
Results of screen317's Security Check version 0.99.96
Windows Vista Service Pack 2 x86
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities Language Pack (de-DE)
CCleaner
Java(TM) 6 Update 23
Java 7 Update 60
Java version 32-bit out of Date! Java 64-bit 8 Update 31
Adobe Flash Player 11.7.700.224
Flash Player out of Date!
Adobe Reader 9
Adobe Reader out of Date!
Adobe Reader 10.1.7
Adobe Reader out of Date!
Google Chrome (40.0.2214.111)
Google Chrome (40.0.2214.93)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by Janine (administrator) on JANINE´S-PC on 21-02-2015 15:16:56
Running from C:\Users\Janine\Desktop
Loaded Profiles: Janine (Available profiles: Janine)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Corporation) C:\Windows\System32\hpservice.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DivX, LLC) C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
() C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-04] (Synaptics, Inc.)
HKLM\...\Run: [DVDAgent] => C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM\...\Run: [TSMAgent] => C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1316136 2008-12-25] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer for HP TouchSmart] => C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-25] (CyberLink)
HKLM\...\Run: [TVAgent] => C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe [210216 2009-01-21] (CyberLink Corp.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [206128 2008-10-10] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [DivX Download Manager] => C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [63360 2010-12-08] (DivX, LLC)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2511529027-747684529-2273676612-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2511529027-747684529-2273676612-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2511529027-747684529-2273676612-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2511529027-747684529-2273676612-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2511529027-747684529-2273676612-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2511529027-747684529-2273676612-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {1B39FC16-2340-46CF-A0AD-0EB8F24D97CE} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2511529027-747684529-2273676612-1000 -> {1B39FC16-2340-46CF-A0AD-0EB8F24D97CE} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-2511529027-747684529-2273676612-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-2511529027-747684529-2273676612-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2511529027-747684529-2273676612-1000 -> {C09A9229-32FF-4425-9588-6EB719B9935F} URL = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=867034&p={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKU\S-1-5-21-2511529027-747684529-2273676612-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKU\S-1-5-21-2511529027-747684529-2273676612-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} MSN Games - Free Online Games
DPF: {5D6F45B3-9043-443D-A792-115447494D24} MSN Games - Free Online Games
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} MSN Games - Free Online Games
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
FireFox:
========
FF ProfilePath: C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\mq51jtnr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2511529027-747684529-2273676612-1000: @facebook.com/FBPlugin,version=1.0.1 -> C:\Users\Janine\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll No File
FF Plugin HKU\S-1-5-21-2511529027-747684529-2273676612-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Janine\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
FF Plugin HKU\S-1-5-21-2511529027-747684529-2273676612-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Janine\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2511529027-747684529-2273676612-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Janine\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2511529027-747684529-2273676612-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: No Name - C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\mq51jtnr.default\Extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93} [2015-02-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-16]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010-12-12]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010-12-12]
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox
FF Extension: Freemake Video Downloader Plugin - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox [2011-08-13]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=606C00242C137467
CHR StartupUrls: Default -> "hxxp://www.google.at/"
CHR Profile: C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]
CHR Extension: (Google Search) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]
CHR Extension: (DivX HiQ) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-11-07]
CHR Extension: (Google Wallet) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-11-07]
CHR Extension: (Gmail) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]
StartMenuInternet: Google Chrome - C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-12-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-22] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-12-03] (Ellora Assets Corp.) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-10-16] (Hewlett-Packard Co.) [File not signed]
R3 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [223232 2008-10-23] (Hewlett-Packard Development Company, L.P.) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-12-17] ()
R2 TVCapSvc; C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-11-26] ()
R2 TVSched; C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-11-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 ACEDRV05; C:\Windows\system32\drivers\ACEDRV05.sys [97792 2011-02-13] (Protect Software GmbH) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-05-09] (Avira GmbH)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [87536 2008-11-28] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Janine\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 STHDA; system32\DRIVERS\stwrt.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 15:10 - 2015-02-21 15:11 - 00852594 _____ () C:\Users\Janine\Desktop\SecurityCheck.exe
2015-02-21 11:43 - 2015-02-21 11:43 - 00000000 ____D () C:\Program Files\ESET
2015-02-21 11:41 - 2015-02-21 11:42 - 02347384 _____ (ESET) C:\Users\Janine\Downloads\esetsmartinstaller_deu.exe
2015-02-19 21:52 - 2015-02-19 21:54 - 00034564 _____ () C:\Users\Janine\Desktop\Addition.txt
2015-02-19 21:50 - 2015-02-21 15:16 - 00022612 _____ () C:\Users\Janine\Desktop\FRST.txt
2015-02-19 21:48 - 2015-02-19 21:48 - 00001300 _____ () C:\Users\Janine\Desktop\JRT.txt
2015-02-19 21:41 - 2015-02-19 21:41 - 01388274 _____ (Thisisu) C:\Users\Janine\Downloads\JRT.exe
2015-02-19 20:43 - 2015-02-19 21:33 - 00000000 ____D () C:\AdwCleaner
2015-02-19 20:42 - 2015-02-19 20:42 - 02126848 _____ () C:\Users\Janine\Downloads\AdwCleaner_4.111.exe
2015-02-19 20:41 - 2015-02-19 20:41 - 00000270 _____ () C:\Users\Janine\Desktop\mbam.txt
2015-02-19 12:50 - 2015-02-19 12:50 - 00013590 _____ () C:\ComboFix.txt
2015-02-19 12:26 - 2015-02-19 12:50 - 00000000 ____D () C:\Qoobox
2015-02-19 12:26 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-19 12:26 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-19 12:26 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-19 12:26 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-19 12:26 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-19 12:26 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-19 12:26 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-19 12:26 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-19 12:25 - 2015-02-19 12:48 - 00000000 ____D () C:\Windows\erdnt
2015-02-19 12:17 - 2015-02-19 12:18 - 05611903 ____R (Swearware) C:\Users\Janine\Downloads\ComboFix.exe
2015-02-19 11:52 - 2015-02-19 11:52 - 00000694 _____ () C:\Users\Janine\Desktop\Revo Uninstaller.lnk
2015-02-19 11:51 - 2015-02-19 11:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janine\Downloads\revosetup95.exe
2015-02-18 23:11 - 2015-02-19 12:41 - 00002562 _____ () C:\Windows\PFRO.log
2015-02-18 22:28 - 2015-02-19 20:07 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-18 22:28 - 2015-02-18 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-18 22:28 - 2015-02-18 22:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-18 22:28 - 2015-02-18 22:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-18 22:28 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-18 22:28 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-18 22:28 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-18 22:27 - 2015-02-18 22:28 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Janine\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-18 21:35 - 2015-02-18 21:37 - 00038765 _____ () C:\Users\Janine\Downloads\Addition.txt
2015-02-18 21:34 - 2015-02-21 15:16 - 00000000 ____D () C:\FRST
2015-02-18 21:34 - 2015-02-18 22:22 - 00046953 _____ () C:\Users\Janine\Downloads\FRST.txt
2015-02-18 21:32 - 2015-02-18 21:33 - 01126400 _____ (Farbar) C:\Users\Janine\Desktop\FRST.exe
2015-02-18 20:42 - 2015-02-18 20:42 - 00050477 _____ () C:\Users\Janine\Downloads\Defogger.exe
2015-02-17 16:28 - 2015-02-17 16:28 - 00000000 ____D () C:\Users\Janine\AppData\Local\TuneUp Software
2015-02-17 16:22 - 2015-02-17 16:22 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-17 16:14 - 2015-02-17 16:14 - 01270856 _____ (Ellora Assets Corporation ) C:\Users\Janine\Downloads\FreemakeVideoDownloaderSetup.exe
2015-02-15 21:21 - 2015-01-23 04:00 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-15 21:21 - 2015-01-23 03:51 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-13 21:14 - 2014-11-26 03:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 21:12 - 2015-01-09 01:20 - 02063360 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-13 21:11 - 2015-01-13 02:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 21:03 - 2015-01-15 05:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-13 21:02 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 19:56 - 2015-01-14 02:51 - 12371456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 19:56 - 2015-01-14 02:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-11 19:56 - 2015-01-14 02:46 - 09742336 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 19:56 - 2015-01-14 02:43 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 19:56 - 2015-01-14 02:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 19:56 - 2015-01-14 02:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 19:56 - 2015-01-14 02:41 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 19:56 - 2015-01-14 02:41 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 19:56 - 2015-01-14 02:41 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 19:56 - 2015-01-14 02:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-11 19:56 - 2015-01-14 02:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 19:56 - 2015-01-14 02:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 19:56 - 2015-01-14 02:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 19:56 - 2015-01-14 02:40 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 19:56 - 2015-01-14 02:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 19:56 - 2015-01-14 02:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 19:56 - 2015-01-14 02:40 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 19:56 - 2015-01-14 02:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-11 19:56 - 2015-01-14 02:40 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-11 19:56 - 2015-01-14 02:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-02-07 19:04 - 2015-02-07 19:05 - 00000000 ____D () C:\Users\Janine\Desktop\Documents\Heroes of the Storm
2015-02-07 19:01 - 2015-02-07 19:01 - 00000992 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-02-07 19:01 - 2015-02-07 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-02-07 18:13 - 2015-02-17 20:15 - 00000000 ____D () C:\Program Files\Heroes of the Storm
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 14:46 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 14:46 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 14:41 - 2009-03-22 02:38 - 01616447 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 14:33 - 2011-11-07 20:37 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2511529027-747684529-2273676612-1000UA.job
2015-02-21 12:46 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-21 11:33 - 2011-11-07 20:37 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2511529027-747684529-2273676612-1000Core.job
2015-02-19 22:21 - 2006-11-02 14:01 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-19 20:55 - 2009-07-28 19:52 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-02-19 12:50 - 2009-11-07 21:24 - 00000000 ____D () C:\Users\Free YouTube to MP3 Converter
2015-02-19 12:50 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default
2015-02-19 12:50 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2015-02-19 12:43 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2015-02-19 10:56 - 2013-08-16 22:16 - 00000000 ____D () C:\Users\Janine\AppData\Local\CrashDumps
2015-02-18 21:56 - 2009-10-10 09:39 - 00000000 ____D () C:\Windows\Minidump
2015-02-17 22:20 - 2014-02-12 23:43 - 00000000 ____D () C:\Users\Janine\AppData\Local\Battle.net
2015-02-17 16:32 - 2014-01-11 11:55 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-17 16:28 - 2014-01-11 11:58 - 00000000 ____D () C:\Users\Janine\AppData\Roaming\TuneUp Software
2015-02-17 16:17 - 2011-06-19 17:50 - 00000000 ____D () C:\ProgramData\Freemake
2015-02-17 16:16 - 2011-08-13 20:17 - 00001125 _____ () C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2015-02-17 16:16 - 2011-08-13 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-02-16 23:39 - 2009-10-08 20:23 - 00000000 ____D () C:\Users\Janine\AppData\Roaming\Skype
2015-02-13 21:50 - 2006-11-02 13:47 - 00412488 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-13 21:29 - 2013-08-08 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 21:15 - 2006-11-02 11:24 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-02-13 21:14 - 2009-02-26 10:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-13 21:01 - 2014-02-12 23:45 - 00000000 ____D () C:\Program Files\Hearthstone
2015-02-11 19:17 - 2014-08-14 23:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-11 19:17 - 2014-06-01 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-11 19:17 - 2014-06-01 12:05 - 00000000 ____D () C:\Program Files\Avira
2015-02-08 13:53 - 2011-04-10 19:16 - 00000000 ____D () C:\Users\Janine\AppData\Roaming\HpUpdate
2015-02-07 19:24 - 2014-02-12 23:42 - 00000000 ____D () C:\Program Files\Battle.net
2015-02-07 19:04 - 2013-03-04 16:36 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-01-25 20:54 - 2013-03-03 20:33 - 00000000 ____D () C:\World of Warcraft
2015-01-25 20:52 - 2015-01-19 20:41 - 00000805 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
==================== Files in the root of some directories =======
2014-05-07 13:17 - 2014-05-07 13:17 - 0000000 _____ () C:\Users\Janine\AppData\Roaming\gdfw.log
2014-05-07 13:17 - 2014-05-07 13:17 - 0000779 _____ () C:\Users\Janine\AppData\Roaming\gdscan.log
2011-10-21 21:50 - 2011-10-21 21:50 - 0042228 _____ () C:\Users\Janine\AppData\Roaming\UserTile.png
2010-02-04 22:08 - 2010-02-04 22:08 - 0001028 _____ () C:\Users\Janine\AppData\Roaming\WavCodec.wff
2009-07-28 15:03 - 2009-07-28 15:03 - 0000000 _____ () C:\Users\Janine\AppData\Local\AtStart.txt
2009-08-04 16:15 - 2014-02-16 11:04 - 0007512 _____ () C:\Users\Janine\AppData\Local\d3d9caps.dat
2009-07-28 17:39 - 2014-10-01 21:17 - 0065536 _____ () C:\Users\Janine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-25 20:41 - 2015-01-19 15:53 - 0000058 _____ () C:\Users\Janine\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2009-07-28 15:03 - 2009-07-28 15:03 - 0000000 _____ () C:\Users\Janine\AppData\Local\DSwitch.txt
2010-10-15 18:17 - 2010-10-15 18:17 - 0000000 _____ () C:\Users\Janine\AppData\Local\FnF4.txt
2013-06-18 14:14 - 2013-06-18 14:14 - 0000094 _____ () C:\Users\Janine\AppData\Local\fusioncache.dat
2009-07-28 15:03 - 2009-07-28 15:03 - 0000000 _____ () C:\Users\Janine\AppData\Local\QSwitch.txt
2013-09-22 16:30 - 2013-09-22 16:30 - 0008226 _____ () C:\Users\Janine\AppData\Local\tmpIMAGES.0
2013-09-22 16:30 - 2013-09-22 16:30 - 0010307 _____ () C:\Users\Janine\AppData\Local\tmpIMAGES.JPG
2014-09-28 14:30 - 2015-02-21 15:18 - 0086062 _____ () C:\ProgramData\HPWALog.txt
2009-09-17 16:55 - 2010-11-23 16:06 - 0002757 _____ () C:\ProgramData\hpzinstall.log
2009-03-22 03:50 - 2009-03-22 03:50 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-02-26 10:26 - 2009-02-26 10:27 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-03-22 03:48 - 2009-03-22 03:48 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-02-26 10:19 - 2009-02-26 10:20 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-03-22 03:45 - 2009-03-22 03:45 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-03-22 03:49 - 2009-03-22 03:49 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-02-26 10:18 - 2009-02-26 10:19 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-02-26 10:21 - 2009-02-26 10:26 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-03-22 03:50 - 2009-03-22 03:50 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
Files to move or delete:
====================
C:\Users\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
C:\Users\Free YouTube to MP3 Converter\unins000.dat
C:\Users\Free YouTube to MP3 Converter\unins000.exe
Some content of TEMP:
====================
C:\Users\Janine\AppData\Local\temp\avgnt.exe
C:\Users\Janine\AppData\Local\temp\Quarantine.exe
C:\Users\Janine\AppData\Local\temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-21 12:55
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
Ja, habe leider immer noch werbefenster sobald ich eine internetseite öffne..
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
