Hier schon mal 2 Logs; FRST macht Probleme: Line 10181, Error: array variable has incorrect number of subscripts or subscripts dimension range exceeded. Ich versuchee es mit Neustart... Zum Aufruf der alicebox muss ich avast beenden, dann geht es! Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=379b63603832984e9f480eabed2f412e
# engine=16616
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-11 12:15:39
# local_time=2014-01-11 01:15:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 141072389 0 0
# scanned=138630
# found=1
# cleaned=0
# scan_time=1227
sh=B779EBC63BA7F1A472E897B62817CE9E76CFC6E3 ft=0 fh=0000000000000000 vn="INF/Autorun.gen worm" ac=I fn="C:\Documents\GENEVA-ID\BU PoS\PoS-Sammelmappe\pos_demo\autorun.inf" Code:
Results of screen317's Security Check version 0.99.78
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11 ``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus out of date! `````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.9016)
Malwarebytes Anti-Malware Version 1.75.0.1300
Java 7 Update 45
Adobe Flash Player 11.9.900.170
Adobe Reader XI
Mozilla Firefox (Lite.)
Google Chrome 31.0.1650.63 ````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe `````````````````System Health check`````````````````
Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Das FRST-Log kann ich nicht mehr erstellen; es kommt auch nach Löschen, Neustart, Neuladen aus diesem Script, die Fehlermeldung: array variable has incorrect number of subscripts or subcript dimension range exceeded; was kann man da machen? Außerdem lässt sich google.de weiterhin nicht im IE 11 laden. Wie kann man den IE deinstallieren und evtl. neu laden?
ansonsten scheint das System erstmal sauber, Malwarebyte hat heute nichts gefunden.
vielen Dank bisher hierher
Habe auf IE 10 zurückgesetzt, jetzt geht google.de wieder...
Nun ist es doch noch gelungen, neues FRST-Log
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 03
Ran by rolle001 (administrator) on ACERPC on 11-01-2014 16:25:45
Running from C:\Documents\Downloads\FRST-OlderVersion
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(AOL LLC) C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(OrdinarySoft) C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe
(Jumping Bytes) C:\Program Files (x86)\Mobile Master\MMAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(OrdinarySoft) C:\Program Files\Start Menu X\StartMenuX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Vista Start Menu\VistaHookApp.exe
(Jumping Bytes) C:\Program Files (x86)\Mobile Master\MMScan.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Program Files (x86)\Visagesoft\eXPert PDF 6\vspdfprsrv.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\rolle001\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [1840720 2007-09-13] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE [652624 2007-10-25] (CANON INC.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [Ocs_SM] - C:\Users\rolle001\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM-x32\...\Run: [vspdfprsrv.exe] - C:\Program Files (x86)\Visagesoft\eXPert PDF 6\vspdfprsrv.exe [1237504 2010-01-06] ()
HKLM-x32\...\Run: [LexwareInfoService] - C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-26] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKCU\...\Run: [VistaStartMenu] - C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe [2752416 2011-05-24] (OrdinarySoft)
HKCU\...\Run: [MMAgent] - C:\Program Files (x86)\Mobile Master\MMAgent.exe [1392480 2011-06-27] (Jumping Bytes)
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKCU\...\Run: [StartMenuX] - C:\Program Files\Start Menu X\StartMenuX.exe [5269312 2013-11-20] (OrdinarySoft)
HKCU\...\Run: [Philips Intelligent Agent] - C:\Program Files (x86)\Philips\Intelligent Agent\Philips Intelligent Agent.exe [613792 2008-02-21] (Philips Consumer Electronics)
HKCU\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKCU\...\Policies\Explorer: [NoResolveSearch] 1
HKU\Administrator\...\Run: [VistaStartMenu] - C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe [2752416 2011-05-24] (OrdinarySoft)
HKU\Administrator\...\Run: [StartMenuX] - C:\Program Files\Start Menu X\StartMenuX.exe [5269312 2013-11-20] (OrdinarySoft)
HKU\Gast\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\Gast\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\Gast\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKU\Gast\...\Run: [VistaStartMenu] - C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe [2752416 2011-05-24] (OrdinarySoft)
HKU\Gast\...\Run: [Philips Intelligent Agent] - C:\Program Files (x86)\Philips\Intelligent Agent\Philips Intelligent Agent.exe [613792 2008-02-21] (Philips Consumer Electronics)
HKU\Gast\...\Run: [DateiCommander] - C:\Program Files (x86)\DateiCommander12Kompakt\DateiCommander.EXE /a
HKU\Gast\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-02-04] (Google Inc.)
HKU\Gudrun\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\Gudrun\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\Gudrun\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKU\Gudrun\...\Run: [VistaStartMenu] - C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe [2752416 2011-05-24] (OrdinarySoft)
HKU\Gudrun\...\Run: [DateiCommander] - C:\Program Files (x86)\DateiCommander12Kompakt\DateiCommander.EXE /a
Startup: C:\Users\rolle001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\rolle001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\rolle001\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFE5F7B09FE0ACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - No File
URLSearchHook: HKLM-x32 - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
BHO: Speed Test (4354) - {11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} - C:\Program Files (x86)\Speed Test (4354)\ScriptHost64.dll No File
BHO: Free Games (4357) - {2977C29A-6723-4436-90BB-F7C5FDEF88A1} - C:\Program Files (x86)\Free Games (4357)\ScriptHost64.dll No File
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name - {074d3229-0a22-491b-b9dd-ff3171d75f25} - No File
BHO-x32: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
BHO-x32: No Name - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - No File
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Preispilot - {C4415769-1588-4AD6-9624-B2E69DB78D1A} - C:\Program Files (x86)\preispilot\Internet Explorer\preispilot.dll ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} - No File
Toolbar: HKCU - No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - No File
DPF: HKLM {4871A87A-BFDD-4106-8153-FFDE2BAC2967} https://a248.e.akamai.net/f/248/14778/2h/dlmanager.download.akamai.com/14778/dlmanager/versions/activex/dlm-activex64-2.2.6.0.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} hxxp://webmail.geneva-id.com/dwa85W.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn.geneva-id.com/dana-cached/sc/JuniperSetupClient.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\rolle001\AppData\Roaming\Mozilla\Firefox\Profiles\cl3q6zgs.default
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 6092
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "type", 0
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=Solo&Lan=&gu=f299245fa63d4b84a7cf21a1a3cd21cd&tu=11Ih000BQ1B0001&sku=&tstsId=&ver=&
FF SelectedSearchEngine: Search By ZoneAlarm
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_39 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @ei.Maps4PC_0c.com/Plugin - C:\Program Files (x86)\Maps4PC_0cEI\Installr\1.bin\NP0cEISB.dll No File
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @MarineAquarium3Free_57.com/Plugin - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.647 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.647 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.647 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 - C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.17 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.17 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\rolle001\AppData\Roaming\Mozilla\Firefox\Profiles\cl3q6zgs.default\searchplugins\aol-suche.xml
FF SearchPlugin: C:\Users\rolle001\AppData\Roaming\Mozilla\Firefox\Profiles\cl3q6zgs.default\searchplugins\ashampoo-de-customized-web-search.xml
FF SearchPlugin: C:\Users\rolle001\AppData\Roaming\Mozilla\Firefox\Profiles\cl3q6zgs.default\searchplugins\{00A642E7-77C1-4904-BE81-9A9B35CDBD06}.xml
FF SearchPlugin: C:\Users\rolle001\AppData\Roaming\Mozilla\Firefox\Profiles\cl3q6zgs.default\searchplugins\{0FC87824-74FE-4D5B-8DBF-D911B12AE44B}.xml
FF SearchPlugin: C:\Users\rolle001\AppData\Roaming\Mozilla\Firefox\Profiles\cl3q6zgs.default\searchplugins\{A85D976E-4741-4E33-A6B7-72A6AC21F170}.xml
FF Extension: Puzzle - C:\Users\rolle001\AppData\Roaming\Mozilla\Firefox\Profiles\cl3q6zgs.default\Extensions\puzzle@internauta1024a.pl.xpi [2011-11-20]
FF Extension: FlashGot - C:\Users\rolle001\AppData\Roaming\Mozilla\Firefox\Profiles\cl3q6zgs.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-11-20]
FF Extension: Stylish - C:\Users\rolle001\AppData\Roaming\Mozilla\Firefox\Profiles\cl3q6zgs.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2011-11-20]
FF Extension: Adblock Plus - C:\Users\rolle001\AppData\Roaming\Mozilla\Firefox\Profiles\cl3q6zgs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-11-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-07]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-05-28]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-05-08]
FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - C:\Program Files (x86)\Mobile Master\ext\1\
FF Extension: Mobile Master Add-In - C:\Program Files (x86)\Mobile Master\ext\1\ []
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR RestoreOnStartup: "hxxp://www.google.de/", "hxxp://www.aol.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Freemake np-plugin for google chrome) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll ()
CHR Plugin: (Skype Click to Call) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Conduit Chrome Plugin) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_0\plugins/ConduitChromeApiPlugin.dll No File
CHR Plugin: (Conduit Radio Plugin) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.13.20.29_0\plugins/np-cwmp.dll No File
CHR Plugin: (registryAccess) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.15.37265_0\background/registryAccess.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (AppUp) - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Maps4PC Installer Plugin Stub) - C:\Program Files (x86)\Maps4PC_0cEI\Installr\1.bin\NP0cEISB.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nitro PDF plugin for Firefox and Chrome) - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle Broadcaster Plugin) - C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Extension: (Angry Birds) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Freemake Video Downloader) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0
CHR Extension: (avast! Online Security) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0
CHR Extension: (AT_SigersonMorrison) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcpgmpfeoahblfncaooigccakcgngjbh\3_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0
CHR Extension: (Skype Click to Call) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Google Wallet) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Read Your AOL Mail) - C:\Users\rolle001\AppData\Local\Google\Chrome\User Data\Default\Extensions\phgdojkomekmnemlclopfjlmbamhnafp\2.1.0.0_0
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [kckgnnipheglejoddfhekdjpbdbinhmb] - C:\Users\rolle001\AppData\Roaming\SpeedTestAnalysis\SpeedTestAnalysis.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-26] (AVAST Software)
S4 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2011-01-03] (BOONTY)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [74752 2011-12-30] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2011-12-30] (Microsoft)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
S4 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [x]
S2 SmartSvcWMP; D:\Programme\SystemTuner 2011\smartsvc.exe [x]
S2 SysTunerDSrvc; D:\Programme\SystemTuner 2011\STDefragService.exe [x]
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-26] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-26] ()
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 jetdrive; C:\Windows\System32\DRIVERS\jddrv.sys [37464 2010-09-07] (Abelssoft GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2009-07-13] (CACE Technologies)
R3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-21] (Philips Applied Technologies)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-03-20] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-03-20] (RapidSolution Software AG)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SPC620; C:\Windows\System32\drivers\SPC620.sys [581120 2007-09-28] (Philips )
R3 SPC620m; C:\Windows\System32\drivers\SPC620m.sys [8192 2007-09-28] (Philips )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2011-05-07] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
U3 anru99jm; C:\Windows\System32\Drivers\anru99jm.sys [0 ] (Microsoft Corporation)
S3 cpuz132; \??\C:\Users\rolle001\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-10 12:36 - 2014-01-10 12:36 - 00002961 _____ C:\Users\rolle001\Desktop\JRT.txt
2014-01-10 12:30 - 2014-01-10 12:30 - 00000000 ____D C:\Windows\ERUNT
2014-01-09 17:43 - 2014-01-09 17:43 - 00000000 ____D C:\Program Files (x86)\WinHTTrack
2014-01-09 17:27 - 2014-01-09 17:27 - 00000000 ____D C:\Users\rolle001\AppData\Local\Secunia PSI
2014-01-09 17:27 - 2014-01-09 17:27 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-09 16:27 - 2014-01-10 12:23 - 00000000 ____D C:\AdwCleaner
2014-01-09 14:07 - 2014-01-11 16:25 - 00000000 ____D C:\FRST
2014-01-07 14:30 - 2014-01-08 16:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-07 14:29 - 2014-01-08 22:18 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2014-01-07 14:21 - 2014-01-07 14:21 - 00000000 ____D C:\ProgramData\Samsung
2014-01-07 14:20 - 2014-01-08 22:18 - 00000000 ____D C:\Users\rolle001\AppData\Local\genienext
2014-01-07 14:20 - 2014-01-07 14:56 - 00000000 ____D C:\Users\rolle001\AppData\Local\cache
2014-01-07 14:20 - 2014-01-07 14:20 - 00000000 ____D C:\Users\rolle001\.android
2014-01-07 14:20 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2014-01-07 13:13 - 2014-01-08 22:18 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-01-07 13:13 - 2014-01-07 13:13 - 00002305 _____ C:\Users\rolle001\Desktop\Chrome App Launcher.lnk
2014-01-03 11:57 - 2014-01-03 11:57 - 00000000 __SHD C:\found.002
2013-12-26 20:07 - 2013-12-26 20:07 - 00002249 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-26 14:01 - 2013-12-26 14:01 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-22 16:57 - 2013-12-22 16:57 - 00004641 _____ C:\Users\rolle001\AppData\Local\recently-used.xbel
2013-12-19 13:04 - 2013-12-19 18:50 - 00000000 ____D C:\ProgramData\Updater
2013-12-19 13:04 - 2013-12-19 18:50 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-19 13:04 - 2013-12-19 13:04 - 00003256 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-12-18 22:23 - 2013-12-18 22:23 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\Melesta
2013-12-18 22:15 - 2013-12-18 22:15 - 00002903 _____ C:\Users\Public\Desktop\Arizona Rose und die Rätsel der Piraten.lnk
2013-12-18 22:15 - 2013-12-18 22:15 - 00002901 _____ C:\Users\Public\Desktop\Green City - Die Stadt deiner Träume.lnk
2013-12-18 22:15 - 2013-12-18 22:15 - 00002885 _____ C:\Users\Public\Desktop\Ein Yankee unter Rittern 2.lnk
2013-12-17 17:26 - 2013-12-17 17:31 - 00000000 ____D C:\Users\rolle001\AppData\Local\MigsUpdater
2013-12-17 17:26 - 2013-12-17 17:26 - 00004174 _____ C:\Windows\System32\Tasks\MigrationUpdateTask
2013-12-17 17:26 - 2013-12-17 17:26 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\RBotPlus
2013-12-17 12:32 - 2013-12-17 12:32 - 00001255 _____ C:\Users\Public\Desktop\Ashampoo Photo Commander 9.lnk
2013-12-14 15:42 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-14 15:42 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-14 15:42 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-14 15:42 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-14 15:34 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-14 15:34 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-14 15:34 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-14 15:34 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-14 15:34 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-14 15:34 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-14 15:34 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-14 15:34 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-14 15:34 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-14 15:34 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-14 15:34 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-14 15:34 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-14 15:34 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-14 15:34 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-14 15:34 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-14 15:34 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-14 15:34 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-14 15:34 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-14 15:34 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-14 15:34 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-14 15:34 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-14 15:34 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-14 15:34 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-14 15:34 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-14 15:34 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-14 15:34 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-14 15:34 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-14 15:34 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-14 15:34 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-14 15:34 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-14 15:34 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-14 15:20 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-14 15:20 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-14 15:20 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-14 15:20 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-14 15:20 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-14 15:20 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-14 15:20 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-14 15:20 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-14 15:20 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-14 15:20 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-14 15:20 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-14 15:20 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-14 15:20 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-14 15:20 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-14 15:20 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-14 15:20 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-14 15:20 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-14 15:20 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-14 15:20 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
==================== One Month Modified Files and Folders =======
2036-02-07 11:58 - 2012-01-01 15:54 - 00040960 ____R C:\Windows\SysWOW64\VTS_01_0.IFO
2036-02-07 11:58 - 2012-01-01 15:49 - 00040960 ____R C:\Windows\system32\VTS_01_0.IFO
2014-01-11 16:25 - 2014-01-09 14:07 - 00000000 ____D C:\FRST
2014-01-11 16:18 - 2011-06-12 13:03 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{502FFE12-E802-465A-9CC8-080730016AD8}
2014-01-11 16:04 - 2012-09-14 23:34 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\Nitro PDF
2014-01-11 16:04 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2014-01-11 15:21 - 2011-08-19 12:18 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\Dropbox
2014-01-11 15:21 - 2009-07-14 05:51 - 15130340 _____ C:\Windows\setupact.log
2014-01-11 15:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-11 14:51 - 2009-07-14 05:45 - 00019376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-11 14:51 - 2009-07-14 05:45 - 00019376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-11 14:49 - 2011-01-03 19:30 - 01778977 _____ C:\Windows\WindowsUpdate.log
2014-01-11 14:44 - 2012-01-06 23:57 - 00000000 _____ C:\sniffer.log
2014-01-11 14:44 - 2011-04-02 21:33 - 00000000 ____D C:\ProgramData\VMware
2014-01-11 14:43 - 2009-12-26 08:15 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-11 14:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-11 14:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-11 14:15 - 2013-11-25 18:18 - 00026144 _____ C:\Windows\IE11_main.log
2014-01-11 12:47 - 2009-07-14 18:58 - 00704958 _____ C:\Windows\system32\perfh007.dat
2014-01-11 12:47 - 2009-07-14 18:58 - 00151040 _____ C:\Windows\system32\perfc007.dat
2014-01-11 12:47 - 2009-07-14 06:13 - 01630218 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-10 12:36 - 2014-01-10 12:36 - 00002961 _____ C:\Users\rolle001\Desktop\JRT.txt
2014-01-10 12:30 - 2014-01-10 12:30 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 12:23 - 2014-01-09 16:27 - 00000000 ____D C:\AdwCleaner
2014-01-10 12:09 - 2012-10-07 09:06 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-10 12:02 - 2013-03-16 15:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 11:17 - 2013-10-06 08:43 - 00000917 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-09 17:43 - 2014-01-09 17:43 - 00000000 ____D C:\Program Files (x86)\WinHTTrack
2014-01-09 17:27 - 2014-01-09 17:27 - 00000000 ____D C:\Users\rolle001\AppData\Local\Secunia PSI
2014-01-09 17:27 - 2014-01-09 17:27 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-09 16:29 - 2012-12-13 22:27 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2014-01-09 12:27 - 2012-12-13 22:27 - 00000000 ____D C:\Program Files (x86)\Uniblue
2014-01-09 10:44 - 2011-01-03 18:47 - 00000000 ____D C:\Users\rolle001
2014-01-09 10:08 - 2009-10-12 23:53 - 01736058 _____ C:\Windows\PFRO.log
2014-01-09 00:02 - 2010-02-25 21:41 - 00000000 ___RD C:\Users\rolle001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-08 22:50 - 2011-01-03 20:01 - 00001425 _____ C:\Users\rolle001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-08 22:18 - 2014-01-07 14:29 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2014-01-08 22:18 - 2014-01-07 14:20 - 00000000 ____D C:\Users\rolle001\AppData\Local\genienext
2014-01-08 22:18 - 2014-01-07 13:13 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-01-08 22:18 - 2012-11-25 11:50 - 00000000 ____D C:\Users\Administrator
2014-01-08 22:18 - 2012-02-04 17:47 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\eXPert PDF 6
2014-01-08 22:18 - 2011-07-15 10:14 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2014-01-08 22:18 - 2011-01-03 18:47 - 00000000 ____D C:\Users\Gudrun
2014-01-08 22:18 - 2011-01-03 18:47 - 00000000 ____D C:\Users\Gast
2014-01-08 22:18 - 2010-10-01 18:04 - 00000000 ____D C:\Users\rolle001\AppData\Local\Abelssoft
2014-01-08 22:18 - 2010-07-09 19:49 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-08 22:18 - 2009-10-12 23:44 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-08 22:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\spool
2014-01-08 22:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-08 22:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-08 22:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-08 22:17 - 2011-02-04 21:52 - 00000000 ____D C:\ProgramData\Real
2014-01-08 22:17 - 2010-02-25 21:53 - 00000000 ____D C:\Users\rolle001\AppData\Local\Google
2014-01-08 22:17 - 2009-10-12 23:44 - 00000000 ____D C:\ProgramData\Google
2014-01-08 22:17 - 2009-10-12 23:44 - 00000000 ____D C:\Program Files\Google
2014-01-08 22:16 - 2009-10-12 23:37 - 00000000 __RHD C:\MSOCache
2014-01-08 21:58 - 2012-04-22 22:33 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\EurekaLog
2014-01-08 17:07 - 2012-03-26 07:01 - 00001981 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-08 16:29 - 2014-01-07 14:30 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-08 16:29 - 2011-10-16 09:51 - 00000000 ____D C:\Program Files\iTunes
2014-01-08 16:29 - 2011-10-16 09:51 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-07 14:56 - 2014-01-07 14:20 - 00000000 ____D C:\Users\rolle001\AppData\Local\cache
2014-01-07 14:30 - 2011-10-16 09:51 - 00000000 ____D C:\Program Files\iPod
2014-01-07 14:21 - 2014-01-07 14:21 - 00000000 ____D C:\ProgramData\Samsung
2014-01-07 14:20 - 2014-01-07 14:20 - 00000000 ____D C:\Users\rolle001\.android
2014-01-07 14:10 - 2011-12-04 12:55 - 00000000 _____ C:\ProgramData\LauncherAccess.dt
2014-01-07 13:13 - 2014-01-07 13:13 - 00002305 _____ C:\Users\rolle001\Desktop\Chrome App Launcher.lnk
2014-01-05 17:21 - 2010-06-02 21:18 - 00000000 ____D C:\Program Files (x86)\DEUTSCHLAND SPIELT
2014-01-03 14:00 - 2012-04-01 16:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 14:00 - 2010-02-25 23:02 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 14:00 - 2010-02-25 23:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-03 13:11 - 2013-08-10 09:44 - 00002534 _____ C:\Windows\System32\Tasks\PC Fresh
2014-01-03 13:11 - 2013-08-10 09:44 - 00000256 _____ C:\Windows\Tasks\PC Fresh.job
2014-01-03 13:11 - 2012-04-01 16:07 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-03 13:11 - 2010-02-25 23:02 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-03 13:11 - 2010-02-25 23:02 - 00003862 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-03 11:57 - 2014-01-03 11:57 - 00000000 __SHD C:\found.002
2013-12-27 11:50 - 2010-08-13 18:06 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2013-12-27 11:30 - 2010-08-29 11:09 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\Tyre
2013-12-26 20:08 - 2013-06-09 09:24 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2013-12-26 20:07 - 2013-12-26 20:07 - 00002249 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-26 20:06 - 2013-03-02 18:46 - 00210864 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2013-12-26 20:05 - 2013-05-02 10:11 - 00210864 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2013-12-26 14:01 - 2013-12-26 14:01 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-26 14:00 - 2013-03-01 21:37 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-26 14:00 - 2011-05-08 12:15 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-26 14:00 - 2011-01-16 14:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-26 14:00 - 2010-07-09 19:28 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-26 14:00 - 2010-02-25 23:02 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-26 14:00 - 2010-02-25 23:02 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-24 18:13 - 2012-12-14 00:22 - 00000000 ____D C:\Users\rolle001\.gimp-2.8
2013-12-22 19:38 - 2010-02-26 23:11 - 00000000 ____D C:\Corel Draw Cliparts
2013-12-22 16:57 - 2013-12-22 16:57 - 00004641 _____ C:\Users\rolle001\AppData\Local\recently-used.xbel
2013-12-22 12:19 - 2011-08-19 12:19 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-12-19 18:50 - 2013-12-19 13:04 - 00000000 ____D C:\ProgramData\Updater
2013-12-19 18:50 - 2013-12-19 13:04 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-19 18:50 - 2013-12-10 12:44 - 00000000 ____D C:\Program Files (x86)\appbarioDE
2013-12-19 13:04 - 2013-12-19 13:04 - 00003256 _____ C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart
2013-12-19 10:08 - 2011-01-03 20:02 - 00210864 _____ C:\Users\rolle001\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-19 10:07 - 2009-07-14 05:45 - 00839008 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-18 22:23 - 2013-12-18 22:23 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\Melesta
2013-12-18 22:15 - 2013-12-18 22:15 - 00002903 _____ C:\Users\Public\Desktop\Arizona Rose und die Rätsel der Piraten.lnk
2013-12-18 22:15 - 2013-12-18 22:15 - 00002901 _____ C:\Users\Public\Desktop\Green City - Die Stadt deiner Träume.lnk
2013-12-18 22:15 - 2013-12-18 22:15 - 00002885 _____ C:\Users\Public\Desktop\Ein Yankee unter Rittern 2.lnk
2013-12-17 17:31 - 2013-12-17 17:26 - 00000000 ____D C:\Users\rolle001\AppData\Local\MigsUpdater
2013-12-17 17:26 - 2013-12-17 17:26 - 00004174 _____ C:\Windows\System32\Tasks\MigrationUpdateTask
2013-12-17 17:26 - 2013-12-17 17:26 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\RBotPlus
2013-12-17 12:33 - 2010-07-25 14:12 - 00000000 ____D C:\Users\rolle001\AppData\Roaming\Ashampoo
2013-12-17 12:32 - 2013-12-17 12:32 - 00001255 _____ C:\Users\Public\Desktop\Ashampoo Photo Commander 9.lnk
2013-12-17 12:32 - 2013-10-12 10:17 - 00000214 _____ C:\Users\Public\Desktop\Your Software Deals.url
2013-12-17 12:32 - 2010-07-25 14:12 - 00000000 ____D C:\ProgramData\ashampoo
2013-12-17 12:32 - 2010-07-25 14:11 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2013-12-16 09:55 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-16 09:53 - 2013-08-16 02:02 - 00000000 ____D C:\Windows\system32\MRT
2013-12-16 09:50 - 2012-11-25 11:51 - 00001421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-16 09:48 - 2011-02-07 13:46 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 15:42 - 2009-10-12 23:37 - 00000000 ____D C:\ProgramData\Microsoft Help
Files to move or delete:
====================
C:\Users\rolle001\hs.dat
C:\Users\rolle001\hsl.dat
C:\Users\rolle001\hsm.dat
C:\Users\rolle001\hss.dat
C:\Users\rolle001\hsz.dat
C:\Users\rolle001\Murmel.exe
C:\Users\rolle001\nfsXmasDeers.exe
C:\Users\rolle001\sst.dat
C:\Users\rolle001\sta.dat
C:\Users\rolle001\Uninstal.exe
Some content of TEMP:
====================
C:\Users\Gudrun\AppData\Local\Temp\6uham0ef.dll
C:\Users\rolle001\AppData\Local\Temp\6_Offer_15.exe
C:\Users\rolle001\AppData\Local\Temp\APNSetup.exe
C:\Users\rolle001\AppData\Local\Temp\APNStub.exe
C:\Users\rolle001\AppData\Local\Temp\atl100.dll
C:\Users\rolle001\AppData\Local\Temp\avguidx.dll
C:\Users\rolle001\AppData\Local\Temp\BackupSetup.exe
C:\Users\rolle001\AppData\Local\Temp\burnsetup.exe
C:\Users\rolle001\AppData\Local\Temp\dlLogic.exe
C:\Users\rolle001\AppData\Local\Temp\FreemakeVideoDownloader_3.0.0.10.exe
C:\Users\rolle001\AppData\Local\Temp\IERunner.dll
C:\Users\rolle001\AppData\Local\Temp\install_flashplayer11x32ax_gtbp_chrd_au_aih.exe
C:\Users\rolle001\AppData\Local\Temp\install_helper.exe
C:\Users\rolle001\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\rolle001\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\rolle001\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\rolle001\AppData\Local\Temp\msvcp100.dll
C:\Users\rolle001\AppData\Local\Temp\msvcr100.dll
C:\Users\rolle001\AppData\Local\Temp\MyClaroTB.exe
C:\Users\rolle001\AppData\Local\Temp\nitro_reader3_x64.exe
C:\Users\rolle001\AppData\Local\Temp\oi_{E09C2407-03C9-4571-A60C-E087D8450741}.exe
C:\Users\rolle001\AppData\Local\Temp\ose00000.exe
C:\Users\rolle001\AppData\Local\Temp\PCSpeedMaximizer.exe
C:\Users\rolle001\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\rolle001\AppData\Local\Temp\pixsetup.exe
C:\Users\rolle001\AppData\Local\Temp\QQX143E.exe
C:\Users\rolle001\AppData\Local\Temp\Quarantine.exe
C:\Users\rolle001\AppData\Local\Temp\runupdater.exe
C:\Users\rolle001\AppData\Local\Temp\SendMsg.dll
C:\Users\rolle001\AppData\Local\Temp\setup.exe
C:\Users\rolle001\AppData\Local\Temp\setup{4683F1F2-8993-44F4-80A0-4DCE98FE7080}.exe
C:\Users\rolle001\AppData\Local\Temp\tbAva0.dll
C:\Users\rolle001\AppData\Local\Temp\tbedrs.dll
C:\Users\rolle001\AppData\Local\Temp\TB_69AA.exe
C:\Users\rolle001\AppData\Local\Temp\uninst1.exe
C:\Users\rolle001\AppData\Local\Temp\unwise.exe
C:\Users\rolle001\AppData\Local\Temp\vcredist_x64.exe
C:\Users\rolle001\AppData\Local\Temp\vcredist_x86.exe
C:\Users\rolle001\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\rolle001\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\rolle001\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\rolle001\AppData\Local\Temp\zatbSetup_110_000_064.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-09 12:51
==================== End Of Log ============================ --- --- ---
--- --- --- |