Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Mailaccount gesperrt mutmaßlich Spammails (https://www.trojaner-board.de/159267-mailaccount-gesperrt-mutmasslich-spammails.html)

Chip32 01.10.2014 17:38
Mailaccount gesperrt mutmaßlich Spammails
 
Guten Abend .

Hab seit ein paar Monaten in meinen Email Postfach als Emails mit dem Namen Daemon...
Habe sie immer gleich gelöscht . Kein Inhalt aus der Email Heruntergeladen oder sonstiges .
Dann wollte ich gestern meine Emails lesen , da wurde mein Account Gesperrt verdacht auf Spammails. Hab nebenbei auf mein Handy was gemacht , und Zack sagt mir mein Google Konto er könne sich nicht Verbinden ... habe schnell Passwort geändert . Das gleiche bei Ebay auch . Hatte bis dahin kein AntiVir oder eine Andere Firewall als die vom Windows 7 Mircosoft Security usw . Allerding hab ich mir schnell Zonealarm und halt AntiVir geholt auf Free erstmal . Würde mich Freuen wenn ihr mir Helfen könnt dieses "etwas" Los zu werden :D .

Code:
Exportierte Ereignisse:

30.09.2014 23:43 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Asus\AppData\Local\Temp\JDSetup130473345396463485.exe'
      enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen9'
      [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde gelöscht.

30.09.2014 23:43 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\File
      System\002\t\00\00000000'
      enthielt einen Virus oder unerwünschtes Programm 'Adware/InstallRex.S' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde gelöscht.

30.09.2014 22:57 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Asus\AppData\Local\Temp\JDSetup130473345396463485.exe'
      enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen9'
      [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '514f8bf9.qua'
      verschoben!

30.09.2014 22:55 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\File
      System\002\t\00\00000000'
      enthielt einen Virus oder unerwünschtes Programm 'Adware/InstallRex.S' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '51078b75.qua'
      verschoben!

30.09.2014 22:50 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Asus\AppData\Local\Temp\JDSetup130473345396463485.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen9' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

30.09.2014 22:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\File
      System\002\t\00\00000000'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallRex.S' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

30.09.2014 22:45 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\File
      System\002\t\00\00000000'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallRex.S' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

30.09.2014 22:45 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\File
      System\002\t\00\00000000'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallRex.S' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

30.09.2014 22:45 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\File
      System\002\t\00\00000000'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallRex.S' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

30.09.2014 22:45 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\File
      System\002\t\00\00000000'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallRex.S' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

30.09.2014 22:45 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\File
      System\002\t\00\00000000'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallRex.S' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

schrauber 01.10.2014 19:09
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Chip32 01.10.2014 19:50
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014
Ran by Asus (administrator) on ASUS-PC on 01-10-2014 20:40:44
Running from C:\Users\Asus\Desktop
Loaded Profile: Asus (Available profiles: Asus)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-10-29] ()
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-08-12] ()
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2010-10-29] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-05-30] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1786342322-1499335809-2846592369-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1786342322-1499335809-2846592369-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1786342322-1499335809-2846592369-1000\...\MountPoints2: {1e67a7bd-2c53-11e3-b007-20cf30d1a938} - F:\Setup.exe
HKU\S-1-5-21-1786342322-1499335809-2846592369-1000\...\MountPoints2: {73b04489-f499-11e3-b576-20cf30d1a938} - F:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mvlUsu_OOBolmtWKJekyVj1Ji3ft-QzZly_pJDWIpnkpxFkBxK7g4u41zy3YtriWRHSA7EMx8yht3uLUHdBDmzLmBlGPfxXA,,
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402861432&from=cor&uid=ST9320325AS_6VD7427QXXXX6VD7427Q&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402861432&from=cor&uid=ST9320325AS_6VD7427QXXXX6VD7427Q&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1402861432&from=cor&uid=ST9320325AS_6VD7427QXXXX6VD7427Q&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1402861432&from=cor&uid=ST9320325AS_6VD7427QXXXX6VD7427Q&q={searchTerms}
URLSearchHook: HKLM-x32 - (No Name) - {da7f5ae1-3be3-43c0-8098-c1d183616e97} - No File
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0FVXl0_OEPhd8-6g1HQ,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0FVXl0_OEPhd8-6g1HQ,,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {da7f5ae1-3be3-43c0-8098-c1d183616e97} -  No File
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{49C99D73-AFB2-4217-AC49-FB24651C37D2}: [NameServer] 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default
FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mvlUsu_OOBolmtWKJekyVj1Ji3ft-QzZly_pJDWIpnkpxFkBxK7g4u41zy3YtriWRHSA7EMx8yht3uLUHdBDmzLmBlGPfxXA,,
FF SelectedSearchEngine: Web Search
FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q=
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\searchplugins\Web Search.xml
FF Extension: Avira Browser Safety - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Amazon-Icon - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\amazon-icon@giga.de [2014-03-11]
FF Extension: zonealarm.com - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\ffxtlbr@zonealarm.com [2014-06-15]
FF Extension: Slick Savings - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\savingsslider@mybrowserbar.com [2014-05-22]
FF Extension: SecuritaScout_tnjzz20447 - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\tnjzz20447@utcoasiturecsb3.com [2014-06-15]
FF Extension: Start Page - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} [2014-05-22]

Chrome:
=======
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-24]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-24]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-05]
CHR Extension: (Domain Error Helper) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj [2014-05-23]
CHR Extension: (Google Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-24]
CHR Extension: (Avira Browser Safety) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-30]
CHR Extension: (New Tab Assistant) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof [2014-05-23]
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2014-05-23]
CHR Extension: (Yulia Brodskaya) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko [2014-08-31]
CHR Extension: (ZoneAlarm Chrome Toolbar) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek [2014-09-30]
CHR Extension: (No Name) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkilfadjoneaheacgmkahfgcjchkpad [2014-03-11]
CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-24]
CHR HKCU\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Asus\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [2014-02-12]
CHR HKLM-x32\...\Chrome\Extension: [cikkkfooompgefbcjlgdjejfdknkheaj] - C:\Program Files (x86)\Common Files\Spigot\GC\DomainErrorHelper_1.0_0.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [gpiifgmgnfdiblgpaepbmfdkcheicgof] - C:\Program Files (x86)\Common Files\Spigot\GC\nta_1.0_0.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Asus\AppData\Local\Slick Savings\coupons.crx [2014-05-22]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Asus\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-06-01] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5284208 2013-10-30] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] () [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-04-30] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-04-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490592 2014-04-30] (Kaspersky Lab ZAO)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Apple Inc.) [File not signed]
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450968 2014-05-30] (Check Point Software Technologies Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-01 20:40 - 2014-10-01 20:43 - 00028140 _____ () C:\Users\Asus\Desktop\FRST.txt
2014-10-01 20:40 - 2014-10-01 20:40 - 00000000 ____D () C:\FRST
2014-10-01 20:19 - 2014-10-01 20:19 - 00262144 _____ () C:\Windows\system32\config\elam
2014-10-01 20:14 - 2014-10-01 20:14 - 02108928 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2014-10-01 18:31 - 2014-10-01 18:31 - 00007278 _____ () C:\Users\Asus\Desktop\Ereignisse.txt
2014-10-01 16:45 - 2014-10-01 20:35 - 00136830 _____ () C:\Windows\PFRO.log
2014-09-30 22:13 - 2014-09-30 22:14 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-09-30 22:13 - 2014-04-30 11:01 - 00490592 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-30 22:13 - 2014-04-30 11:01 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-30 22:13 - 2014-04-30 11:00 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-09-30 22:12 - 2014-09-30 22:12 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-09-30 22:12 - 2014-09-30 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-09-30 21:59 - 2014-09-30 22:12 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-09-30 21:59 - 2014-09-30 21:59 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Check Point Software Technologies LTD
2014-09-30 21:59 - 2014-09-30 21:59 - 00000000 ____D () C:\Program Files (x86)\Check Point Software Technologies LTD
2014-09-30 21:57 - 2014-09-30 21:57 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Avira
2014-09-30 21:56 - 2014-09-30 21:54 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-30 21:51 - 2014-08-15 10:30 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-09-30 21:51 - 2014-08-15 10:30 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-09-30 21:51 - 2014-08-15 10:30 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-09-30 21:48 - 2014-09-30 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-30 21:48 - 2014-09-30 21:51 - 00000000 ____D () C:\ProgramData\Avira
2014-09-30 21:48 - 2014-09-30 21:51 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-30 21:48 - 2014-09-30 21:48 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-30 20:47 - 2014-09-30 20:47 - 00000098 _____ () C:\Users\Asus\Desktop\Blacklist.rar
2014-09-30 19:32 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:32 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-27 22:17 - 2014-09-29 23:02 - 01624173 _____ () C:\Users\Asus\Desktop\banger.flp
2014-09-23 19:21 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 19:21 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 19:06 - 2014-10-01 20:35 - 00000784 _____ () C:\Windows\setupact.log
2014-09-23 19:06 - 2014-09-23 19:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 19:02 - 2014-09-22 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-09-22 19:01 - 2014-09-22 19:57 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Winamp
2014-09-22 19:01 - 2014-09-22 19:02 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-09-20 23:43 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-20 23:43 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-20 23:43 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-20 23:43 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-20 23:42 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-20 23:42 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-20 23:42 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-20 23:42 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-20 23:42 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-20 23:42 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-20 23:42 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-20 23:42 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-20 23:42 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-20 23:42 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-20 23:42 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-20 23:42 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-20 23:42 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-20 23:42 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-20 23:42 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-20 23:42 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-20 23:42 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-20 23:42 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-20 23:42 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-20 23:42 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-20 23:42 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-20 23:42 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-20 23:42 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-20 23:42 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-20 23:42 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-20 23:42 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-20 23:42 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-20 23:42 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-20 23:42 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-20 23:42 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-20 23:42 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-20 23:42 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-20 23:42 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-20 23:42 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-20 23:42 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-20 23:42 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-20 23:42 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-20 23:42 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-20 23:42 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-20 23:42 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-20 23:42 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-20 23:42 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-20 23:42 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-20 23:42 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-20 23:42 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-20 23:42 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-20 23:42 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-20 23:42 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-20 23:42 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-20 23:42 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-20 23:42 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-20 23:42 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-16 17:15 - 2014-10-01 18:39 - 00000089 _____ () C:\Users\Asus\Desktop\Blacklist.txt
2014-09-11 18:21 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 18:21 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 18:21 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 18:21 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 18:21 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 18:06 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 18:06 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 17:52 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 17:52 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-11 17:34 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 17:34 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-05 22:13 - 2014-09-05 22:14 - 00000000 ____D () C:\Users\Asus\Desktop\AWO
2014-09-05 20:08 - 2014-09-14 20:05 - 01683754 _____ () C:\Users\Asus\Desktop\ff2.flp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-01 20:38 - 2013-03-24 22:26 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-01 20:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-01 20:34 - 2014-06-15 21:46 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-10-01 20:34 - 2010-10-29 01:31 - 01132033 _____ () C:\Windows\WindowsUpdate.log
2014-10-01 20:33 - 2009-02-26 13:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-01 20:04 - 2013-03-24 22:26 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-01 17:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-01 17:00 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-01 17:00 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-30 21:48 - 2013-03-29 01:51 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-29 20:48 - 2009-02-26 12:19 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\vlc
2014-09-29 19:09 - 2013-11-30 23:30 - 00000000 ____D () C:\Users\Asus\Desktop\Programme
2014-09-27 18:36 - 2009-08-04 11:51 - 00700110 _____ () C:\Windows\system32\perfh007.dat
2014-09-27 18:36 - 2009-08-04 11:51 - 00149960 _____ () C:\Windows\system32\perfc007.dat
2014-09-27 18:36 - 2009-07-14 07:13 - 01622124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-27 13:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 17:33 - 2009-02-26 13:06 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-25 17:33 - 2009-02-26 13:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 17:33 - 2009-02-26 13:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-25 17:07 - 2013-03-24 22:27 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-22 20:43 - 2009-02-26 13:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 19:13 - 2014-06-15 17:18 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite
2014-09-22 08:42 - 2013-02-26 17:20 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 12:43 - 2014-08-25 12:34 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-09-20 23:42 - 2013-09-19 22:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 20:39 - 2009-02-26 09:58 - 01596404 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 20:38 - 2009-02-26 12:37 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-11 20:37 - 2013-08-14 20:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 20:37 - 2009-02-26 12:25 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-11 20:37 - 2009-02-26 12:25 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-11 20:37 - 2009-02-26 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-11 20:24 - 2013-02-26 14:50 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-05 23:58 - 2009-02-26 09:59 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\SoftGrid Client
2014-09-05 23:26 - 2014-08-25 12:34 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\FlowStone
2014-09-05 22:23 - 2014-03-08 00:18 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Skype
2014-09-04 21:25 - 2013-11-30 23:30 - 00000000 ____D () C:\Users\Asus\Desktop\Daten Janine u Michael

Some content of TEMP:
====================
C:\Users\Asus\AppData\Local\Temp\avgnt.exe
C:\Users\Asus\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Asus\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Asus\AppData\Local\Temp\ICReinstall_er_win_ent_CB-DL-Manager.exe
C:\Users\Asus\AppData\Local\Temp\mixcraft6-b217-setup.exe
C:\Users\Asus\AppData\Local\Temp\nse134D.exe
C:\Users\Asus\AppData\Local\Temp\nsj873.exe
C:\Users\Asus\AppData\Local\Temp\nsjC086.exe
C:\Users\Asus\AppData\Local\Temp\nso4790.exe
C:\Users\Asus\AppData\Local\Temp\nsoB954.exe
C:\Users\Asus\AppData\Local\Temp\nsz1CEF.exe
C:\Users\Asus\AppData\Local\Temp\nszC6FD.exe
C:\Users\Asus\AppData\Local\Temp\patch-series-all-217.exe
C:\Users\Asus\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Asus\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Asus\AppData\Local\Temp\TUUUninstallHelper.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-27 13:25

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

_________________

Additional
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014
Ran by Asus at 2014-10-01 20:44:11
Running from C:\Users\Asus\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: ZoneAlarm Antivirus (Disabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Disabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acoustica Mixcraft 6 (HKLM-x32\...\Acoustica Mixcraft 6) (Version: b217 - Acoustica)
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4015 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.4015 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0006 - ASUS)
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Boingo Wi-Fi (HKLM-x32\...\{B653A2EC-D816-4498-A4FD-651047AB9DC9}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
Car Mechanic Simulator 2014 (HKLM-x32\...\Steam App 270850) (Version:  - PlayWay S.A.)
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.63 - Conexant)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.8 - ASUS)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.1606_25588 - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.0.1606_25588 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2609a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.2609a - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3009.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3009.50 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
ETDWare PS/2-x64 7.0.5.13_WHQL (HKLM\...\Elantech) (Version: 7.0.5.13 - ELAN Microelectronics Corp.)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.6.1.0536 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless WiFi Software Driver (Version: 15.06.1000.0167 - Intel Corporation) Hidden
Intel(R) Wireless Display (HKLM\...\{C298FF86-AB23-4B58-AC53-A23383C07B3A}) (Version: 1.2.20.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{fad118b4-798f-4755-9e67-a622eec95b62}) (Version: 15.6.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 19.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 19.0.2 (x86 de)) (Version: 19.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 19.0.2 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
SecuritaScout (HKLM-x32\...\SecuritaScout) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.54000.207 - Sonix)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 7 Codec Pack 4.0.9 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.18 - ASUS)
ZoneAlarm Antivirus (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.2.015.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKCU\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

30-09-2014 17:55:56 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06FE80CD-54A3-4DA4-8959-CD9634EB7377} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-24] (Google Inc.)
Task: {0DC7FC4C-FB7C-4E33-B04A-A081A892B2FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: {104CDAFF-C5D9-4957-833B-1B06E876F746} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {406D895A-9E3A-4B88-80D3-4193EF366DAA} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-06-09] (asus)
Task: {5C237872-3A27-4070-BE28-55E86FAAF9A3} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {69F7CC71-5B43-4D5B-A8C0-A0D8FF5C5797} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: {7E5DF20F-DFE1-4182-82BC-6EA14E4E9E64} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {917A688B-41D6-4CBD-8C0A-3AD958B34E87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-24] (Google Inc.)
Task: {99F88560-1E2E-46F8-825D-D134B518224D} - System32\Tasks\{27CA8CC9-1CB4-4B00-8B70-37CFDDDB9EF5} => C:\Users\Asus\Desktop\Street Legal Racing(www.fullypcgames.net)\StreetLegal_Redline.exe
Task: {9B3973DD-8A5F-4295-8D9A-65FFFBA0828D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {A1273154-4870-47AD-B804-32AF63310D4D} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {C1D203D2-8B42-4A40-91A5-BC50364E3CF0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-01-11 19:27 - 2010-01-11 19:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-06 03:22 - 2010-05-06 03:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2013-08-29 21:36 - 2013-08-29 21:36 - 00048200 _____ () C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
2010-10-29 01:44 - 2010-04-06 08:29 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-08-12 04:46 - 2010-08-12 04:46 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-09-25 17:07 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 17:07 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 17:07 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 17:07 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 17:07 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:A1EDB939

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1786342322-1499335809-2846592369-500 - Administrator - Disabled)
Asus (S-1-5-21-1786342322-1499335809-2846592369-1000 - Administrator - Enabled) => C:\Users\Asus
Gast (S-1-5-21-1786342322-1499335809-2846592369-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2014 04:57:43 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (09/30/2014 09:34:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.6.0.0, Zeitstempel: 0x5115a519
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0xd14
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (09/27/2014 06:32:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.6.0.0, Zeitstempel: 0x5115a519
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.6.0.0, Zeitstempel: 0x5115a44c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026990
ID des fehlerhaften Prozesses: 0xd1c
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (09/27/2014 01:31:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/27/2014 01:07:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm winamp.exe, Version 5.6.6.3516 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3ec

Startzeit: 01cfda3dfbf3751f

Endzeit: 15

Anwendungspfad: C:\Program Files (x86)\Winamp\winamp.exe

Berichts-ID: 7b48e7b3-4636-11e4-9dc4-20cf30d1a938

Error: (09/26/2014 09:08:44 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (09/26/2014 08:59:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.6.0.0, Zeitstempel: 0x5115a519
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.6.0.0, Zeitstempel: 0x5115a44c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026990
ID des fehlerhaften Prozesses: 0xd28
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (09/24/2014 09:34:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.6.0.0, Zeitstempel: 0x5115a519
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0xcb4
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (09/23/2014 07:06:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.6.0.0, Zeitstempel: 0x5115a519
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0xa18
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (09/22/2014 08:43:09 PM) (Source: MsiInstaller) (EventID: 1024) (User: Asus-PC)
Description: Produkt: Adobe Reader XI (11.0.08) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011009}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (10/01/2014 08:40:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde mit folgendem Fehler beendet:
%%-2147196306

Error: (10/01/2014 08:38:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}

Error: (10/01/2014 08:37:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (10/01/2014 08:26:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde mit folgendem Fehler beendet:
%%5

Error: (10/01/2014 08:22:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde mit folgendem Fehler beendet:
%%5

Error: (10/01/2014 08:20:02 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}5{3AD05575-8857-4850-9277-11B85BDB8E09}

Error: (10/01/2014 08:20:01 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\igfxsrvc.exe -Embedding5{078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (10/01/2014 08:19:35 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/01/2014 04:53:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (09/30/2014 09:34:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (10/01/2014 04:57:43 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (09/30/2014 09:34:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.6.0.05115a519ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4d1401cfdce56cd9cfe9C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Windows\SYSTEM32\ntdll.dllbaa456ad-48d8-11e4-859e-20cf30d1a938

Error: (09/27/2014 06:32:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.6.0.05115a519MurocApi.dll15.6.0.05115a44cc00000050000000000026990d1c01cfda709ea3ecb6C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dlle82fd71c-4663-11e4-8ee9-20cf30d1a938

Error: (09/27/2014 01:31:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"c:\program files (x86)\windows live\messenger\wlcsdk.exe

Error: (09/27/2014 01:07:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: winamp.exe5.6.6.35163ec01cfda3dfbf3751f15C:\Program Files (x86)\Winamp\winamp.exe7b48e7b3-4636-11e4-9dc4-20cf30d1a938

Error: (09/26/2014 09:08:44 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (09/26/2014 08:59:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.6.0.05115a519MurocApi.dll15.6.0.05115a44cc00000050000000000026990d2801cfd95747feede2C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll9a9f5f9c-454a-11e4-914f-20cf30d1a938

Error: (09/24/2014 09:34:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.6.0.05115a519ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4cb401cfd82e709aa936C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Windows\SYSTEM32\ntdll.dllbf975709-4421-11e4-9290-20cf30d1a938

Error: (09/23/2014 07:06:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.6.0.05115a519ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4a1801cfd750b7a79e8fC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Windows\SYSTEM32\ntdll.dll03fcdaf0-4344-11e4-8e44-20cf30d1a938

Error: (09/22/2014 08:43:09 PM) (Source: MsiInstaller) (EventID: 1024) (User: Asus-PC)
Description: Adobe Reader XI (11.0.08) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
Percentage of memory in use: 88%
Total physical RAM: 2924.57 MB
Available physical RAM: 334.23 MB
Total Pagefile: 5847.31 MB
Available Pagefile: 2897.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:72.69 GB) (Free:15.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Sicherung) (Fixed) (Total:205.87 GB) (Free:132.76 GB) NTFS
Drive e: (HAENDE_WEG_VON_MISSISSIPPI) (CDROM) (Total:8.86 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0237A506)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=72.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=205.9 GB) - (Type=OF Extended)

==================== End Of Log ============================
Hab ZoneAlarm noch mal Prüfen lassen , er hatte auch nochmal was gefunden und bereinigt .

schrauber 02.10.2014 17:02
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Chip32 02.10.2014 21:10
Code:
ComboFix 14-10-02.01 - Asus 02.10.2014  21:09:50.1.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.2925.1221 [GMT 2:00]
ausgeführt von:: C:\Users\Asus\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: ZoneAlarm Antivirus *Disabled/Updated* {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
FW: ZoneAlarm Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}


((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))


C:\eSupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini
C:\Program Files (x86)\Adobe\Photoshop.exe
C:\Program Files (x86)\Adobe\SHFOLDER.dll
C:\ProgramData\Roaming
C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\result.html
C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\result.xml
C:\Users\Asus\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
C:\Windows\msvcr71.dll
C:\Windows\XSxS


(((((((((((((((((((((((  Dateien erstellt von 2014-09-02 bis 2014-10-02  ))))))))))))))))))))))))))))))


2014-10-02 19:25:19 . 2014-10-02 19:25:19        --------        d-----w-        C:\Users\Default\AppData\Local\temp
2014-10-01 18:40:16 . 2014-10-01 18:46:25        --------        d-----w-        C:\FRST
2014-10-01 15:36:07 . 2014-09-20 18:44:24        1188440        ----a-w-        C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{88A99EDB-F283-4E21-B6D9-38FEAE3FC37B}\gapaengine.dll
2014-10-01 15:28:31 . 2014-09-09 02:05:58        11578928        ----a-w-        C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CA740367-B8EC-4D87-A5A8-3E65AABFCAC2}\mpengine.dll
2014-09-30 20:13:25 . 2014-04-30 09:00:58        7717984        ----a-w-        C:\Windows\system32\drivers\kl1.sys
2014-09-30 20:13:20 . 2014-04-30 09:01:00        92768        ----a-w-        C:\Windows\system32\drivers\klflt.sys
2014-09-30 20:13:20 . 2014-04-30 09:01:00        490592        ----a-w-        C:\Windows\system32\drivers\klif.sys
2014-09-30 19:59:23 . 2014-09-30 19:59:23        --------        d-----w-        C:\Program Files (x86)\Check Point Software Technologies LTD
2014-09-30 19:59:16 . 2014-09-30 19:59:22        --------        d-----w-        C:\Users\Asus\AppData\Roaming\Check Point Software Technologies LTD
2014-09-30 19:59:11 . 2014-09-30 20:12:04        --------        d-----w-        C:\Program Files (x86)\CheckPoint
2014-09-30 19:57:59 . 2014-09-30 19:57:59        --------        d-----w-        C:\Users\Asus\AppData\Roaming\Avira
2014-09-30 19:56:36 . 2014-09-30 19:54:25        42040        ----a-w-        C:\Windows\system32\drivers\avnetflt.sys
2014-09-30 19:51:54 . 2014-08-15 08:30:05        28600        ----a-w-        C:\Windows\system32\drivers\avkmgr.sys
2014-09-30 19:51:53 . 2014-08-15 08:30:05        130584        ----a-w-        C:\Windows\system32\drivers\avipbb.sys
2014-09-30 19:51:53 . 2014-08-15 08:30:04        117712        ----a-w-        C:\Windows\system32\drivers\avgntflt.sys
2014-09-30 19:48:27 . 2014-09-30 19:51:50        --------        d-----w-        C:\Program Files (x86)\Avira
2014-09-30 19:48:26 . 2014-09-30 19:51:50        --------        d-----w-        C:\ProgramData\Avira
2014-09-30 17:32:36 . 2014-09-25 02:08:38        371712        ----a-w-        C:\Windows\system32\qdvd.dll
2014-09-30 17:32:36 . 2014-09-25 01:40:50        519680        ----a-w-        C:\Windows\SysWow64\qdvd.dll
2014-09-29 20:07:44 . 2014-09-09 02:05:58        11578928        ----a-w-        C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-09-23 17:21:43 . 2014-09-09 22:11:04        2048        ----a-w-        C:\Windows\system32\tzres.dll
2014-09-23 17:21:43 . 2014-09-09 21:47:10        2048        ----a-w-        C:\Windows\SysWow64\tzres.dll
2014-09-22 17:02:06 . 2014-09-22 17:02:06        --------        d-----w-        C:\Program Files (x86)\Common Files\PX Storage Engine
2014-09-22 17:01:59 . 2014-09-22 17:57:45        --------        d-----w-        C:\Users\Asus\AppData\Roaming\Winamp
2014-09-22 17:01:59 . 2014-09-22 17:02:37        --------        d-----w-        C:\Program Files (x86)\Winamp
2014-09-20 21:42:59 . 2014-08-18 22:29:35        4096        ----a-w-        C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 16:21:18 . 2014-07-07 02:06:35        728064        ----a-w-        C:\Windows\system32\kerberos.dll
2014-09-11 16:21:17 . 2014-07-07 02:06:35        1460736        ----a-w-        C:\Windows\system32\lsasrv.dll
2014-09-11 16:21:17 . 2014-07-07 01:40:21        22016        ----a-w-        C:\Windows\SysWow64\secur32.dll
2014-09-11 16:21:17 . 2014-07-07 01:40:12        550912        ----a-w-        C:\Windows\SysWow64\kerberos.dll
2014-09-11 16:21:17 . 2014-07-07 01:39:16        96768        ----a-w-        C:\Windows\SysWow64\sspicli.dll
2014-09-11 16:06:33 . 2014-08-01 11:53:22        1031168        ----a-w-        C:\Windows\system32\TSWorkspace.dll
2014-09-11 16:06:33 . 2014-08-01 11:35:06        793600        ----a-w-        C:\Windows\SysWow64\TSWorkspace.dll
2014-09-11 15:52:39 . 2014-06-24 03:29:36        2565120        ----a-w-        C:\Windows\system32\d3d10warp.dll
2014-09-11 15:52:39 . 2014-06-24 02:59:49        1987584        ----a-w-        C:\Windows\SysWow64\d3d10warp.dll
2014-09-11 15:34:30 . 2014-06-27 02:08:12        2777088        ----a-w-        C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 15:34:30 . 2014-06-27 01:45:52        2285056        ----a-w-        C:\Windows\SysWow64\msmpeg2vdec.dll
.


((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-09-25 15:33:31 . 2009-02-26 11:06:10        701104        ----a-w-        C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-25 15:33:31 . 2009-02-26 11:06:09        71344        ----a-w-        C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-22 06:42:39 . 2013-02-26 15:20:50        278152        ------w-        C:\Windows\system32\MpSigStub.exe
2014-09-20 18:44:24 . 2013-12-19 19:54:01        1188440        ----a-w-        C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-09-11 18:24:44 . 2013-02-26 12:50:28        101694776        ----a-w-        C:\Windows\system32\MRT.exe
2014-08-23 02:07:00 . 2014-08-29 18:44:01        404480        ----a-w-        C:\Windows\system32\gdi32.dll
2014-08-23 01:45:55 . 2014-08-29 18:44:01        311808        ----a-w-        C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 . 2014-08-29 18:44:01        3163648        ----a-w-        C:\Windows\system32\win32k.sys
2014-07-25 00:35:46 . 2014-07-25 00:35:46        875688        ----a-w-        C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47:06 . 2014-07-24 21:47:06        869544        ----a-w-        C:\Windows\system32\msvcr120_clr0400.dll
2014-07-17 16:05:06 . 2014-07-17 16:05:06        269008        ----a-w-        C:\Windows\system32\drivers\MpFilter.sys
2014-07-17 16:05:06 . 2011-04-27 14:25:24        125584        ----a-w-        C:\Windows\system32\drivers\NisDrvWFP.sys
2014-07-14 02:02:45 . 2014-08-14 18:09:26        1216000        ----a-w-        C:\Windows\system32\rpcrt4.dll
2014-07-14 01:40:58 . 2014-08-14 18:09:26        664064        ----a-w-        C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23 . 2014-08-14 18:11:32        7168        ----a-w-        C:\Windows\system32\KBDYAK.DLL
2014-07-09 02:03:23 . 2014-08-14 18:11:32        7168        ----a-w-        C:\Windows\system32\KBDTAT.DLL
2014-07-09 02:03:23 . 2014-08-14 18:11:32        7168        ----a-w-        C:\Windows\system32\KBDRU1.DLL
2014-07-09 02:03:23 . 2014-08-14 18:11:32        6656        ----a-w-        C:\Windows\system32\KBDRU.DLL
2014-07-09 02:03:22 . 2014-08-14 18:11:32        7168        ----a-w-        C:\Windows\system32\KBDBASH.DLL
2014-07-09 01:31:42 . 2014-08-14 18:11:32        7168        ----a-w-        C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 . 2014-08-14 18:11:32        6656        ----a-w-        C:\Windows\SysWow64\KBDBASH.DLL
Ist das System Schwer befallen? Gibts noch Hoffung oder doch eher Formatieren?

schrauber 03.10.2014 15:46
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Chip32 03.10.2014 20:30
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 03.10.2014
Suchlauf-Zeit: 20:29:35
Logdatei: Malesuchvrl.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.10.03.05
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Asus

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 318768
Verstrichene Zeit: 21 Min, 31 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 13
PUP.Optional.Spigot.A, HKLM\SOFTWARE\CLASSES\CLSID\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}, In Quarantäne, [90c1d23e97e53df91e64c4d18b77cb35],
PUP.Optional.Snapdo.T, HKU\S-1-5-21-1786342322-1499335809-2846592369-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Löschen bei Neustart, [b79a4dc35428c670401bd5fcc240fb05],
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [b79a4dc35428c670401bd5fcc240fb05],
PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsProtectManger, In Quarantäne, [7fd2090793e979bd3a39d846da29ab55],
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [5ff2030d9ddf00360291e489798b53ad],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj, In Quarantäne, [a0b146cad4a8171f88b3df4d8f74f907],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, In Quarantäne, [c48dd13ff4884bebce6ffd2fa36040c0],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp, In Quarantäne, [d37e6ea2710b270f6ad405279c676a96],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, In Quarantäne, [361bc749720a42f43e94ce44c3406898],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [db767b95e29afd3930d536dde02347b9],
PUP.Optional.Spigot.A, HKU\S-1-5-21-1786342322-1499335809-2846592369-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Löschen bei Neustart, [232ebf519fdd6ec8c15d1960798b20e0],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1786342322-1499335809-2846592369-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Löschen bei Neustart, [a4adbb55fa82191d407b4ff3d82b847c],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1786342322-1499335809-2846592369-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Löschen bei Neustart, [d180838d0478ae8846d1a4b51ee6ee12],

Registrierungswerte: 6
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [0a47729e92ea6acc297d9b76649fe719]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [f0617a963547d5618026c74ac04343bd]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, In Quarantäne, [361bc749720a42f43e94ce44c3406898]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, cor, In Quarantäne, [db767b95e29afd3930d536dde02347b9]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1786342322-1499335809-2846592369-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0V1D1S1R1D0V1O, Löschen bei Neustart, [d180838d0478ae8846d1a4b51ee6ee12]
PUP.Optional.Snapdo.T, HKU\S-1-5-21-1786342322-1499335809-2846592369-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, Löschen bei Neustart, [252c52be98e462d41e3f3be0ff04ff01]

Registrierungsdaten: 7
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1402861432&from=cor&uid=ST9320325AS_6VD7427QXXXX6VD7427Q&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1402861432&from=cor&uid=ST9320325AS_6VD7427QXXXX6VD7427Q&q={searchTerms}),Ersetzt,[d18032de8cf0b482eada14fedc297f81]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1402861432&from=cor&uid=ST9320325AS_6VD7427QXXXX6VD7427Q&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1402861432&from=cor&uid=ST9320325AS_6VD7427QXXXX6VD7427Q&q={searchTerms}),Ersetzt,[133e0010611b15210b9d64a38d78c23e]
PUP.Optional.HelperBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0FVXl0_OEPhd8-6g1HQ,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0FVXl0_OEPhd8-6g1HQ,,&q={searchTerms}),Ersetzt,[d77a58b84b31d75feb95739529dc649c]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-1786342322-1499335809-2846592369-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mvlUsu_OOBolmtWKJekyVj1Ji3ft-QzZly_pJDWIpnkpxFkBxK7g4u41zy3YtriWRHSA7EMx8yht3uLUHdBDmzLmBlGPfxXA,,, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mvlUsu_OOBolmtWKJekyVj1Ji3ft-QzZly_pJDWIpnkpxFkBxK7g4u41zy3YtriWRHSA7EMx8yht3uLUHdBDmzLmBlGPfxXA,,),Löschen bei Neustart,[ff5211ff0b713ff7681c1eea669f659b]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-1786342322-1499335809-2846592369-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q={searchTerms}),Löschen bei Neustart,[76db937daece1026e69fed1b0302f10f]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-1786342322-1499335809-2846592369-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q={searchTerms}),Löschen bei Neustart,[59f8838d1864c373691dff09fa0bb44c]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-1786342322-1499335809-2846592369-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q={searchTerms}),Löschen bei Neustart,[c38ec34d55270c2ad4ad19ef54b146ba]

Ordner: 32
PUP.Optional.OpenCandy, C:\Users\Asus\AppData\Roaming\OpenCandy, In Quarantäne, [89c8ce427b01dd59322110d1cb374cb4],
PUP.Optional.OpenCandy, C:\Users\Asus\AppData\Roaming\OpenCandy\2FE4866EEE1C4558BF02E145A76D7C2E, In Quarantäne, [89c8ce427b01dd59322110d1cb374cb4],
PUP.Optional.OpenCandy, C:\Users\Asus\AppData\Roaming\OpenCandy\686615BB7D7E435B8F40982BFA016783, In Quarantäne, [89c8ce427b01dd59322110d1cb374cb4],
PUP.Optional.OpenCandy, C:\Users\Asus\AppData\Roaming\OpenCandy\86C9C52A3A444248AE025F2AF7BAFC62, In Quarantäne, [89c8ce427b01dd59322110d1cb374cb4],
PUP.Optional.OpenCandy, C:\Users\Asus\AppData\Roaming\OpenCandy\BFC16944F10A4F5F988233B03583C03D, In Quarantäne, [89c8ce427b01dd59322110d1cb374cb4],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com\chrome, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com\chrome\content, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj, In Quarantäne, [7fd2f41c5725092db3830ee15da5bd43],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0, In Quarantäne, [7fd2f41c5725092db3830ee15da5bd43],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1\_metadata, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\css, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\Img, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\_metadata, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cikkkfooompgefbcjlgdjejfdknkheaj, In Quarantäne, [57fabd533745d066800312e20002c040],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof, In Quarantäne, [7dd47799a6d66bcb7f059b598c768977],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj, In Quarantäne, [1d3460b004780135f68fc52f6b9735cb],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, In Quarantäne, [b39e9080b2ca05312dcf45b19072ed13],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [b39e9080b2ca05312dcf45b19072ed13],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, In Quarantäne, [4c05d23eaad21323f9a6af48748e47b9],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, In Quarantäne, [4c05d23eaad21323f9a6af48748e47b9],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, In Quarantäne, [4c05d23eaad21323f9a6af48748e47b9],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot, In Quarantäne, [fc551ef24d2f75c1f674fc0b649f867a],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC, In Quarantäne, [fc551ef24d2f75c1f674fc0b649f867a],

Dateien: 101
PUP.Optional.Conduit.A, C:\Users\Asus\AppData\Roaming\OpenCandy\686615BB7D7E435B8F40982BFA016783\sp-downloader.exe, In Quarantäne, [52ffba56adcf8ea8ad670926b24f0bf5],
PUP.Optional.OpenCandy.A, C:\Users\Asus\AppData\Roaming\OpenCandy\BFC16944F10A4F5F988233B03583C03D\dlm.exe, In Quarantäne, [3c1512fe413b092d33a341f0e120ce32],
PUP.Optional.SmartBar.A, C:\Users\Asus\AppData\Roaming\OpenCandy\BFC16944F10A4F5F988233B03583C03D\LinkuryYAHOO_RBCB_p4v7.exe, In Quarantäne, [b89929e7b5c742f4b49387ffbc45867a],
PUP.Optional.SmartBar.A, C:\Users\Asus\AppData\Roaming\OpenCandy\BFC16944F10A4F5F988233B03583C03D\Packer.exe, In Quarantäne, [4d0412fe94e867cf2621e3a358a99c64],
PUP.Optional.Conduit.A, C:\Program Files (x86)\WhiteSmoke_New_V6\WhiteSmoke_New_V6ToolbarHelper.exe, In Quarantäne, [bf92d33d1c604ee84c1c58c6738db749],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI1BE9.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [4a07a36d0478132349089a945aa607f9],
PUP.Optional.SmartBar, C:\Windows\Installer\MSIC961.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [6ae72ee2bdbfab8bb99863cbf907f907],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI5C36.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [a4ad2ee21d5fa690f55cc06eec14ce32],
PUP.Optional.WebSearch.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\searchplugins\Web Search.xml, In Quarantäne, [91c09d73fa8294a20aead167e41f6a96],
PUP.Optional.OpenCandy, C:\Users\Asus\AppData\Roaming\OpenCandy\2FE4866EEE1C4558BF02E145A76D7C2E\WS_p4v1_2CB.exe, In Quarantäne, [89c8ce427b01dd59322110d1cb374cb4],
PUP.Optional.OpenCandy, C:\Users\Asus\AppData\Roaming\OpenCandy\BFC16944F10A4F5F988233B03583C03D\4649.ico, In Quarantäne, [89c8ce427b01dd59322110d1cb374cb4],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6\GottenAppsContextMenu.xml, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6\hk64tbWhit.dll, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6\hktbWhit.dll, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6\ldrtbWhit.dll, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6\OtherAppsContextMenu.xml, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6\prxtbWhit.dll, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6\SharedAppsContextMenu.xml, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6\tbWhit.dll, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6\toolbar.cfg, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.WhiteSmoke.A, C:\Program Files (x86)\WhiteSmoke_New_V6\ToolbarContextMenu.xml, In Quarantäne, [e17014fcf28a2a0c601bb929936f2ed2],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com\chrome.manifest, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com\icon.png, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com\install.rdf, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com\chrome\content\config.json, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com\chrome\content\main.js, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com\chrome\content\savingsslider.js, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com\chrome\content\savingsslider.xul, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.SavingsSlider.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com\chrome\content\spigot.js, In Quarantäne, [87cae42cea920d29f715a047af53ec14],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome.manifest, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\icon.png, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\install.rdf, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\config.json, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\main.js, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\main.xul, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\newtab.xul, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\prefs.txt, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\redirects.js, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\spigot.js, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content\startpage.js, In Quarantäne, [450c3ed2df9d2313ac422ebd2bd7d32d],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\background.js, In Quarantäne, [7fd2f41c5725092db3830ee15da5bd43],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-128.png, In Quarantäne, [7fd2f41c5725092db3830ee15da5bd43],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-19.png, In Quarantäne, [7fd2f41c5725092db3830ee15da5bd43],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-48.png, In Quarantäne, [7fd2f41c5725092db3830ee15da5bd43],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\manifest.json, In Quarantäne, [7fd2f41c5725092db3830ee15da5bd43],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1\background.html, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1\background.js, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1\config.json, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1\deh-128.png, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1\deh-19.png, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1\deh-48.png, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1\manifest.json, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1\util.js, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj\1.1_1\_metadata\verified_contents.json, In Quarantäne, [f65b51bf23598aacee93b440e61c3ec2],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\background.html, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\background.js, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\config.json, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\empty-favicon.ico, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\jquery.js, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\manifest.json, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\newtab.html, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\newtab.js, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\nta-128.png, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\nta-48.png, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\redirect.html, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\redirect.js, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\util.js, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\css\newtab.css, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\Img\no_thumb.png, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\Img\search-icon.png, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof\1.1_0\_metadata\verified_contents.json, In Quarantäne, [08495ab6fb81ed49532fa54f0ff36799],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cikkkfooompgefbcjlgdjejfdknkheaj\000005.ldb, In Quarantäne, [57fabd533745d066800312e20002c040],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cikkkfooompgefbcjlgdjejfdknkheaj\000078.log, In Quarantäne, [57fabd533745d066800312e20002c040],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cikkkfooompgefbcjlgdjejfdknkheaj\CURRENT, In Quarantäne, [57fabd533745d066800312e20002c040],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cikkkfooompgefbcjlgdjejfdknkheaj\LOCK, In Quarantäne, [57fabd533745d066800312e20002c040],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cikkkfooompgefbcjlgdjejfdknkheaj\LOG, In Quarantäne, [57fabd533745d066800312e20002c040],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cikkkfooompgefbcjlgdjejfdknkheaj\LOG.old, In Quarantäne, [57fabd533745d066800312e20002c040],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cikkkfooompgefbcjlgdjejfdknkheaj\MANIFEST-000077, In Quarantäne, [57fabd533745d066800312e20002c040],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\000005.ldb, In Quarantäne, [7dd47799a6d66bcb7f059b598c768977],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\000032.ldb, In Quarantäne, [7dd47799a6d66bcb7f059b598c768977],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\000079.log, In Quarantäne, [7dd47799a6d66bcb7f059b598c768977],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\CURRENT, In Quarantäne, [7dd47799a6d66bcb7f059b598c768977],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\LOCK, In Quarantäne, [7dd47799a6d66bcb7f059b598c768977],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\LOG, In Quarantäne, [7dd47799a6d66bcb7f059b598c768977],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\LOG.old, In Quarantäne, [7dd47799a6d66bcb7f059b598c768977],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\MANIFEST-000078, In Quarantäne, [7dd47799a6d66bcb7f059b598c768977],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\000005.ldb, In Quarantäne, [1d3460b004780135f68fc52f6b9735cb],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\000076.log, In Quarantäne, [1d3460b004780135f68fc52f6b9735cb],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\CURRENT, In Quarantäne, [1d3460b004780135f68fc52f6b9735cb],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOCK, In Quarantäne, [1d3460b004780135f68fc52f6b9735cb],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG, In Quarantäne, [1d3460b004780135f68fc52f6b9735cb],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG.old, In Quarantäne, [1d3460b004780135f68fc52f6b9735cb],
PUP.Optional.Spigot.A, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\MANIFEST-000075, In Quarantäne, [1d3460b004780135f68fc52f6b9735cb],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, In Quarantäne, [b39e9080b2ca05312dcf45b19072ed13],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-15[21-46-36-543].log, In Quarantäne, [4c05d23eaad21323f9a6af48748e47b9],
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, In Quarantäne, [4c05d23eaad21323f9a6af48748e47b9],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\DomainErrorHelper_1.0_0.crx, In Quarantäne, [fc551ef24d2f75c1f674fc0b649f867a],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\nta_1.0_0.crx, In Quarantäne, [fc551ef24d2f75c1f674fc0b649f867a],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx, In Quarantäne, [fc551ef24d2f75c1f674fc0b649f867a],
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx, In Quarantäne, [fc551ef24d2f75c1f674fc0b649f867a],
PUP.Optional.HelperBar.A, C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mjo1Ue97g2mD_AT1mrYV-lAq7AH0Wtr6DkOV7x-IkzNe_arMt5JmXME4I64tB6L9ePlz6UIJT_T2Y0EkjkSLxZVT1vSTcNsQ,,&q=");), Ersetzt,[1839b060562622148a611431768f5ca4]

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:
# AdwCleaner v3.311 - Bericht erstellt am 03/10/2014 um 21:08:32
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Asus - ASUS-PC
# Gestartet von : C:\Users\Asus\Desktop\AdwCleaner_3.311.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\Asus\AppData\Local\Slick Savings
Ordner Gelöscht : C:\Users\Asus\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Asus\Documents\Updater
Ordner Gelöscht : C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\ffxtlbr@zonealarm.com
Datei Gelöscht : C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\staged\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
Datei Gelöscht : C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\staged\savingsslider@mybrowserbar.com.xpi

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DA7F5AE1-3BE3-43C0-8098-C1D183616E97}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{DA7F5AE1-3BE3-43C0-8098-C1D183616E97}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\WhiteSmoke_New_V6
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\WhiteSmoke_New_V6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v19.0.2 (de)

[ Datei : C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\prefs.js ]

Zeile gelöscht : user_pref("CT3311268.UserID", "UN13201835012082410");
Zeile gelöscht : user_pref("CT3311268.fullUserID", "UN13201835012082410.IN.20131003214110");
Zeile gelöscht : user_pref("CT3311268.installerVersion", "1.7.1.7");
Zeile gelöscht : user_pref("CT3311268.versionFromInstaller", "10.20.1.8");
Zeile gelöscht : user_pref("CT3311268.xpeMode", "0");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gelöscht : user_pref("extensions.zonealarm.lastB", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAatONRMkeCp_jlwhXYG10AyROJ5UKUtNhArueKg-qR3_E53mA-8-AWgDCS9dJDmS1mvlUsu_O[...]
Zeile gelöscht : user_pref("smartbar.machineId", "LFRYGOLQCS+4MY7GMVT6RPHFWK+UCEPIRW1TJ1RPO7YYYFEFEZDUHALVJ9FVKJPRRNFH48DF8OUNZB8Z3MTJHW");
Zeile gelöscht : user_pref("startpage.ntsearch_url", "hxxp://search.yahoo.com/search?ei=utf-8&fr=spigot-nt-ff&type=0&ilc=12&p={searchTerms}");

-\\ Google Chrome v37.0.2062.124

[ Datei : C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7724 octets] - [03/10/2014 21:06:11]
AdwCleaner[S0].txt - [7388 octets] - [03/10/2014 21:08:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7448 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.7 (10.03.2014:1)
OS: Windows 7 Home Premium x64
Ran by Asus on 03.10.2014 at 21:17:21,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho76F9.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8B03.tmp



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\uiyfkznn.default\extensions\staged
Emptied folder: C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\uiyfkznn.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.10.2014 at 21:22:42,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2014
Ran by Asus (administrator) on ASUS-PC on 03-10-2014 21:26:04
Running from C:\Users\Asus\Desktop
Loaded Profile: Asus (Available profiles: Asus)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-10-29] ()
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-08-12] ()
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2010-10-29] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-05-30] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1786342322-1499335809-2846592369-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (No File)
Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{49C99D73-AFB2-4217-AC49-FB24651C37D2}: [NameServer] 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Amazon-Icon - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\amazon-icon@giga.de [2014-03-11]
FF Extension: No Name - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} [Not Found]
FF Extension: No Name - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\savingsslider@mybrowserbar.com [Not Found]
FF Extension: No Name - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\extensions\ffxtlbr@zonealarm.com [Not Found]

Chrome:
=======
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-24]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-24]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-05]
CHR Extension: (Google Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-24]
CHR Extension: (Yulia Brodskaya) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko [2014-08-31]
CHR Extension: (ZoneAlarm Chrome Toolbar) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek [2014-09-30]
CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-24]
CHR HKCU\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Asus\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [2014-02-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-06-01] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5284208 2013-10-30] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] () [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-04-30] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-04-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490592 2014-04-30] (Kaspersky Lab ZAO)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Apple Inc.) [File not signed]
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450968 2014-05-30] (Check Point Software Technologies Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-03 21:26 - 2014-10-03 21:27 - 00021675 _____ () C:\Users\Asus\Desktop\FRST.txt
2014-10-03 21:25 - 2014-10-03 21:25 - 00000000 ____D () C:\Users\Asus\Desktop\FRST-OlderVersion
2014-10-03 21:22 - 2014-10-03 21:22 - 00001002 _____ () C:\Users\Asus\Desktop\JRT.txt
2014-10-03 21:16 - 2014-10-03 21:16 - 00000000 ____D () C:\Windows\ERUNT
2014-10-03 21:15 - 2014-10-03 21:15 - 01702068 _____ (Thisisu) C:\Users\Asus\Desktop\JRT.exe
2014-10-03 21:06 - 2014-10-03 21:08 - 00000000 ____D () C:\AdwCleaner
2014-10-03 21:05 - 2014-10-03 21:05 - 01375089 _____ () C:\Users\Asus\Desktop\AdwCleaner_3.311.exe
2014-10-03 21:03 - 2014-10-03 21:03 - 00033941 _____ () C:\Users\Asus\Desktop\mbam.txt
2014-10-03 20:52 - 2014-10-03 20:52 - 00001167 _____ () C:\Users\Asus\Desktop\MalewareTEXST.txt
2014-10-03 20:28 - 2014-10-03 21:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-03 20:28 - 2014-10-03 20:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-03 20:28 - 2014-10-03 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-03 20:28 - 2014-10-03 20:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-03 20:28 - 2014-10-03 20:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-03 20:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-03 20:28 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-03 20:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-02 21:07 - 2014-10-02 22:02 - 00000000 ____D () C:\ComboFix
2014-10-02 21:07 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-02 21:07 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-02 21:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-02 21:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-02 21:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-02 21:07 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-02 21:07 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-02 21:07 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-02 20:58 - 2014-10-02 21:07 - 00000000 ____D () C:\Qoobox
2014-10-02 20:56 - 2014-10-02 20:56 - 00000000 ____D () C:\Windows\erdnt
2014-10-02 20:52 - 2014-10-02 20:55 - 05582981 ____R (Swearware) C:\Users\Asus\Desktop\ComboFix.exe
2014-10-01 20:40 - 2014-10-03 21:26 - 00000000 ____D () C:\FRST
2014-10-01 20:19 - 2014-10-01 20:19 - 00262144 _____ () C:\Windows\system32\config\elam
2014-10-01 20:14 - 2014-10-03 21:25 - 02109440 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2014-10-01 16:45 - 2014-10-03 21:10 - 00184784 _____ () C:\Windows\PFRO.log
2014-09-30 22:13 - 2014-09-30 22:14 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-09-30 22:13 - 2014-04-30 11:01 - 00490592 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-30 22:13 - 2014-04-30 11:01 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-30 22:13 - 2014-04-30 11:00 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-09-30 22:12 - 2014-09-30 22:12 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-09-30 22:12 - 2014-09-30 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-09-30 21:59 - 2014-09-30 22:12 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-09-30 21:59 - 2014-09-30 21:59 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Check Point Software Technologies LTD
2014-09-30 21:59 - 2014-09-30 21:59 - 00000000 ____D () C:\Program Files (x86)\Check Point Software Technologies LTD
2014-09-30 21:57 - 2014-09-30 21:57 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Avira
2014-09-30 21:56 - 2014-09-30 21:54 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-30 21:51 - 2014-08-15 10:30 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-09-30 21:51 - 2014-08-15 10:30 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-09-30 21:51 - 2014-08-15 10:30 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-09-30 21:48 - 2014-09-30 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-30 21:48 - 2014-09-30 21:51 - 00000000 ____D () C:\ProgramData\Avira
2014-09-30 21:48 - 2014-09-30 21:51 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-30 21:48 - 2014-09-30 21:48 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-30 19:32 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:32 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-27 22:17 - 2014-09-29 23:02 - 01624173 _____ () C:\Users\Asus\Desktop\banger.flp
2014-09-23 19:21 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 19:21 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 19:06 - 2014-10-03 21:10 - 00001232 _____ () C:\Windows\setupact.log
2014-09-23 19:06 - 2014-09-23 19:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 19:02 - 2014-09-22 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-09-22 19:01 - 2014-09-22 19:57 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Winamp
2014-09-22 19:01 - 2014-09-22 19:02 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-09-20 23:43 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-20 23:43 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-20 23:43 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-20 23:43 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-20 23:42 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-20 23:42 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-20 23:42 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-20 23:42 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-20 23:42 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-20 23:42 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-20 23:42 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-20 23:42 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-20 23:42 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-20 23:42 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-20 23:42 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-20 23:42 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-20 23:42 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-20 23:42 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-20 23:42 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-20 23:42 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-20 23:42 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-20 23:42 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-20 23:42 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-20 23:42 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-20 23:42 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-20 23:42 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-20 23:42 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-20 23:42 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-20 23:42 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-20 23:42 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-20 23:42 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-20 23:42 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-20 23:42 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-20 23:42 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-20 23:42 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-20 23:42 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-20 23:42 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-20 23:42 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-20 23:42 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-20 23:42 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-20 23:42 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-20 23:42 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-20 23:42 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-20 23:42 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-20 23:42 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-20 23:42 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-20 23:42 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-20 23:42 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-20 23:42 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-20 23:42 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-20 23:42 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-20 23:42 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-20 23:42 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-20 23:42 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-20 23:42 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-20 23:42 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-16 17:15 - 2014-10-02 20:30 - 00000098 _____ () C:\Users\Asus\Desktop\Blacklist.txt
2014-09-11 18:21 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 18:21 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 18:21 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 18:21 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 18:21 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 18:06 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 18:06 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 17:52 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 17:52 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-11 17:34 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 17:34 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-05 22:13 - 2014-09-05 22:14 - 00000000 ____D () C:\Users\Asus\Desktop\AWO
2014-09-05 20:08 - 2014-09-14 20:05 - 01683754 _____ () C:\Users\Asus\Desktop\ff2.flp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-03 21:19 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-03 21:19 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-03 21:18 - 2010-10-29 01:31 - 01254203 _____ () C:\Windows\WindowsUpdate.log
2014-10-03 21:12 - 2014-08-31 17:12 - 00001360 _____ () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-03 21:10 - 2013-03-24 22:26 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-03 21:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-03 21:04 - 2013-03-24 22:26 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-03 20:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-10-03 20:33 - 2009-02-26 13:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-02 21:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-02 21:21 - 2010-10-29 01:54 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-02 21:05 - 2009-02-26 12:37 - 00002198 _____ () C:\Windows\epplauncher.mif
2014-10-02 21:02 - 2009-02-26 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-02 20:49 - 2009-08-04 11:51 - 00700110 _____ () C:\Windows\system32\perfh007.dat
2014-10-02 20:49 - 2009-08-04 11:51 - 00149960 _____ () C:\Windows\system32\perfc007.dat
2014-10-02 20:49 - 2009-07-14 07:13 - 01622124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-02 20:16 - 2014-08-22 13:53 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\MAGIX
2014-10-01 17:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-30 21:48 - 2013-03-29 01:51 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-29 20:48 - 2009-02-26 12:19 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\vlc
2014-09-29 19:09 - 2013-11-30 23:30 - 00000000 ____D () C:\Users\Asus\Desktop\Programme
2014-09-27 13:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 17:33 - 2009-02-26 13:06 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-25 17:33 - 2009-02-26 13:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 17:33 - 2009-02-26 13:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-25 17:07 - 2013-03-24 22:27 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-22 20:43 - 2009-02-26 13:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2013-02-26 17:20 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 12:43 - 2014-08-25 12:34 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-09-20 23:42 - 2013-09-19 22:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 20:39 - 2009-02-26 09:58 - 01596404 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 20:37 - 2013-08-14 20:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 20:37 - 2009-02-26 12:25 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-11 20:37 - 2009-02-26 12:25 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-11 20:24 - 2013-02-26 14:50 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-05 23:58 - 2009-02-26 09:59 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\SoftGrid Client
2014-09-05 23:26 - 2014-08-25 12:34 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\FlowStone
2014-09-05 22:23 - 2014-03-08 00:18 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Skype
2014-09-04 21:25 - 2013-11-30 23:30 - 00000000 ____D () C:\Users\Asus\Desktop\Daten Janine u Michael

Some content of TEMP:
====================
C:\Users\Asus\AppData\Local\Temp\avgnt.exe
C:\Users\Asus\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-27 13:25

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 04.10.2014 14:30

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Chip32 04.10.2014 22:59
Code:
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3bb479952c907744bc7b3f2161d9dd9e
# engine=20439
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-04 09:22:55
# local_time=2014-10-04 11:22:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1997118 106635385 0 0
# scanned=282952
# found=36
# cleaned=0
# scan_time=8924
sh=52689216B22D07878BA3A87D5757722876FC2B87 ft=1 fh=d53c1db70e65dbbd vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\ffxtlbr@zonealarm.com\uninstall.exe.vir"
sh=7E62CD24C68C6873E2367358E9B67F26B832DD4A ft=1 fh=c71c001152d7a4ca vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmApp.dll"
sh=AD188F10AB5A30A6EE8149A6AAF68247FC9E63E5 ft=1 fh=c71c00110d6f5af3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmEng.dll"
sh=DA7464E58409B29B1ED2C7A65F3FD61402DAC1A5 ft=1 fh=dce5cbde4ee07593 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmsrv.exe"
sh=9F1F8446680FD61541FCC3E2B75E44E0EDCDFCAE ft=1 fh=e93b79f29aa9228b vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\bh\zonealarm.dll"
sh=C25E453070C795849C94FCB0311ED1DDD4F7B74D ft=1 fh=a07ba6255bd749e6 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\CheckPoint\Install\CUninstallerZA.exe"
sh=AD9F3DAA348EEA4E74B2FAD65EA492F32CA72339 ft=1 fh=ce06389d744632d2 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\CheckPoint\Install\zatb.exe"
sh=88058E4C9CD3D19A5F5F8ABC91077386FF94B36F ft=1 fh=e24842a9c8cb2ce6 vn="Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Packer\Files\CppInstaller\CppInstaller.exe"
sh=5179AE59E6425C4D74D03B64F6D8D7B3F2419ADE ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Packer\Files\Linkury\Linkury.msi"
sh=88058E4C9CD3D19A5F5F8ABC91077386FF94B36F ft=1 fh=e24842a9c8cb2ce6 vn="Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Packer\Files\CppInstaller\CppInstaller.exe"
sh=5179AE59E6425C4D74D03B64F6D8D7B3F2419ADE ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Packer\Files\Linkury\Linkury.msi"
sh=5196F169C029E453F7A33202D2BAF7E3B085F8C8 ft=1 fh=dea16e85567a6865 vn="Variante von Win32/4Shared.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000"
sh=9B5AA9D21F25F281DCD07094AAEE9BD4CF03F12D ft=1 fh=1c058e4f2945e215 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Asus\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall.exe"
sh=8490554F15357EA162494EE1763509959F3EBAEB ft=1 fh=58b66b725959d138 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Asus\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\uninstall_d.exe"
sh=E4772585CEB9AA369A292D03667C7AA76E9EA04A ft=1 fh=274da3f94e245cf7 vn="Win32/Toolbar.Montiera.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Asus\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm4ffx.exe"
sh=AE0496E8B7EF7260A5A9A03C5283D6345D09A13C ft=1 fh=d5332291c5aae89f vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1BE9.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=354DAE7D75BC3750A7C27F46E144689ADD69FECE ft=1 fh=56e124954a8ab304 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1BE9.tmp-\spbl.dll"
sh=B54A10A054F72B438B85B8C01A2FDDB9E4AA9D95 ft=1 fh=bad654b42602edb0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1BE9.tmp-\sppsm.dll"
sh=74E1FD38F895EE603C538EEB0CB62D2B7AD1F9EF ft=1 fh=eadc0e05b009aa54 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1BE9.tmp-\spusm.dll"
sh=C321BD2BA55FC1450102B52CF4320050F96E6ACE ft=1 fh=5f440c13eb246cc1 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1BE9.tmp-\srbs.dll"
sh=8BCF64604E5A8369D2032F0DEAD0FA65CED3959C ft=1 fh=de00f46990bdea72 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1BE9.tmp-\srbu.dll"
sh=39E0129484C7D4950D9E3ACB4016A95333C372C1 ft=1 fh=b2d51b366a5174b0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI1BE9.tmp-\srptc.dll"
sh=AE0496E8B7EF7260A5A9A03C5283D6345D09A13C ft=1 fh=d5332291c5aae89f vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI5C36.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=354DAE7D75BC3750A7C27F46E144689ADD69FECE ft=1 fh=56e124954a8ab304 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI5C36.tmp-\spbl.dll"
sh=B54A10A054F72B438B85B8C01A2FDDB9E4AA9D95 ft=1 fh=bad654b42602edb0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI5C36.tmp-\sppsm.dll"
sh=74E1FD38F895EE603C538EEB0CB62D2B7AD1F9EF ft=1 fh=eadc0e05b009aa54 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI5C36.tmp-\spusm.dll"
sh=C321BD2BA55FC1450102B52CF4320050F96E6ACE ft=1 fh=5f440c13eb246cc1 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI5C36.tmp-\srbs.dll"
sh=8BCF64604E5A8369D2032F0DEAD0FA65CED3959C ft=1 fh=de00f46990bdea72 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI5C36.tmp-\srbu.dll"
sh=39E0129484C7D4950D9E3ACB4016A95333C372C1 ft=1 fh=b2d51b366a5174b0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI5C36.tmp-\srptc.dll"
sh=AE0496E8B7EF7260A5A9A03C5283D6345D09A13C ft=1 fh=d5332291c5aae89f vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC961.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=354DAE7D75BC3750A7C27F46E144689ADD69FECE ft=1 fh=56e124954a8ab304 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC961.tmp-\spbl.dll"
sh=B54A10A054F72B438B85B8C01A2FDDB9E4AA9D95 ft=1 fh=bad654b42602edb0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC961.tmp-\sppsm.dll"
sh=74E1FD38F895EE603C538EEB0CB62D2B7AD1F9EF ft=1 fh=eadc0e05b009aa54 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC961.tmp-\spusm.dll"
sh=C321BD2BA55FC1450102B52CF4320050F96E6ACE ft=1 fh=5f440c13eb246cc1 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC961.tmp-\srbs.dll"
sh=8BCF64604E5A8369D2032F0DEAD0FA65CED3959C ft=1 fh=de00f46990bdea72 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC961.tmp-\srbu.dll"
sh=39E0129484C7D4950D9E3ACB4016A95333C372C1 ft=1 fh=b2d51b366a5174b0 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSIC961.tmp-\srptc.dll"
Code:
Results of screen317's Security Check version 0.99.87 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop                 
Microsoft Security Essentials 
ZoneAlarm Antivirus           
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 15.0.0.152 
 Google Chrome 37.0.2062.120 
 Google Chrome 37.0.2062.124 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 CheckPoint ZoneAlarm ZAPrivacyService.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2014
Ran by Asus (administrator) on ASUS-PC on 04-10-2014 23:54:29
Running from C:\Users\Asus\Desktop
Loaded Profile: Asus (Available profiles: Asus)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-10-29] ()
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-08-12] ()
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2010-10-29] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-05-30] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1786342322-1499335809-2846592369-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Asus\AppData\Local\Akamai\netsession_win.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (No File)
Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{49C99D73-AFB2-4217-AC49-FB24651C37D2}: [NameServer] 0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Amazon-Icon - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uiyfkznn.default\Extensions\amazon-icon@giga.de [2014-03-11]

Chrome:
=======
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-24]
CHR Extension: (Google Drive) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-24]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-05]
CHR Extension: (Google Search) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-24]
CHR Extension: (Yulia Brodskaya) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko [2014-08-31]
CHR Extension: (ZoneAlarm Chrome Toolbar) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek [2014-09-30]
CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Gmail) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-24]
CHR HKCU\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Asus\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [2014-02-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-06-01] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5284208 2013-10-30] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] () [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-04-30] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-04-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490592 2014-04-30] (Kaspersky Lab ZAO)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Apple Inc.) [File not signed]
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450968 2014-05-30] (Check Point Software Technologies Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-04 23:54 - 2014-10-04 23:54 - 00021439 _____ () C:\Users\Asus\Desktop\FRST.txt
2014-10-04 23:45 - 2014-10-04 23:45 - 00854417 _____ () C:\Users\Asus\Desktop\SecurityCheck.exe
2014-10-04 20:51 - 2014-10-04 20:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-04 20:49 - 2014-10-04 20:49 - 02347384 _____ (ESET) C:\Users\Asus\Desktop\esetsmartinstaller_deu.exe
2014-10-04 12:23 - 2014-10-04 12:23 - 00000000 _____ () C:\Windows\SysWOW64\sho49FB.tmp
2014-10-04 11:42 - 2014-10-04 11:44 - 00002249 ____H () C:\Windows\SysWOW64\BTImages.dat
2014-10-03 21:16 - 2014-10-03 21:16 - 00000000 ____D () C:\Windows\ERUNT
2014-10-03 21:15 - 2014-10-03 21:15 - 01702068 _____ (Thisisu) C:\Users\Asus\Desktop\JRT.exe
2014-10-03 21:06 - 2014-10-03 21:08 - 00000000 ____D () C:\AdwCleaner
2014-10-03 21:05 - 2014-10-03 21:05 - 01375089 _____ () C:\Users\Asus\Desktop\AdwCleaner_3.311.exe
2014-10-03 20:28 - 2014-10-03 21:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-03 20:28 - 2014-10-03 20:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-03 20:28 - 2014-10-03 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-03 20:28 - 2014-10-03 20:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-03 20:28 - 2014-10-03 20:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-03 20:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-03 20:28 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-03 20:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-02 21:07 - 2014-10-02 22:02 - 00000000 ____D () C:\ComboFix
2014-10-02 21:07 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-02 21:07 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-02 21:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-02 21:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-02 21:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-02 21:07 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-02 21:07 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-02 21:07 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-02 20:58 - 2014-10-02 21:07 - 00000000 ____D () C:\Qoobox
2014-10-02 20:56 - 2014-10-02 20:56 - 00000000 ____D () C:\Windows\erdnt
2014-10-02 20:52 - 2014-10-02 20:55 - 05582981 ____R (Swearware) C:\Users\Asus\Desktop\ComboFix.exe
2014-10-01 20:40 - 2014-10-04 23:54 - 00000000 ____D () C:\FRST
2014-10-01 20:19 - 2014-10-01 20:19 - 00262144 _____ () C:\Windows\system32\config\elam
2014-10-01 20:14 - 2014-10-03 21:25 - 02109440 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2014-10-01 16:45 - 2014-10-03 21:10 - 00184784 _____ () C:\Windows\PFRO.log
2014-09-30 22:13 - 2014-09-30 22:14 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-09-30 22:13 - 2014-04-30 11:01 - 00490592 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-30 22:13 - 2014-04-30 11:01 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-30 22:13 - 2014-04-30 11:00 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-09-30 22:12 - 2014-09-30 22:12 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-09-30 22:12 - 2014-09-30 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-09-30 21:59 - 2014-09-30 22:12 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-09-30 21:59 - 2014-09-30 21:59 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Check Point Software Technologies LTD
2014-09-30 21:59 - 2014-09-30 21:59 - 00000000 ____D () C:\Program Files (x86)\Check Point Software Technologies LTD
2014-09-30 21:57 - 2014-09-30 21:57 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Avira
2014-09-30 21:56 - 2014-09-30 21:54 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-30 21:51 - 2014-08-15 10:30 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-09-30 21:51 - 2014-08-15 10:30 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-09-30 21:51 - 2014-08-15 10:30 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-09-30 21:48 - 2014-09-30 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-30 21:48 - 2014-09-30 21:51 - 00000000 ____D () C:\ProgramData\Avira
2014-09-30 21:48 - 2014-09-30 21:51 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-30 21:48 - 2014-09-30 21:48 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-30 19:32 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 19:32 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-27 22:17 - 2014-09-29 23:02 - 01624173 _____ () C:\Users\Asus\Desktop\banger.flp
2014-09-23 19:21 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 19:21 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 19:06 - 2014-10-04 20:39 - 00001400 _____ () C:\Windows\setupact.log
2014-09-23 19:06 - 2014-09-23 19:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 19:02 - 2014-09-22 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-09-22 19:01 - 2014-09-22 19:57 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Winamp
2014-09-22 19:01 - 2014-09-22 19:02 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-09-20 23:43 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-20 23:43 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-20 23:43 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-20 23:43 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-20 23:42 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-20 23:42 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-20 23:42 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-20 23:42 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-20 23:42 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-20 23:42 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-20 23:42 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-20 23:42 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-20 23:42 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-20 23:42 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-20 23:42 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-20 23:42 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-20 23:42 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-20 23:42 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-20 23:42 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-20 23:42 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-20 23:42 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-20 23:42 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-20 23:42 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-20 23:42 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-20 23:42 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-20 23:42 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-20 23:42 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-20 23:42 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-20 23:42 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-20 23:42 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-20 23:42 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-20 23:42 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-20 23:42 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-20 23:42 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-20 23:42 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-20 23:42 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-20 23:42 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-20 23:42 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-20 23:42 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-20 23:42 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-20 23:42 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-20 23:42 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-20 23:42 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-20 23:42 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-20 23:42 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-20 23:42 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-20 23:42 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-20 23:42 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-20 23:42 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-20 23:42 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-20 23:42 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-20 23:42 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-20 23:42 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-20 23:42 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-20 23:42 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-20 23:42 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-16 17:15 - 2014-10-02 20:30 - 00000098 _____ () C:\Users\Asus\Desktop\Blacklist.txt
2014-09-11 18:21 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 18:21 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 18:21 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 18:21 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 18:21 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 18:06 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 18:06 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 17:52 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 17:52 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-11 17:34 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 17:34 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-05 22:13 - 2014-09-05 22:14 - 00000000 ____D () C:\Users\Asus\Desktop\AWO
2014-09-05 20:08 - 2014-09-14 20:05 - 01683754 _____ () C:\Users\Asus\Desktop\ff2.flp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-04 23:33 - 2009-02-26 13:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-04 23:04 - 2013-03-24 22:26 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-04 20:57 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-04 20:57 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-04 20:52 - 2010-10-29 01:31 - 01322829 _____ () C:\Windows\WindowsUpdate.log
2014-10-04 20:39 - 2013-03-24 22:26 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-04 20:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-03 21:12 - 2014-08-31 17:12 - 00001360 _____ () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-03 20:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-10-02 21:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-02 21:21 - 2010-10-29 01:54 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-02 21:05 - 2009-02-26 12:37 - 00002198 _____ () C:\Windows\epplauncher.mif
2014-10-02 21:02 - 2009-02-26 12:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-02 20:49 - 2009-08-04 11:51 - 00700110 _____ () C:\Windows\system32\perfh007.dat
2014-10-02 20:49 - 2009-08-04 11:51 - 00149960 _____ () C:\Windows\system32\perfc007.dat
2014-10-02 20:49 - 2009-07-14 07:13 - 01622124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-02 20:16 - 2014-08-22 13:53 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\MAGIX
2014-10-01 17:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-30 21:48 - 2013-03-29 01:51 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-29 20:48 - 2009-02-26 12:19 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\vlc
2014-09-29 19:09 - 2013-11-30 23:30 - 00000000 ____D () C:\Users\Asus\Desktop\Programme
2014-09-27 13:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 17:33 - 2009-02-26 13:06 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-25 17:33 - 2009-02-26 13:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 17:33 - 2009-02-26 13:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-25 17:07 - 2013-03-24 22:27 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-22 20:43 - 2009-02-26 13:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-22 08:42 - 2013-02-26 17:20 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 12:43 - 2014-08-25 12:34 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-09-20 23:42 - 2013-09-19 22:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 20:39 - 2009-02-26 09:58 - 01596404 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 20:37 - 2013-08-14 20:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 20:37 - 2009-02-26 12:25 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-11 20:37 - 2009-02-26 12:25 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-11 20:24 - 2013-02-26 14:50 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-05 23:58 - 2009-02-26 09:59 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\SoftGrid Client
2014-09-05 23:26 - 2014-08-25 12:34 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\FlowStone
2014-09-05 22:23 - 2014-03-08 00:18 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Skype
2014-09-04 21:25 - 2013-11-30 23:30 - 00000000 ____D () C:\Users\Asus\Desktop\Daten Janine u Michael

Some content of TEMP:
====================
C:\Users\Asus\AppData\Local\Temp\avgnt.exe
C:\Users\Asus\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-27 13:25

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Wenn du mir jetzt sagen kannst ob mein System von der Plage befreit ist xD . Hab das gemacht was mir geschrieben , was genau hat sich geändert ? Weiß nicht ob ich mein Chrome Deinstallieren solll , weil wenn ich Chrome Starte dauert es eine weile bis sich die Seiten Öffnen , bei Firefox geht das ruck zuck .

schrauber 05.10.2014 14:56
Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Windows\Installer\MSI1BE9.tmp-
C:\Windows\Installer\MSI5C36.tmp-
C:\Windows\Installer\MSIC961.tmp-

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Chip32 05.10.2014 18:27
Hallo schrauber .

Der Revo Uninstaller , findet nur die Letzten 3 installierten Programme , wenn ich auf suchen Chrome eingebe findet er nix . Soll ich es Manuell deinstallieren? Wollte Chrome auch nicht mehr behalten ....

@Kann es im System Uninstaller nicht Deinstallieren weil in der Auflistung mir einige Programme nicht mehr angezeigt werden .

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2014
Ran by Asus at 2014-10-05 19:24:56 Run:1
Running from C:\Users\Asus\Desktop
Loaded Profile: Asus (Available profiles: Asus & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Windows\Installer\MSI1BE9.tmp-
C:\Windows\Installer\MSI5C36.tmp-
C:\Windows\Installer\MSIC961.tmp-
*****************

C:\Windows\Installer\MSI1BE9.tmp- => Moved successfully.
C:\Windows\Installer\MSI5C36.tmp- => Moved successfully.
C:\Windows\Installer\MSIC961.tmp- => Moved successfully.

==== End of Fixlog ====

schrauber 06.10.2014 11:05
Lade Dir mal den Ccleaner. Zeigt er Chrome an?

Chip32 06.10.2014 19:06
Ja CCleaner zeigt es an . Wieso sind den auf einmal die Programme weg in der Liste? Kann man was machen ?

schrauber 07.10.2014 13:50
Nein, die Liste der installierten Programme wurde durch die Adware zerstört. Ccleaner kann es nur anzeigen weil er woanders abgreift. Das ist nicht zu reparieren, aber auch nicht schlimm, nutze einfach den ccleaner zum deinstallieren.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:34 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131