Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojan.Agent.RC gleich 3 mal (https://www.trojaner-board.de/167573-trojan-agent-rc-gleich-3-mal.html)

Pcgehtnicht 04.06.2015 08:44
Trojan.Agent.RC gleich 3 mal
 
Hallo mein Anti Malware Programm hat den Trojan.Agent.RC gerade gleich3 mal auf meinem Pc gefunden was nun? :eek:

schrauber 04.06.2015 09:27
hi,

wo gefunden?

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Pcgehtnicht 04.06.2015 20:24
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Lisa (administrator) on SIMBA on 04-06-2015 10:48:04
Running from C:\Users\Lisa\Downloads
Loaded Profiles: Lisa &  (Available Profiles: Lisa)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
() C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
() C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(VMware) C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\Lisa\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Lisa\AppData\Roaming\Spotify\Spotify.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Spotify Ltd) C:\Users\Lisa\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Spotify Ltd) C:\Users\Lisa\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Lisa\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [70328 2015-01-08] ()
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [JunosPulse] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2521944 2014-10-06] (Juniper Networks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Run: [Spotify Web Helper] => C:\Users\Lisa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-28] (Spotify Ltd)
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Run: [Spotify] => C:\Users\Lisa\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-28] (Spotify Ltd)
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Lisa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-28] (Spotify Ltd)
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Lisa\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-28] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-10-03]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://yandex.ru/yandsearch?win=145&clid=1992409&text={searchTerms}
SearchScopes: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001 -> 23B5E148594F256123BD123AABE9188E URL =
SearchScopes: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://yandex.ru/yandsearch?win=145&clid=1992409&text={searchTerms}
SearchScopes: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://yandex.ru/yandsearch?win=145&clid=1992409&text={searchTerms}
SearchScopes: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> 23B5E148594F256123BD123AABE9188E URL =
SearchScopes: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://yandex.ru/yandsearch?win=145&clid=1992409&text={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20] (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-22] (DVDVideoSoft Ltd.)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-09-04] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-09-04] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 131.173.245.9 131.173.245.10
Tcpip\..\Interfaces\{82E65DC3-12F4-495B-AE8B-5C4839D05E19}: [NameServer] 131.173.245.9,131.173.245.10

FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\n4savaq5.default-1414172865324
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-09-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-09-04] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Extension: Download videos and MP3s from YouTube - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\n4savaq5.default-1414172865324\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-27]
FF Extension: Adblock Plus - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\n4savaq5.default-1414172865324\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-21]
FF HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-27]
FF HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome:
=======
CHR Profile: C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browser Safety) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-28]
CHR Extension: (Bookmark Manager) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Floodwatch) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnnmlfhgefcbnolklnepapefmmobedld [2015-05-26]
CHR Extension: (Google Wallet) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-28]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

Opera:
=======
OPR StartupUrls: "hxxp://www.yandex.ru/?win=145&clid=1992408"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [206008 2015-01-08] ()
R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [3645624 2015-01-08] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [2030808 2015-01-21] (VMware, Inc.)
R2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [225464 2014-12-19] (VMware)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [530648 2015-02-11] (VMware, Inc.)
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X] <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-11] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 jnprna; C:\Windows\system32\DRIVERS\jnprna6.sys [518992 2012-03-30] (Juniper Networks, Inc.)
R1 jnprns; C:\Windows\system32\DRIVERS\jnprns.sys [507192 2014-08-20] (Juniper Networks)
S4 jnprTdi_807_50111; C:\Windows\system32\Drivers\jnprTdi_807_50111.sys [108344 2014-10-06] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\system32\DRIVERS\jnprva.sys [30072 2014-08-20] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\system32\DRIVERS\jnprvamgr.sys [45352 2014-08-20] (Juniper Networks, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-01-03] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-04 10:48 - 2015-06-04 10:49 - 00032774 _____ C:\Users\Lisa\Downloads\FRST.txt
2015-06-04 10:47 - 2015-06-04 10:48 - 00000000 ____D C:\FRST
2015-06-04 10:46 - 2015-06-04 10:46 - 02108928 _____ (Farbar) C:\Users\Lisa\Downloads\FRST64.exe
2015-06-04 10:43 - 2015-06-04 10:43 - 01147392 _____ (Farbar) C:\Users\Lisa\Downloads\FRST (1).exe
2015-06-04 10:42 - 2015-06-04 10:42 - 01147392 _____ (Farbar) C:\Users\Lisa\Downloads\FRST(2).exe
2015-06-04 10:42 - 2015-06-04 10:42 - 01147392 _____ (Farbar) C:\Users\Lisa\Downloads\FRST(1).exe
2015-06-04 10:40 - 2015-06-04 10:40 - 01147392 _____ (Farbar) C:\Users\Lisa\Downloads\FRST.exe
2015-06-03 22:38 - 2015-06-03 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-06-03 08:51 - 2015-06-03 23:18 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-03 08:51 - 2015-06-03 08:51 - 00001120 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-03 08:51 - 2015-06-03 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-03 08:51 - 2015-06-03 08:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-03 08:51 - 2015-06-03 08:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-03 08:51 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-03 08:51 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-03 08:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-03 08:49 - 2015-06-03 08:49 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-01 23:57 - 2015-06-01 23:57 - 00000000 ____D C:\Users\Lisa\AppData\Local\GWX
2015-05-30 15:51 - 2015-05-30 15:53 - 05745219 _____ C:\Users\Lisa\Documents\Zielgruppenanalyse_Latium_Rom.pptx
2015-05-29 12:55 - 2015-05-31 01:02 - 00000000 ____D C:\Users\Lisa\Desktop\Werbung
2015-05-28 15:49 - 2015-05-28 15:49 - 00000000 ____D C:\Users\Lisa\Documents\TurningPoint
2015-05-28 14:36 - 2015-06-03 00:24 - 00000000 ____D C:\Users\Lisa\Documents\Vortrag
2015-05-28 12:24 - 2015-05-28 12:24 - 46641642 _____ C:\Users\Lisa\Documents\wasistds.pptx
2015-05-28 12:21 - 2015-05-28 12:21 - 15077231 _____ C:\Users\Lisa\Documents\druck.pptx
2015-05-28 12:14 - 2015-05-28 12:15 - 43580791 _____ C:\Users\Lisa\Desktop\FERTIGDRUCKEN.pptx
2015-05-28 11:54 - 2015-05-28 11:54 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Turning Technologies
2015-05-28 11:53 - 2015-05-28 11:53 - 00002269 _____ C:\Users\Lisa\Desktop\TurningPoint 2008.lnk
2015-05-28 11:53 - 2015-05-28 11:53 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turning Technologies, LLC
2015-05-28 11:53 - 2015-05-28 11:53 - 00000000 ____D C:\Program Files (x86)\Turning Technologies
2015-05-28 11:52 - 2015-05-28 11:54 - 00000000 ____D C:\ProgramData\Turning Technologies
2015-05-28 11:51 - 2015-05-28 11:52 - 17477144 _____ (Turning Technologies, LLC.) C:\Users\Lisa\Downloads\TurningPoint_4_5_1.exe
2015-05-28 11:37 - 2015-05-28 12:23 - 00000000 ____D C:\Users\Lisa\Desktop\Druck
2015-05-28 11:00 - 2015-05-28 15:01 - 00000000 ____D C:\Users\Lisa\Desktop\drucken
2015-05-27 13:43 - 2015-05-27 19:41 - 43616166 _____ C:\Users\Lisa\Documents\ausgeblendet.pptx
2015-05-27 13:25 - 2015-05-27 13:25 - 43603079 _____ C:\Users\Lisa\Documents\Neu1325.pptx
2015-05-27 13:10 - 2015-05-27 13:10 - 43602631 _____ C:\Users\Lisa\Documents\Neu1310.pptx
2015-05-27 05:41 - 2015-05-27 12:13 - 46641795 _____ C:\Users\Lisa\Documents\neusteVersion27.pptx
2015-05-27 05:30 - 2015-05-27 05:30 - 46684773 _____ C:\Users\Lisa\Documents\fastZusammen.pptx
2015-05-27 03:52 - 2015-05-27 03:53 - 34116778 _____ C:\Users\Lisa\Documents\Zusammen.pptx
2015-05-27 03:21 - 2015-05-27 03:22 - 18923881 _____ C:\Users\Lisa\Documents\Lisa.pptx
2015-05-27 00:21 - 2015-05-27 00:21 - 01430576 _____ (Juniper Networks, Inc.) C:\Users\Lisa\Downloads\JuniperSetupClientInstaller (1).exe
2015-05-26 22:50 - 2015-05-26 22:50 - 01137480 _____ C:\Users\Lisa\Downloads\Präsentation Facebook Max.pptx
2015-05-26 21:41 - 2015-05-26 21:41 - 05877867 _____ C:\Users\Lisa\Documents\steffihalb.pptx
2015-05-26 20:44 - 2015-05-26 20:44 - 00799538 _____ C:\Users\Lisa\Documents\folie.pptx
2015-05-26 20:40 - 2015-05-26 20:43 - 00799537 _____ C:\Users\Lisa\Documents\Neu.pptx
2015-05-26 20:34 - 2015-05-26 20:34 - 04450699 _____ C:\Users\Lisa\Documents\Facebook_Präsentation_finalsteffi.pptx
2015-05-26 16:51 - 2015-05-26 16:51 - 00377046 _____ C:\Users\Lisa\Documents\wennfacebook.pptx
2015-05-26 16:49 - 2015-05-26 16:50 - 15807678 _____ C:\Users\Lisa\Documents\mitst.pptx
2015-05-26 10:32 - 2015-05-26 23:30 - 15121507 _____ C:\Users\Lisa\Documents\Vorläufig1.pptx
2015-05-26 09:22 - 2015-05-26 09:46 - 04332447 _____ C:\Users\Lisa\Documents\Mone.pptx
2015-05-25 15:33 - 2015-05-25 15:33 - 00937826 _____ C:\Users\Lisa\Downloads\präsi-Adrian(1).pptx
2015-05-25 15:32 - 2015-05-25 15:32 - 01216718 _____ C:\Users\Lisa\Downloads\masterlayout FB(1).pptx
2015-05-25 15:32 - 2015-05-25 15:32 - 01096455 _____ C:\Users\Lisa\Downloads\masterlayout FB.pptx
2015-05-21 23:23 - 2015-05-21 23:23 - 01430576 _____ (Juniper Networks, Inc.) C:\Users\Lisa\Downloads\JuniperSetupClientInstaller(4).exe
2015-05-21 23:16 - 2012-03-30 10:30 - 00518992 _____ (Juniper Networks, Inc.) C:\Windows\system32\Drivers\jnprna6.sys
2015-05-21 11:34 - 2015-05-21 11:34 - 00019469 _____ C:\Users\Lisa\Desktop\Übersicht_AP_Bronze_Silber_Gold.xlsx
2015-05-21 11:08 - 2015-05-21 11:09 - 89733366 _____ C:\Users\Lisa\Downloads\facebook-lisalowenherz58.zip
2015-05-19 23:21 - 2015-05-19 23:21 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\GalileoPress
2015-05-18 23:57 - 2015-05-18 23:57 - 00003291 _____ C:\Users\Lisa\AppData\Local\recently-used.xbel
2015-05-18 21:35 - 2015-05-18 21:35 - 00839357 _____ C:\Users\Lisa\Desktop\Unbenannt.xcf
2015-05-14 11:28 - 2015-05-22 10:14 - 00005120 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SIMBA-Lisa Simba
2015-05-13 15:16 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:16 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:55 - 2015-06-03 13:18 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-05-13 14:55 - 2015-06-03 13:18 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-05-13 14:55 - 2015-05-13 14:55 - 00003382 _____ C:\Windows\System32\Tasks\Update Checker
2015-05-13 03:42 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-13 03:42 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-13 03:42 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-13 03:42 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-13 03:42 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-13 03:41 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 03:41 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 03:41 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 03:41 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 03:41 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 03:41 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 03:41 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 03:41 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 03:41 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 03:41 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 03:41 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 03:41 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 03:41 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 03:41 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 03:41 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 03:41 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 03:41 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 03:41 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 03:41 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 03:41 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 03:41 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 03:41 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 03:41 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 03:41 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 03:41 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 03:41 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 03:41 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 03:41 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 03:41 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 03:41 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 03:41 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 03:41 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 03:41 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 03:41 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 03:41 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 03:41 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 03:41 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 03:41 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 03:41 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 03:41 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 03:41 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 03:41 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 03:41 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 03:41 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 03:41 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 03:41 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 03:41 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 03:41 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-13 03:41 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 03:41 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-13 03:41 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-13 03:41 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-13 03:41 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-13 03:41 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 03:41 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 03:41 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 03:41 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 03:41 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-13 03:41 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-13 03:41 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-13 03:41 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-13 03:41 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-13 03:41 - 2015-03-13 02:29 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-13 03:41 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 03:41 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 03:41 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 03:41 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-13 03:41 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 03:41 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 03:41 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-13 03:41 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 03:41 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-13 03:41 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-13 03:41 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-07 13:08 - 2015-05-29 20:45 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\WildTangent
2015-05-05 14:38 - 2015-05-05 14:38 - 00002054 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk
2015-05-05 14:38 - 2015-05-05 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-04 10:48 - 2014-06-21 22:44 - 01090451 _____ C:\Windows\WindowsUpdate.log
2015-06-04 10:40 - 2014-10-03 06:05 - 00000000 ____D C:\Users\Lisa\AppData\Local\Packages
2015-06-04 10:37 - 2014-10-16 21:12 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Spotify
2015-06-04 10:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-04 09:16 - 2014-11-25 23:54 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-04 01:34 - 2014-10-03 00:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-03 22:59 - 2015-03-25 21:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-03 22:45 - 2014-10-03 06:11 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3007510544-1590264628-2405062397-1001
2015-06-03 22:34 - 2014-10-03 00:27 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-03 22:32 - 2014-10-03 06:06 - 00000074 _____ C:\Users\Lisa\AppData\Roaming\sp_data.sys
2015-06-03 22:31 - 2014-11-25 23:54 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-03 22:31 - 2014-10-16 21:13 - 00000000 ____D C:\Users\Lisa\AppData\Local\Spotify
2015-06-03 22:31 - 2014-10-13 21:06 - 00000000 __RDO C:\Users\Lisa\OneDrive
2015-06-03 22:31 - 2014-10-03 06:05 - 00000000 ____D C:\Users\Lisa
2015-06-03 22:18 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-06-03 22:17 - 2013-08-22 16:46 - 00034193 _____ C:\Windows\setupact.log
2015-06-03 22:17 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-03 22:16 - 2015-04-08 12:13 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-03 22:16 - 2014-10-03 00:27 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-06-03 22:16 - 2014-10-02 22:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 22:16 - 2014-06-21 22:59 - 00000000 ____D C:\ProgramData\P4G
2015-06-03 22:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2015-06-03 22:08 - 2014-10-20 22:30 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Skype
2015-06-03 21:38 - 2013-12-13 05:57 - 00370772 _____ C:\Windows\PFRO.log
2015-06-03 16:30 - 2014-10-02 22:34 - 02473472 ___SH C:\Users\Lisa\Downloads\Thumbs.db
2015-06-03 15:08 - 2014-10-03 06:13 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D21C7EDB-4835-49D5-B886-4DE93EB9B90D}
2015-06-03 15:05 - 2015-04-18 15:17 - 00805888 ___SH C:\Users\Lisa\Desktop\Thumbs.db
2015-06-03 08:45 - 2014-10-07 21:31 - 00000000 ____D C:\Program Files (x86)\Internet Speed Checker
2015-06-02 10:27 - 2015-04-07 15:25 - 00000000 ____D C:\Users\Lisa\Desktop\Bewerbung
2015-06-01 10:42 - 2014-12-02 22:54 - 00000000 ____D C:\Users\Lisa\.gimp-2.8
2015-05-31 21:25 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-05-31 18:35 - 2015-01-05 23:24 - 00000000 ____D C:\Users\Lisa\AppData\Local\CrashDumps
2015-05-29 20:45 - 2013-12-13 06:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-29 20:45 - 2013-12-13 06:11 - 00000000 ____D C:\ProgramData\WildTangent
2015-05-29 20:45 - 2013-12-13 06:11 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-05-29 13:36 - 2013-12-13 13:04 - 00773008 _____ C:\Windows\system32\perfh007.dat
2015-05-29 13:36 - 2013-12-13 13:04 - 00162310 _____ C:\Windows\system32\perfc007.dat
2015-05-29 13:36 - 2013-12-13 06:09 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-28 23:09 - 2014-10-20 22:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-28 23:09 - 2014-10-20 22:30 - 00000000 ____D C:\ProgramData\Skype
2015-05-28 21:02 - 2014-12-15 01:01 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-28 11:54 - 2014-06-21 22:53 - 00015202 _____ C:\Windows\DPINST.LOG
2015-05-26 09:18 - 2014-11-25 23:55 - 00002197 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-26 02:01 - 2014-10-14 18:55 - 00000000 ___RD C:\Users\Lisa\Documents\Notes
2015-05-25 15:25 - 2015-02-14 01:32 - 00000000 ____D C:\Users\Lisa\Desktop\Istanbul Uni
2015-05-21 09:26 - 2014-10-15 23:35 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1412279549
2015-05-21 09:26 - 2014-10-02 21:52 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-05-21 09:26 - 2014-10-02 21:52 - 00000000 ____D C:\Program Files (x86)\Opera
2015-05-20 18:43 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-05-20 18:39 - 2015-04-08 12:13 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 03:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-05-18 23:57 - 2014-12-02 22:59 - 00000000 ____D C:\Users\Lisa\AppData\Local\gtk-2.0
2015-05-18 22:16 - 2014-12-06 02:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-18 22:16 - 2014-12-06 02:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-18 22:16 - 2014-06-21 23:02 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-05-18 22:16 - 2013-08-22 16:44 - 00510632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-18 22:14 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-05-18 22:10 - 2013-08-22 22:59 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-18 22:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-05-18 22:10 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-17 22:11 - 2014-11-25 23:54 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 22:11 - 2014-11-25 23:54 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 14:18 - 2014-11-18 22:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-13 15:09 - 2014-10-09 11:37 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 14:55 - 2013-12-13 06:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-05-13 14:55 - 2013-12-13 06:10 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-05-13 14:54 - 2014-10-09 11:37 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 14:44 - 2014-12-06 02:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-11 18:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-05-06 09:55 - 2015-03-25 10:04 - 00000000 ____D C:\Users\Lisa\Desktop\IntMarketing
2015-05-05 19:59 - 2015-04-18 15:09 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-04-18 15:09 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-05 14:34 - 2014-10-02 21:34 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 14:34 - 2014-10-02 21:34 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

==================== Files in the root of some directories =======

2014-12-15 20:27 - 2014-12-16 01:25 - 0000470 _____ () C:\Users\Lisa\AppData\Roaming\Poladroid prefs.plist
2014-10-03 06:06 - 2015-06-03 22:32 - 0000074 _____ () C:\Users\Lisa\AppData\Roaming\sp_data.sys
2015-05-18 23:57 - 2015-05-18 23:57 - 0003291 _____ () C:\Users\Lisa\AppData\Local\recently-used.xbel
2014-06-21 22:48 - 2014-06-21 22:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 06:09 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 06:09 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 06:09 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some files in TEMP:
====================
C:\Users\Lisa\AppData\Local\Temp\avgnt.exe
C:\Users\Lisa\AppData\Local\Temp\FreeYouTubeDownload.exe
C:\Users\Lisa\AppData\Local\Temp\JavaRa.exe
C:\Users\Lisa\AppData\Local\Temp\jli.dll
C:\Users\Lisa\AppData\Local\Temp\jre-8u25-windows-i586.exe
C:\Users\Lisa\AppData\Local\Temp\jre-8u25-windows-x64.exe
C:\Users\Lisa\AppData\Local\Temp\jre-8u31-windows-i586.exe
C:\Users\Lisa\AppData\Local\Temp\jre-8u31-windows-x64.exe
C:\Users\Lisa\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Lisa\AppData\Local\Temp\keytool.exe
C:\Users\Lisa\AppData\Local\Temp\msvcr100.dll
C:\Users\Lisa\AppData\Local\Temp\node.exe
C:\Users\Lisa\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-27 06:06

==================== End of log ============================
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Lisa at 2015-06-04 10:51:18
Running from C:\Users\Lisa\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3007510544-1590264628-2405062397-500 - Administrator - Disabled)
Gast (S-1-5-21-3007510544-1590264628-2405062397-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3007510544-1590264628-2405062397-1003 - Limited - Enabled)
Lisa (S-1-5-21-3007510544-1590264628-2405062397-1001 - Administrator - Enabled) => C:\Users\Lisa

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.34 (HKLM-x32\...\{23170F69-40C1-2701-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.162 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.7 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0033 - ASUS)
Avira (HKLM-x32\...\{dc9a688a-12cb-4a22-b449-23d849d01dc7}) (Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.49.1122 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1122 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GNU Backgammon (Version 1_04_000, 20141021) (HKLM-x32\...\GNU Backgammon_is1) (Version:  - Free Software Foundation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Juniper Networks Setup Client (HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Juniper_Setup_Client) (Version: 8.0.7.50111 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Juniper_Setup_Client) (Version: 8.0.7.50111 - Juniper Networks)
Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Junos Pulse (Version: 5.0.50111 - Ihr Firmenname) Hidden
Junos Pulse 5.0 (HKLM-x32\...\Junos Pulse 5.0) (Version: 5.0.50111 - Juniper Networks, Inc.)
Junos Pulse Netshim/Tunnel Manager/IPSec Manager Add-On (Version: 2.1.20595 - Juniper Networks) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
NVIDIA Graphics Driver 332.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.85 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Poladroid (HKLM-x32\...\{E8FF78D0-4D1C-4B2D-AC80-670F135F5461}) (Version: 0.9.6.0 - Poladroid.net)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7224 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Spotify (HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
TurningPoint 2008 (HKLM-x32\...\{B6FCAE72-20C8-44E8-B3CA-F9FB6B2210CF}) (Version: 4.5.1.2243 - Turning Technologies, LLC.)
VMware Horizon Client (HKLM\...\{4CE5CE6C-14DA-41E7-8728-07C95F3CBC59}) (Version: 3.3.0.25749 - VMware, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910_1\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

03-06-2015 16:58:25 Geplanter Prüfpunkt
03-06-2015 22:05:00 Wiederherstellungsvorgang

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0248BF17-2800-4434-B007-077D37A3830C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {0608C5DF-392A-4AD1-B489-8C6C8DB86596} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-25] (Google Inc.)
Task: {0E8906DB-D4CC-48E8-8F6D-32A7C2AACDBB} - System32\Tasks\Opera scheduled Autoupdate 1412279549 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
Task: {131D6E53-E70D-44C5-B974-5323E4F44277} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {16AA2C70-4E80-489A-9320-99497877553B} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-01-03] ()
Task: {417DF44F-A0CC-423F-AABD-9AD49E68240E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4BF341BA-42D2-4EC3-A778-B7D253DE660E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-03] (Adobe Systems Incorporated)
Task: {5CC6B52E-377B-4B63-9C20-0DE4D1DC5D7B} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {64C957ED-9664-4283-9765-32DF5434C6CD} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SIMBA-Lisa Simba => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-03-10] (Microsoft Corporation)
Task: {66694F39-7CBD-4CF1-88C4-4BF5422A9702} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {673128AE-F74A-4C57-89F8-C5AEA58B163F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {6C25D053-1FD6-49EB-9C3F-A45DFE26320A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {7649AD6E-FB7E-43AC-A09D-E80C8ECF31BC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {81CCB9B1-B64E-4365-ADF7-B1D6F88438CE} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {8A158CF3-B0FC-4302-93AD-48C8F78D1AC0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-01-03] (ASUS)
Task: {9CAF62EF-E515-4577-B232-317A78CF8F8B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {A28163A4-61B2-490F-AE46-9273110AB8E0} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {A6970E4D-1429-4DB8-9960-7E4886D6BD24} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-25] (Google Inc.)
Task: {B4867185-9C5F-4689-BDE7-8B00C0093ED9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {B93D7074-5B7A-44C1-8ABA-B0912C5525FD} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {C3A42C27-8558-4056-BCA5-F156E93263B6} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {C4770EDA-1393-4A20-9D6A-75F5CD3FB7DE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-18] (Microsoft Corporation)
Task: {D5199EE7-F6D4-47D3-B416-EE3AB9BA2133} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {D810D3B8-4977-4F4E-B49C-3CB478B156C3} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {DBC37793-802F-4EFF-B18C-47663D1E28F3} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {E5ACD20F-1F5B-4B84-9259-E084489EFACC} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {E907F6B8-E0A0-41BC-9992-8E38ED8D1F0D} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {F04A30E5-1D71-49BA-AFE0-78188EEEA96A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {FD5CEB66-CB73-4248-BF33-874BDB4961AC} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-06-21 22:45 - 2014-03-13 21:26 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-25 19:37 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-08 12:52 - 2015-01-08 12:52 - 00206008 _____ () C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
2015-01-08 12:58 - 2015-01-08 12:58 - 03645624 _____ () C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
2014-01-03 18:26 - 2014-01-03 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-01-03 18:26 - 2014-01-03 18:26 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2014-05-23 04:10 - 2014-03-18 05:10 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2012-03-08 04:27 - 2012-03-08 04:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ACVsWin.dll
2014-10-11 12:06 - 2014-10-11 12:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-08 12:47 - 2015-01-08 12:47 - 00225464 _____ () C:\Program Files (x86)\Common Files\VMware\DeviceRedirectionCommon\ftnlapi.dll
2014-06-21 22:37 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-10-08 21:41 - 2013-10-08 21:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 19:23 - 2013-09-09 19:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-03-14 16:07 - 2015-05-28 16:57 - 41287224 _____ () C:\Users\Lisa\AppData\Roaming\Spotify\libcef.dll
2015-03-14 16:07 - 2015-05-28 16:57 - 01488440 _____ () C:\Users\Lisa\AppData\Roaming\Spotify\libglesv2.dll
2015-03-14 16:07 - 2015-05-28 16:57 - 00079928 _____ () C:\Users\Lisa\AppData\Roaming\Spotify\libegl.dll
2015-03-14 16:07 - 2015-03-25 21:35 - 09305656 _____ () C:\Users\Lisa\AppData\Roaming\Spotify\pdf.dll
2014-12-23 23:23 - 2014-12-25 19:37 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2015-03-17 10:55 - 2015-04-17 03:58 - 01286312 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\PPRESOURCES.DLL
2015-05-26 09:18 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 09:18 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2014-09-12 11:43 - 2014-09-12 11:43 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
2015-05-26 09:18 - 2015-05-22 22:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Lisa\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Lisa\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lisa\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Lisa\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 131.173.245.9 - 131.173.245.10

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5EE592E6-B188-4990-A2F5-F47D7EB39267}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{34C31658-1119-457B-827D-F71C4C9E9CD5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3E9DBEAF-A8E2-4AE0-879E-823EECCDEAF6}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4624A586-5C78-4843-823A-29015888CF0B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{EFA10AAC-864D-4E4F-A5C4-BF57B5A7346B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C842F269-C89C-491E-AD19-B78DCCAF63EA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2968E65-E593-4AEC-9AAD-86AC2D5D360A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2CE0DBAE-A6C3-4D27-BC05-B6AC9B316577}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3A69AC6B-0AAC-4EEF-8DA9-901CE85F6D74}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{6CD002AB-57C7-4CE4-A115-C99E268B83DC}] => (Allow) C:\Users\Lisa\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{040324B7-2556-4CD0-9C17-00DA34E50BAB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2447009F-B7D7-4734-8C87-9E8F722015B9}] => (Allow) LPort=2869
FirewallRules: [{0B5A5F1D-F750-4F0D-AB47-6FAD9FCBFAE4}] => (Allow) LPort=1900
FirewallRules: [{6C37F5D1-E828-405A-9F26-7AA7170E32D8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{FC32FE9E-2D57-4692-9DAC-66B451546CC4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AFEDDB9E-91AF-4566-8DD6-880B614E640B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{669ACB77-8E03-4BAE-8E4A-DEB385A7DBEC}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{F3B935AD-4CA3-4CB9-92A8-58ED0DE05D07}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{4BA61D08-313A-4DB7-82DA-FD64F4EF9398}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{5449050A-CCCF-4E13-BB10-487DDC12D4B0}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{126C3460-0E98-4321-8404-EA14882B81B3}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{9966FC0F-4F39-4656-AFA8-FD4A3C5CCF88}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{7278AB48-13A4-441A-AA24-5DE8DB7CA693}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{FF820E51-1F0D-41FC-805B-039E95E6C918}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{8D4F7034-C56D-4861-809F-B327483C6B66}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{082A0BF8-4D41-4FF7-BEA9-6E66273A602C}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{AE92D254-8416-4114-8C38-E78A76D22AA4}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{8891CDA9-1B25-4457-852E-E812BE003D1C}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{5C5E6B1F-7BA0-47A2-B4C7-EDF87FFE73D8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{6B06636C-231E-42C6-9F51-BB356FF941BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2015 09:06:22 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/04/2015 02:26:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1281

Error: (06/04/2015 02:26:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1281

Error: (06/04/2015 02:26:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/03/2015 11:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1848) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU013C3.log.

Error: (06/03/2015 08:59:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 275500

Error: (06/03/2015 08:59:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 275500

Error: (06/03/2015 08:59:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/03/2015 08:58:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 274469

Error: (06/03/2015 08:58:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 274469


System errors:
=============
Error: (06/04/2015 09:07:01 AM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "SIMBA" auf Transport "NetBT_Tcpip_{973B06E1-A4B6-4A38-BCB9-D04D4F20EACE}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (06/03/2015 10:34:51 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (06/03/2015 10:33:40 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (06/03/2015 10:33:10 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {ADA518B9-B7A3-4C36-B4ED-49EB3FA189FC}

Error: (06/03/2015 10:31:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}{B292921D-AF50-400C-9B75-0C57A7F29BA1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/03/2015 10:18:18 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "SIMBA" auf Transport "NetBT_Tcpip_{973B06E1-A4B6-4A38-BCB9-D04D4F20EACE}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (06/03/2015 10:06:17 PM) (Source: DCOM) (EventID: 10010) (User: SIMBA)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (06/03/2015 10:03:57 PM) (Source: Virtual Disk Service) (EventID: 9) (User: )
Description: Unerwarteter Anbieterfehler. Möglicherweise kann das Problem durch erneutes Starten des Dienstes behoben werden. Fehlercode: 8007001F@02000014

Error: (06/03/2015 09:45:07 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (06/03/2015 09:44:26 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}


Microsoft Office:
=========================
Error: (06/04/2015 09:06:22 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/04/2015 02:26:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1281

Error: (06/04/2015 02:26:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1281

Error: (06/04/2015 02:26:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/03/2015 11:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1848SRUJet: C:\Windows\system32\SRU\SRU013C3.log-1811 (0xfffff8ed)

Error: (06/03/2015 08:59:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 275500

Error: (06/03/2015 08:59:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 275500

Error: (06/03/2015 08:59:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/03/2015 08:58:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 274469

Error: (06/03/2015 08:58:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 274469


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 46%
Total physical RAM: 8075.43 MB
Available physical RAM: 4279.99 MB
Total Pagefile: 11147.43 MB
Available Pagefile: 6611.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:301.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:537.64 GB) NTFS
Drive f: () (Removable) (Total:14.63 GB) (Free:6.7 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0240742E)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 14.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================
--- --- ---

ah und gefuden mit dem programm anti Malware

schrauber 05.06.2015 10:59
Logfile von MBAM bitte.

Pcgehtnicht 05.06.2015 22:41
Die hier?

Code:
<?xml version="1.0" encoding="UTF-8" ?>
<logs>
  <record severity="debug" LoggingEventType="1" datetime="2015-06-03T08:52:01.256975+02:00" source="Manual" type="Update" username="SYSTEM" systemname="SIMBA" fromVersion="2015.3.9.1" last_modified_tag="d9ad4b82-2b94-4044-9940-87f963fb1ec3" name="Remediation Database" toVersion="2015.5.13.1"></record>
  <record severity="debug" LoggingEventType="1" datetime="2015-06-03T08:52:01.559191+02:00" source="Manual" type="Update" username="SYSTEM" systemname="SIMBA" fromVersion="2015.2.25.1" last_modified_tag="6e190ffc-4c91-4c7f-bfc7-27d71d04b41f" name="Rootkit Database" toVersion="2015.6.2.1"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T08:52:02.294721+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="8cd9d35d-02d3-4c62-ac04-c30ff5acd1e0" result="Starting" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T08:52:02.311726+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="35a08238-d061-4488-9fb1-090d19d5e2b0" result="Started" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T08:52:02.468837+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="e95f9e26-e3e9-4ee6-a1c3-ae6d73538e6d" result="Starting" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T08:52:03.416516+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="d754e83a-e133-43dd-8065-f056f4dc5aee" result="Started" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="1" datetime="2015-06-03T08:52:09.083541+02:00" source="Manual" type="Update" username="SYSTEM" systemname="SIMBA" fromVersion="2015.3.9.5" last_modified_tag="5207ef0a-7b85-40de-8b98-8652fdbb13dd" name="Malware Database" toVersion="2015.6.3.1"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T08:52:09.672959+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="dc37ac2b-4903-4c79-973e-55aa2cd13a39" result="Starting" subtype="Refresh"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T08:52:09.687970+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="f09164cf-4a90-46cf-9b07-ed124e9cbbac" result="Stopping" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T08:52:09.963167+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="22ae3cad-01ab-4ef7-88ae-71630e315953" result="Stopped" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T08:52:22.397007+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="e7957aca-919b-4858-8453-130ec24da2d7" result="Success" subtype="Refresh"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T08:52:22.432032+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="c680a3fd-8e32-4fd1-9703-5009f4f1f054" result="Starting" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T08:52:22.909372+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="7eed6686-cde0-438b-b64a-3d9be3d7c93a" result="Started" subtype="Malicious Website Protection"></record>
  <record severity="debug" vendor="PUP.Optional.CrossRider.T" LoggingEventType="0" datetime="2015-06-03T09:16:10.030692+02:00" source="Protection" type="Detection" username="SYSTEM" systemname="SIMBA" last_modified_tag="73d6b77d-f057-4b71-9191-cafd7c32c888" subtype="Malware Protection" action="Quarantine" filename="C:\Windows\System32\Tasks\d3fc96ff-f07d-4873-9cb5-ba2814fae881-11" hash="3e0f4175d3b74fe75bbe22ef47bdf709" malwaretype="File" message=""></record>
  <record severity="debug" LoggingEventType="1" datetime="2015-06-03T13:02:16.830858+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="SIMBA" fromVersion="2015.6.3.1" last_modified_tag="ce1059f4-87b6-44a7-a9d2-3aa4b2e78af8" name="Malware Database" toVersion="2015.6.3.2"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T13:02:17.410270+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="ae63ae8c-4cb1-4775-8bae-17955e47ba36" result="Starting" subtype="Refresh"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T13:02:17.577390+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="91458297-c250-41a3-a352-7e32b96b64ed" result="Stopping" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T13:02:18.938494+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="aa57ea6b-d07d-453c-9002-6816a9c744ed" result="Stopped" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T13:10:59.843718+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="c3457425-7e7e-409a-b9cb-bdd93636c02a" result="Success" subtype="Refresh"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T13:10:59.883773+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="e2c100ad-9634-4418-b6d3-e1ef407c7db7" result="Starting" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T13:11:00.715027+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="dc0ebb57-69a6-48d9-b7f8-5aa64a24fd28" result="Started" subtype="Malicious Website Protection"></record>
  <record severity="debug" scantype="threat" LoggingEventType="6" starttime="2015-06-03T08:52:06+02:00" datetime="2015-06-03T13:58:07.360185+02:00" source="Manual" type="Scan" username="SYSTEM" systemname="SIMBA" last_modified_tag="af3d849a-4bf9-4a7e-a2f9-9f04f8f2f8ed" duration="2544" malwaredetections="0" nonmalwaredetections="34" scanresult="completed"></record>
  <record severity="debug" LoggingEventType="1" datetime="2015-06-03T15:36:54.689877+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="SIMBA" fromVersion="2015.6.3.2" last_modified_tag="32e7010a-8530-4d6f-b4bc-843dbeeb59f8" name="Malware Database" toVersion="2015.6.3.3"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T15:36:55.494451+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="ef2ce66d-5ff0-49fb-9e8c-1eed18791f50" result="Starting" subtype="Refresh"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T15:36:55.525472+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="a2d25600-5aa8-4788-9651-499d7fe6ff99" result="Stopping" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T15:36:56.371074+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="d8dc6f73-279b-4847-84f2-076fcaf2a4c8" result="Stopped" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T15:42:23.317568+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="5394a667-53ad-4756-ad09-06f723e97664" result="Success" subtype="Refresh"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T15:42:23.567752+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="39127714-a111-4d26-92d0-bcf3c3b3f6ef" result="Starting" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T15:42:25.133888+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="5f4fe9d7-08e3-4d8f-b985-707876f1c27b" result="Started" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="1" datetime="2015-06-03T20:06:31.451703+02:00" code="Unable to access update server" source="Scheduler" message="Failed" type="Update" username="SYSTEM" systemname="SIMBA" last_modified_tag="b6531ef6-a501-4f29-914a-3b6ef44198f3"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:10:03.455663+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="b08a60c2-e147-4e62-86f1-df3c05ecc789" result="Starting" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:10:03.799365+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="158d1760-3b2e-48e2-b392-d92fbb6a92ee" result="Started" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:10:03.799365+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="d6fa6b3e-7890-4f38-90c3-01deb0566e82" result="Starting" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:14:42.852311+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="636d5c1e-5714-4276-8d2c-6d3aa48db42f" result="Starting" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:14:42.899225+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="d8c6d075-4560-443c-aef6-8b7f01cac17b" result="Started" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:14:42.914831+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="4c265a1f-92cc-4560-bfe0-017f77a38f30" result="Starting" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:16:55.783147+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="7e00d778-3e42-43aa-90ad-7c5aa0d03267" result="Started" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:23:29.036039+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="fa64c3f3-28c8-438b-aa0a-4359d328ddbc" result="Starting" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:23:29.145414+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="7635bd6f-baa3-481f-98f3-16ba1330be7f" result="Started" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:23:29.161006+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="c2f6888d-e7ae-4f54-8d7a-e8ec8d3e6354" result="Starting" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:26:00.451767+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="ca4cf5fe-6b7e-41df-b94e-70f3efde5273" result="Started" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="1" datetime="2015-06-03T20:34:29.875962+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="SIMBA" fromVersion="2015.6.3.3" last_modified_tag="951e9a99-93bf-41a4-956d-737bc9d4aa50" name="Malware Database" toVersion="2015.6.3.5"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:34:29.921995+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="4365f7e4-6253-447f-aa31-25b9de9a1b0d" result="Starting" subtype="Refresh"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:34:29.937005+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="dd247b19-b515-47ee-99f1-310c00a9d719" result="Stopping" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:34:30.334287+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="60768335-cb82-4efb-859e-44ea89cc13b4" result="Stopped" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:34:42.653042+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="8e12c11c-023b-4f13-b3c6-d76479e2e34e" result="Success" subtype="Refresh"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:34:42.698074+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="8cc27262-6d06-4c75-a3c3-486d9c269857" result="Starting" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T20:34:43.191425+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="9a2492fe-04b9-4a75-a21a-f0d2a821746a" result="Started" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T21:39:20.375905+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="2a0b6bd6-8543-4a9b-ae31-6ecc19a52300" result="Starting" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T21:39:20.438398+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="c0c08e8e-d254-415a-a342-efe71de55d92" result="Started" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T21:39:20.454040+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="13df7f01-1018-44dc-b747-9fa304fdb309" result="Starting" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T21:40:30.586414+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="e94d04ae-6d16-45b2-8928-3df6efcfbc0b" result="Started" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T22:18:19.287287+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="04081f75-d271-4667-8fe3-713b2beb7c62" result="Starting" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T22:18:19.459180+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="a5e57ab8-8383-402b-b5e7-34344b53a57a" result="Started" subtype="Malware Protection"></record>
  <record severity="debug" LoggingEventType="1" datetime="2015-06-03T23:18:13.400871+02:00" source="Scheduler" type="Update" username="SYSTEM" systemname="SIMBA" fromVersion="2015.6.3.5" last_modified_tag="09bffbbc-829f-409d-badf-61c4ebb0c3c5" name="Malware Database" toVersion="2015.6.3.6"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T23:18:13.493937+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="2fde93de-fb66-4c13-92bf-35bee78cf7fe" result="Starting" subtype="Refresh"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T23:18:27.294727+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="0d8d9067-bcfa-4536-aac6-06d3254b0c1e" result="Success" subtype="Refresh"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T23:18:27.382790+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="9d07ff89-9ac9-4a5d-b407-27b440f8382a" result="Starting" subtype="Malicious Website Protection"></record>
  <record severity="debug" LoggingEventType="2" datetime="2015-06-03T23:18:28.104300+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="SIMBA" last_modified_tag="0f6679b8-9b3e-4684-8d6d-42484ef5fb5b" result="Started" subtype="Malicious Website Protection"></record>
</logs>
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 05.06.2015
Scan Time: 05:00:37
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.06.04.05
Rootkit Database: v2015.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Lisa

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 369040
Time Elapsed: 15 min, 56 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 05.06.2015 00:21:35, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.4.4, 2015.6.4.5,
Protection, 05.06.2015 00:21:35, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 05.06.2015 00:21:35, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 05.06.2015 00:21:35, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 05.06.2015 00:23:29, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 05.06.2015 00:23:29, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 05.06.2015 00:23:30, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Scan, 05.06.2015 05:17:46, SYSTEM, SIMBA, Context, Start:05.06.2015 05:00:37, Duration:15 min 56 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Update, 05.06.2015 09:33:11, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.4.5, 2015.6.5.1,
Protection, 05.06.2015 09:33:11, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 05.06.2015 09:33:11, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 05.06.2015 09:33:12, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 05.06.2015 09:36:09, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 05.06.2015 09:36:09, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 05.06.2015 09:36:09, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Update, 05.06.2015 12:49:13, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.5.1, 2015.6.5.2,
Protection, 05.06.2015 12:49:14, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 05.06.2015 12:49:14, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 05.06.2015 12:49:14, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 05.06.2015 12:52:38, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 05.06.2015 12:52:38, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 05.06.2015 12:52:39, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Update, 05.06.2015 14:01:48, SYSTEM, SIMBA, Scheduler, Failed, Unable to access update server,
Update, 05.06.2015 16:38:15, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.5.2, 2015.6.5.3,
Protection, 05.06.2015 16:38:15, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 05.06.2015 16:38:15, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 05.06.2015 16:38:15, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 05.06.2015 16:41:37, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 05.06.2015 16:41:37, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 05.06.2015 16:41:38, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Update, 05.06.2015 18:33:34, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.5.3, 2015.6.5.4,
Protection, 05.06.2015 18:33:34, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 05.06.2015 18:33:34, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 05.06.2015 18:33:35, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 05.06.2015 18:36:59, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 05.06.2015 18:36:59, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 05.06.2015 18:37:00, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Update, 05.06.2015 22:47:21, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.5.4, 2015.6.5.5,
Protection, 05.06.2015 22:47:21, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 05.06.2015 22:47:21, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 05.06.2015 22:47:21, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 05.06.2015 22:51:06, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 05.06.2015 22:51:06, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 05.06.2015 22:51:07, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Update, 05.06.2015 23:18:44, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.5.5, 2015.6.5.6,
Protection, 05.06.2015 23:18:44, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 05.06.2015 23:18:44, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 05.06.2015 23:18:45, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 05.06.2015 23:21:35, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 05.06.2015 23:21:36, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 05.06.2015 23:21:36, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,

(end)

schrauber 06.06.2015 16:28
Das Log mit den Funden wäre cool :)

Pcgehtnicht 06.06.2015 16:39
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 03.06.2015 08:52:01, SYSTEM, SIMBA, Manual, Remediation Database, 2015.3.9.1, 2015.5.13.1,
Update, 03.06.2015 08:52:01, SYSTEM, SIMBA, Manual, Rootkit Database, 2015.2.25.1, 2015.6.2.1,
Protection, 03.06.2015 08:52:02, SYSTEM, SIMBA, Protection, Malware Protection, Starting,
Protection, 03.06.2015 08:52:02, SYSTEM, SIMBA, Protection, Malware Protection, Started,
Protection, 03.06.2015 08:52:02, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 03.06.2015 08:52:03, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Update, 03.06.2015 08:52:09, SYSTEM, SIMBA, Manual, Malware Database, 2015.3.9.5, 2015.6.3.1,
Protection, 03.06.2015 08:52:09, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 03.06.2015 08:52:09, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 03.06.2015 08:52:09, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 03.06.2015 08:52:22, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 03.06.2015 08:52:22, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 03.06.2015 08:52:22, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Detection, 03.06.2015 09:16:10, SYSTEM, SIMBA, Protection, Malware Protection, File, PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\d3fc96ff-f07d-4873-9cb5-ba2814fae881-11, Quarantine, [3e0f4175d3b74fe75bbe22ef47bdf709]
Update, 03.06.2015 13:02:16, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.3.1, 2015.6.3.2,
Protection, 03.06.2015 13:02:17, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 03.06.2015 13:02:17, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 03.06.2015 13:02:18, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 03.06.2015 13:10:59, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 03.06.2015 13:10:59, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 03.06.2015 13:11:00, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Scan, 03.06.2015 13:58:07, SYSTEM, SIMBA, Manual, Start:03.06.2015 08:52:06, Duration:42 min 24 sec, Threat Scan, Completed, 0 Malware Detections, 34 Non-Malware Detections,
Update, 03.06.2015 15:36:54, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.3.2, 2015.6.3.3,
Protection, 03.06.2015 15:36:55, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 03.06.2015 15:36:55, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 03.06.2015 15:36:56, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 03.06.2015 15:42:23, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 03.06.2015 15:42:23, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 03.06.2015 15:42:25, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Update, 03.06.2015 20:06:31, SYSTEM, SIMBA, Scheduler, Failed, Unable to access update server,
Protection, 03.06.2015 20:10:03, SYSTEM, SIMBA, Protection, Malware Protection, Starting,
Protection, 03.06.2015 20:10:03, SYSTEM, SIMBA, Protection, Malware Protection, Started,
Protection, 03.06.2015 20:10:03, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 03.06.2015 20:14:42, SYSTEM, SIMBA, Protection, Malware Protection, Starting,
Protection, 03.06.2015 20:14:42, SYSTEM, SIMBA, Protection, Malware Protection, Started,
Protection, 03.06.2015 20:14:42, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 03.06.2015 20:16:55, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Protection, 03.06.2015 20:23:29, SYSTEM, SIMBA, Protection, Malware Protection, Starting,
Protection, 03.06.2015 20:23:29, SYSTEM, SIMBA, Protection, Malware Protection, Started,
Protection, 03.06.2015 20:23:29, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 03.06.2015 20:26:00, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Update, 03.06.2015 20:34:29, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.3.3, 2015.6.3.5,
Protection, 03.06.2015 20:34:29, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 03.06.2015 20:34:29, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopping,
Protection, 03.06.2015 20:34:30, SYSTEM, SIMBA, Protection, Malicious Website Protection, Stopped,
Protection, 03.06.2015 20:34:42, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 03.06.2015 20:34:42, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 03.06.2015 20:34:43, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Protection, 03.06.2015 21:39:20, SYSTEM, SIMBA, Protection, Malware Protection, Starting,
Protection, 03.06.2015 21:39:20, SYSTEM, SIMBA, Protection, Malware Protection, Started,
Protection, 03.06.2015 21:39:20, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 03.06.2015 21:40:30, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,
Protection, 03.06.2015 22:18:19, SYSTEM, SIMBA, Protection, Malware Protection, Starting,
Protection, 03.06.2015 22:18:19, SYSTEM, SIMBA, Protection, Malware Protection, Started,
Update, 03.06.2015 23:18:13, SYSTEM, SIMBA, Scheduler, Malware Database, 2015.6.3.5, 2015.6.3.6,
Protection, 03.06.2015 23:18:13, SYSTEM, SIMBA, Protection, Refresh, Starting,
Protection, 03.06.2015 23:18:27, SYSTEM, SIMBA, Protection, Refresh, Success,
Protection, 03.06.2015 23:18:27, SYSTEM, SIMBA, Protection, Malicious Website Protection, Starting,
Protection, 03.06.2015 23:18:28, SYSTEM, SIMBA, Protection, Malicious Website Protection, Started,

(end)
daS hier oder wie find ich das? die Viren sind derzeit alle in quarantäne

ich find da keins mit den Funen - seh die nur in der Quarantäne

Kann ich die nicht einfach all "löschen" und dann sind sie wegß

In Quarantäne sind u.a.

PUP.Optional.ModGood
PUP.optional.CrossRider.T
PUP.optional.CrossRider.A
PUP.optional.GlobalUpdate.A
PUP.optional.VOPackage.Gen

schrauber 07.06.2015 15:07
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Pcgehtnicht 07.06.2015 19:24
Code:
# AdwCleaner v4.206 - Bericht erstellt 07/06/2015 um 19:50:45
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-05.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Lisa - SIMBA
# Gestarted von : C:\Users\Lisa\Downloads\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : globalUpdatem

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Internet Speed Checker
Ordner Gelöscht : C:\Users\Lisa\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Lisa\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Lisa\AppData\Roaming\RHEng
Datei Gelöscht : C:\Users\Lisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\Lisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Goodgame Empire.lnk
Datei Gelöscht : C:\Users\Lisa\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_babylon.com.tr_0.localstorage
Datei Gelöscht : C:\Users\Lisa\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_babylon.com.tr_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****
Code:
~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\n4savaq5.default-1414172865324\minidumps [2 files]



~~~ Chrome


[C:\Users\Lisa\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Lisa\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Lisa\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Lisa\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.06.2015 at 20:15:24,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Und FRST

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Lisa (administrator) on SIMBA on 07-06-2015 20:19:27
Running from C:\Users\Lisa\Downloads
Loaded Profiles: Lisa (Available Profiles: Lisa)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
() C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [70328 2015-01-08] ()
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [JunosPulse] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2521944 2014-10-06] (Juniper Networks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Run: [Spotify Web Helper] => C:\Users\Lisa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-28] (Spotify Ltd)
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Run: [Spotify] => C:\Users\Lisa\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-28] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-10-03]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3007510544-1590264628-2405062397-1001 -> 23B5E148594F256123BD123AABE9188E URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-09-04] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-09-04] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{82E65DC3-12F4-495B-AE8B-5C4839D05E19}: [NameServer] 131.173.245.9,131.173.245.10

FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\n4savaq5.default-1414172865324
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-09-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-09-04] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Extension: Download videos and MP3s from YouTube - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\n4savaq5.default-1414172865324\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-27]
FF Extension: Adblock Plus - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\n4savaq5.default-1414172865324\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-21]
FF HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-3007510544-1590264628-2405062397-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-27]

Chrome:
=======
CHR Profile: C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browser Safety) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-28]
CHR Extension: (Bookmark Manager) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Floodwatch) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnnmlfhgefcbnolklnepapefmmobedld [2015-05-26]
CHR Extension: (Google Wallet) - C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-28]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

Opera:
=======
OPR StartupUrls: "hxxp://www.yandex.ru/?win=145&clid=1992408"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [206008 2015-01-08] ()
R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [3645624 2015-01-08] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [2030808 2015-01-21] (VMware, Inc.)
S2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [225464 2014-12-19] (VMware)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [530648 2015-02-11] (VMware, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-11] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 jnprna; C:\Windows\system32\DRIVERS\jnprna6.sys [518992 2012-03-30] (Juniper Networks, Inc.)
R1 jnprns; C:\Windows\system32\DRIVERS\jnprns.sys [507192 2014-08-20] (Juniper Networks)
S4 jnprTdi_807_50111; C:\Windows\system32\Drivers\jnprTdi_807_50111.sys [108344 2014-10-06] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\system32\DRIVERS\jnprva.sys [30072 2014-08-20] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\system32\DRIVERS\jnprvamgr.sys [45352 2014-08-20] (Juniper Networks, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-01-03] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 20:15 - 2015-06-07 20:15 - 00001186 _____ C:\Users\Lisa\Desktop\JRT.txt
2015-06-07 20:07 - 2015-06-07 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-06-07 20:05 - 2015-06-07 20:05 - 00000207 _____ C:\Windows\tweaking.com-regbackup-SIMBA-Windows-8.1-(64-bit).dat
2015-06-07 20:05 - 2015-06-07 20:05 - 00000000 ____D C:\RegBackup
2015-06-07 20:04 - 2015-06-07 20:04 - 02942406 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2015-06-07 19:42 - 2015-06-07 19:50 - 00000000 ____D C:\AdwCleaner
2015-06-07 19:39 - 2015-06-07 19:40 - 02231296 _____ C:\Users\Lisa\Downloads\AdwCleaner_4.206.exe
2015-06-07 04:16 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-07 04:16 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-07 04:16 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-07 04:16 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-07 04:16 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-07 04:16 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-07 04:16 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-07 04:16 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-06 17:36 - 2015-06-06 17:36 - 00001040 _____ C:\aaa.txt
2015-06-06 17:36 - 2015-06-06 17:36 - 00001039 _____ C:\Users\Lisa\Desktop\aa.txt
2015-06-04 15:35 - 2015-06-04 15:35 - 00027290 _____ C:\Users\Lisa\Downloads\Daten#bersicht
2015-06-04 12:43 - 2015-06-04 12:43 - 00003086 _____ C:\Windows\System32\Tasks\{301B199D-E03A-4F31-838A-67F29B96BE79}
2015-06-04 10:51 - 2015-06-04 10:54 - 00035226 _____ C:\Users\Lisa\Downloads\Addition.txt
2015-06-04 10:48 - 2015-06-07 20:19 - 00025122 _____ C:\Users\Lisa\Downloads\FRST.txt
2015-06-04 10:47 - 2015-06-07 20:19 - 00000000 ____D C:\FRST
2015-06-04 10:46 - 2015-06-04 10:46 - 02108928 _____ (Farbar) C:\Users\Lisa\Downloads\FRST64.exe
2015-06-04 10:43 - 2015-06-04 10:43 - 01147392 _____ (Farbar) C:\Users\Lisa\Downloads\FRST (1).exe
2015-06-04 10:42 - 2015-06-04 10:42 - 01147392 _____ (Farbar) C:\Users\Lisa\Downloads\FRST(2).exe
2015-06-04 10:42 - 2015-06-04 10:42 - 01147392 _____ (Farbar) C:\Users\Lisa\Downloads\FRST(1).exe
2015-06-04 10:40 - 2015-06-04 10:40 - 01147392 _____ (Farbar) C:\Users\Lisa\Downloads\FRST.exe
2015-06-03 22:59 - 2015-06-07 19:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-03 08:51 - 2015-06-07 19:58 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-03 08:51 - 2015-06-03 08:51 - 00001120 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-03 08:51 - 2015-06-03 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-03 08:51 - 2015-06-03 08:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-03 08:51 - 2015-06-03 08:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-03 08:51 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-03 08:51 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-03 08:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-03 08:49 - 2015-06-03 08:49 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Lisa\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-01 23:57 - 2015-06-01 23:57 - 00000000 ____D C:\Users\Lisa\AppData\Local\GWX
2015-05-30 15:51 - 2015-05-30 15:53 - 05745219 _____ C:\Users\Lisa\Documents\Zielgruppenanalyse_Latium_Rom.pptx
2015-05-29 12:55 - 2015-05-31 01:02 - 00000000 ____D C:\Users\Lisa\Desktop\Werbung
2015-05-28 15:49 - 2015-05-28 15:49 - 00000000 ____D C:\Users\Lisa\Documents\TurningPoint
2015-05-28 14:36 - 2015-06-03 00:24 - 00000000 ____D C:\Users\Lisa\Documents\Vortrag
2015-05-28 12:24 - 2015-05-28 12:24 - 46641642 _____ C:\Users\Lisa\Documents\wasistds.pptx
2015-05-28 12:21 - 2015-05-28 12:21 - 15077231 _____ C:\Users\Lisa\Documents\druck.pptx
2015-05-28 12:14 - 2015-05-28 12:15 - 43580791 _____ C:\Users\Lisa\Desktop\FERTIGDRUCKEN.pptx
2015-05-28 11:54 - 2015-05-28 11:54 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Turning Technologies
2015-05-28 11:53 - 2015-05-28 11:53 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turning Technologies, LLC
2015-05-28 11:53 - 2015-05-28 11:53 - 00000000 ____D C:\Program Files (x86)\Turning Technologies
2015-05-28 11:52 - 2015-05-28 11:54 - 00000000 ____D C:\ProgramData\Turning Technologies
2015-05-28 11:51 - 2015-05-28 11:52 - 17477144 _____ (Turning Technologies, LLC.) C:\Users\Lisa\Downloads\TurningPoint_4_5_1.exe
2015-05-28 11:37 - 2015-05-28 12:23 - 00000000 ____D C:\Users\Lisa\Desktop\Druck
2015-05-28 11:00 - 2015-05-28 15:01 - 00000000 ____D C:\Users\Lisa\Desktop\drucken
2015-05-27 13:43 - 2015-05-27 19:41 - 43616166 _____ C:\Users\Lisa\Documents\ausgeblendet.pptx
2015-05-27 13:25 - 2015-05-27 13:25 - 43603079 _____ C:\Users\Lisa\Documents\Neu1325.pptx
2015-05-27 13:10 - 2015-05-27 13:10 - 43602631 _____ C:\Users\Lisa\Documents\Neu1310.pptx
2015-05-27 05:41 - 2015-05-27 12:13 - 46641795 _____ C:\Users\Lisa\Documents\neusteVersion27.pptx
2015-05-27 05:30 - 2015-05-27 05:30 - 46684773 _____ C:\Users\Lisa\Documents\fastZusammen.pptx
2015-05-27 03:52 - 2015-05-27 03:53 - 34116778 _____ C:\Users\Lisa\Documents\Zusammen.pptx
2015-05-27 03:21 - 2015-05-27 03:22 - 18923881 _____ C:\Users\Lisa\Documents\Lisa.pptx
2015-05-27 00:21 - 2015-05-27 00:21 - 01430576 _____ (Juniper Networks, Inc.) C:\Users\Lisa\Downloads\JuniperSetupClientInstaller (1).exe
2015-05-26 22:50 - 2015-05-26 22:50 - 01137480 _____ C:\Users\Lisa\Downloads\Präsentation Facebook Max.pptx
2015-05-26 21:41 - 2015-05-26 21:41 - 05877867 _____ C:\Users\Lisa\Documents\steffihalb.pptx
2015-05-26 20:44 - 2015-05-26 20:44 - 00799538 _____ C:\Users\Lisa\Documents\folie.pptx
2015-05-26 20:40 - 2015-05-26 20:43 - 00799537 _____ C:\Users\Lisa\Documents\Neu.pptx
2015-05-26 20:34 - 2015-05-26 20:34 - 04450699 _____ C:\Users\Lisa\Documents\Facebook_Präsentation_finalsteffi.pptx
2015-05-26 16:51 - 2015-05-26 16:51 - 00377046 _____ C:\Users\Lisa\Documents\wennfacebook.pptx
2015-05-26 16:49 - 2015-05-26 16:50 - 15807678 _____ C:\Users\Lisa\Documents\mitst.pptx
2015-05-26 10:32 - 2015-05-26 23:30 - 15121507 _____ C:\Users\Lisa\Documents\Vorläufig1.pptx
2015-05-26 09:22 - 2015-05-26 09:46 - 04332447 _____ C:\Users\Lisa\Documents\Mone.pptx
2015-05-25 15:33 - 2015-05-25 15:33 - 00937826 _____ C:\Users\Lisa\Downloads\präsi-Adrian(1).pptx
2015-05-25 15:32 - 2015-05-25 15:32 - 01216718 _____ C:\Users\Lisa\Downloads\masterlayout FB(1).pptx
2015-05-25 15:32 - 2015-05-25 15:32 - 01096455 _____ C:\Users\Lisa\Downloads\masterlayout FB.pptx
2015-05-21 23:23 - 2015-05-21 23:23 - 01430576 _____ (Juniper Networks, Inc.) C:\Users\Lisa\Downloads\JuniperSetupClientInstaller(4).exe
2015-05-21 23:16 - 2012-03-30 10:30 - 00518992 _____ (Juniper Networks, Inc.) C:\Windows\system32\Drivers\jnprna6.sys
2015-05-21 11:34 - 2015-05-21 11:34 - 00019469 _____ C:\Users\Lisa\Desktop\Übersicht_AP_Bronze_Silber_Gold.xlsx
2015-05-21 11:08 - 2015-05-21 11:09 - 89733366 _____ C:\Users\Lisa\Downloads\facebook-lisalowenherz58.zip
2015-05-19 23:21 - 2015-05-19 23:21 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\GalileoPress
2015-05-18 23:57 - 2015-05-18 23:57 - 00003291 _____ C:\Users\Lisa\AppData\Local\recently-used.xbel
2015-05-18 21:35 - 2015-05-18 21:35 - 00839357 _____ C:\Users\Lisa\Desktop\Unbenannt.xcf
2015-05-14 11:28 - 2015-05-22 10:14 - 00005120 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SIMBA-Lisa Simba
2015-05-13 15:16 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:16 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:55 - 2015-06-07 12:02 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-05-13 14:55 - 2015-06-07 12:02 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-05-13 14:55 - 2015-05-13 14:55 - 00003382 _____ C:\Windows\System32\Tasks\Update Checker
2015-05-13 03:42 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-13 03:42 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-13 03:42 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-13 03:42 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-13 03:42 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-13 03:41 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 03:41 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 03:41 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 03:41 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 03:41 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 03:41 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 03:41 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 03:41 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 03:41 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 03:41 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 03:41 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 03:41 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 03:41 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 03:41 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 03:41 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 03:41 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 03:41 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 03:41 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 03:41 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 03:41 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 03:41 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 03:41 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 03:41 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 03:41 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 03:41 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 03:41 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 03:41 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 03:41 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 03:41 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 03:41 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 03:41 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 03:41 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 03:41 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 03:41 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 03:41 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 03:41 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 03:41 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 03:41 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 03:41 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 03:41 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 03:41 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 03:41 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 03:41 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 03:41 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 03:41 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 03:41 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 03:41 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 03:41 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-13 03:41 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 03:41 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-13 03:41 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-13 03:41 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-13 03:41 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-13 03:41 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 03:41 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 03:41 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 03:41 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 03:41 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-13 03:41 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-13 03:41 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-13 03:41 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-13 03:41 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-13 03:41 - 2015-03-13 02:29 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-13 03:41 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 03:41 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 03:41 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 03:41 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-13 03:41 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 03:41 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 03:41 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-13 03:41 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 03:41 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-13 03:41 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-13 03:41 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 20:16 - 2014-11-25 23:54 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-07 20:15 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-07 20:12 - 2014-10-03 06:11 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3007510544-1590264628-2405062397-1001
2015-06-07 20:07 - 2014-10-03 06:05 - 00000000 ____D C:\Users\Lisa\AppData\Local\Packages
2015-06-07 20:04 - 2014-10-16 21:12 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Spotify
2015-06-07 20:00 - 2014-10-03 06:06 - 00000074 _____ C:\Users\Lisa\AppData\Roaming\sp_data.sys
2015-06-07 20:00 - 2014-10-02 22:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-07 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-07 19:59 - 2014-11-25 23:54 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-07 19:59 - 2014-10-16 21:13 - 00000000 ____D C:\Users\Lisa\AppData\Local\Spotify
2015-06-07 19:59 - 2014-10-13 21:06 - 00000000 __RDO C:\Users\Lisa\OneDrive
2015-06-07 19:55 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-07 19:55 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-06-07 19:54 - 2013-12-13 05:57 - 00371122 _____ C:\Windows\PFRO.log
2015-06-07 19:54 - 2013-08-22 16:46 - 00034309 _____ C:\Windows\setupact.log
2015-06-07 19:54 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-07 19:52 - 2014-12-14 04:18 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-07 19:52 - 2014-10-13 20:47 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-07 19:45 - 2014-06-21 22:44 - 01493786 _____ C:\Windows\WindowsUpdate.log
2015-06-07 19:42 - 2014-10-20 22:30 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\Skype
2015-06-07 19:40 - 2014-10-03 06:13 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D21C7EDB-4835-49D5-B886-4DE93EB9B90D}
2015-06-07 19:34 - 2014-10-03 00:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 13:08 - 2015-04-18 15:17 - 00907264 ___SH C:\Users\Lisa\Desktop\Thumbs.db
2015-06-06 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-04 21:50 - 2014-10-02 22:34 - 02590720 ___SH C:\Users\Lisa\Downloads\Thumbs.db
2015-06-03 22:34 - 2014-10-03 00:27 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-03 22:31 - 2014-10-03 06:05 - 00000000 ____D C:\Users\Lisa
2015-06-03 22:16 - 2015-04-08 12:13 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-03 22:16 - 2014-10-03 00:27 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-06-03 22:16 - 2014-06-21 22:59 - 00000000 ____D C:\ProgramData\P4G
2015-06-03 22:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2015-06-02 10:27 - 2015-04-07 15:25 - 00000000 ____D C:\Users\Lisa\Desktop\Bewerbung
2015-06-01 10:42 - 2014-12-02 22:54 - 00000000 ____D C:\Users\Lisa\.gimp-2.8
2015-05-31 18:35 - 2015-01-05 23:24 - 00000000 ____D C:\Users\Lisa\AppData\Local\CrashDumps
2015-05-29 20:45 - 2015-05-07 13:08 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\WildTangent
2015-05-29 20:45 - 2013-12-13 06:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-29 20:45 - 2013-12-13 06:11 - 00000000 ____D C:\ProgramData\WildTangent
2015-05-29 20:45 - 2013-12-13 06:11 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-05-29 13:36 - 2013-12-13 13:04 - 00773008 _____ C:\Windows\system32\perfh007.dat
2015-05-29 13:36 - 2013-12-13 13:04 - 00162310 _____ C:\Windows\system32\perfc007.dat
2015-05-29 13:36 - 2013-12-13 06:09 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-28 23:09 - 2014-10-20 22:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-28 23:09 - 2014-10-20 22:30 - 00000000 ____D C:\ProgramData\Skype
2015-05-28 21:02 - 2014-12-15 01:01 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-28 11:54 - 2014-06-21 22:53 - 00015202 _____ C:\Windows\DPINST.LOG
2015-05-26 09:18 - 2014-11-25 23:55 - 00002197 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-26 02:01 - 2014-10-14 18:55 - 00000000 ___RD C:\Users\Lisa\Documents\Notes
2015-05-25 15:25 - 2015-02-14 01:32 - 00000000 ____D C:\Users\Lisa\Desktop\Istanbul Uni
2015-05-21 09:26 - 2014-10-15 23:35 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1412279549
2015-05-21 09:26 - 2014-10-02 21:52 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-05-21 09:26 - 2014-10-02 21:52 - 00000000 ____D C:\Program Files (x86)\Opera
2015-05-20 18:39 - 2015-04-08 12:13 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 03:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-05-18 23:57 - 2014-12-02 22:59 - 00000000 ____D C:\Users\Lisa\AppData\Local\gtk-2.0
2015-05-18 22:16 - 2014-12-06 02:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-18 22:16 - 2014-12-06 02:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-18 22:16 - 2014-06-21 23:02 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-05-18 22:16 - 2013-08-22 16:44 - 00510632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-18 22:10 - 2013-08-22 22:59 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-18 22:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-05-18 22:10 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-17 22:11 - 2014-11-25 23:54 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 22:11 - 2014-11-25 23:54 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 14:18 - 2014-11-18 22:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-13 15:09 - 2014-10-09 11:37 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 14:55 - 2013-12-13 06:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-05-13 14:55 - 2013-12-13 06:10 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-05-13 14:54 - 2014-10-09 11:37 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 14:44 - 2014-12-06 02:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-11 18:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2014-12-15 20:27 - 2014-12-16 01:25 - 0000470 _____ () C:\Users\Lisa\AppData\Roaming\Poladroid prefs.plist
2014-10-03 06:06 - 2015-06-07 20:00 - 0000074 _____ () C:\Users\Lisa\AppData\Roaming\sp_data.sys
2015-05-18 23:57 - 2015-05-18 23:57 - 0003291 _____ () C:\Users\Lisa\AppData\Local\recently-used.xbel
2014-06-21 22:48 - 2014-06-21 22:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 06:09 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 06:09 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 06:09 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some files in TEMP:
====================
C:\Users\Lisa\AppData\Local\Temp\avgnt.exe
C:\Users\Lisa\AppData\Local\Temp\FreeYouTubeDownload.exe
C:\Users\Lisa\AppData\Local\Temp\JavaRa.exe
C:\Users\Lisa\AppData\Local\Temp\jli.dll
C:\Users\Lisa\AppData\Local\Temp\jre-8u25-windows-i586.exe
C:\Users\Lisa\AppData\Local\Temp\jre-8u25-windows-x64.exe
C:\Users\Lisa\AppData\Local\Temp\jre-8u31-windows-i586.exe
C:\Users\Lisa\AppData\Local\Temp\jre-8u31-windows-x64.exe
C:\Users\Lisa\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Lisa\AppData\Local\Temp\keytool.exe
C:\Users\Lisa\AppData\Local\Temp\msvcr100.dll
C:\Users\Lisa\AppData\Local\Temp\node.exe
C:\Users\Lisa\AppData\Local\Temp\Quarantine.exe
C:\Users\Lisa\AppData\Local\Temp\sqlite3.dll
C:\Users\Lisa\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-27 06:06

==================== End of log ============================

schrauber 08.06.2015 10:33

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Pcgehtnicht 08.06.2015 18:43
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0cb45116215c4141b2cb417a43bbe353
# end=init
# utc_time=2015-06-08 09:45:35
# local_time=2015-06-08 11:45:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 24221
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0cb45116215c4141b2cb417a43bbe353
# end=updated
# utc_time=2015-06-08 09:47:59
# local_time=2015-06-08 11:47:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0cb45116215c4141b2cb417a43bbe353
# engine=24221
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-08 04:28:49
# local_time=2015-06-08 06:28:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='McAfee Anti-Virus * Anti-Spyware'
# compatibility_mode=5130 16777214 100 97 17639652 61028815 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 7443561 58662222 0 0
# scanned=279638
# found=4
# cleaned=4
# scan_time=24049
sh=4F1A1ECBC53648728576DC417328B2DD70532367 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.D evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Internet Speed Checker\1293297481.mxaddon.vir"
sh=FB3F7E2BF56F5EA06763303CDAA0E962E975E063 ft=1 fh=c0dea5299389dc4e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Lisa\AppData\Local\Temp\DMR\dmr_72.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Lisa\Downloads\PDFCreator-1_7_3_setup(1).exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Lisa\Downloads\PDFCreator-1_7_3_setup.exe"
Code:
Results of screen317's Security Check version 1.002 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus                     
McAfee Anti-Virus und Anti-Spyware 
Windows Defender                   
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 31 
 Java version 32-bit out of Date!
 Adobe Flash Player        17.0.0.169 
 Adobe Reader XI 
 Mozilla Firefox (38.0.5)
 Google Chrome (43.0.2357.65)
 Google Chrome (43.0.2357.81)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
Ist er nun wieder sauber da er bei dem Eset 4 Sachen gefunden hat?
Und er hängt irgendwie noch immer ;(

schrauber 09.06.2015 10:17
geht das genauer? Und das frische FRST log fehlt noch.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:14 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129