| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: smileys we love toolbar for IEWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.11.2013, 12:40
| #1 |
 |  smileys we love toolbar for IE Hi, ich habe mir ausversehen die smileys we love toolbar for IE runtergeladen weil ich nicht richtitig gelesen hab, bzw gar nicht gelesen hab. Jetzt wollt ich das teil runter schmeißen aber es klappt einfach nicht. Ich habe Delta toolbar etc. was mitinstalliert wurde runter geschmissen. Außerdem scheint die Yontoo toolbar auch immer wieder zu kommen (muss noch genauer getestet werden. Aufjedenfall kann ich die smileys we love toolbar for IE nicht aus den Programmen löschen. Hab es auf normalen weg probiert mit TuneUP,CC cleaner, Glary Utlilities etc klappt alles nicht da immer folgender kommt: "THere is a problem with this Windows Installer package. A program required for this install to complete could not be run. COntact your support personnel or package vendor." Mein firefox und chrome sollte auch bereinigt sein. Ich habe bereits CCleaner ausgeführt und HijackThis laufen lassen(auswertungslog hänge ich unten an). Im moment lasse ich malewarebytes durchlaufen. Fällt euch noch was ein was ich machen könnte? hier der log: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:38:41, on 10.11.2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: D:\Games\STEAM\Steam.exe D:\Programme\HTC\HTC Sync\adb.exe C:\Program Files (x86)\Skype\Phone\Skype.exe D:\Programme\RocketDock\RocketDock.exe D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\SysWOW64\Ctxfihlp.exe C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe D:\Programme\XFire\Xfire.exe C:\Windows\SysWOW64\CTXFISPI.EXE C:\Users\zoOky\AppData\Roaming\Yontoo\YontooDesktop.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\zoOky\Downloads\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxie.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: (no name) - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} - (no file) O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O3 - Toolbar: (no name) - {CF0F43AB-9C23-4D7B-8040-201B82844854} - (no file) O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe O4 - HKLM\..\RunOnce: [ Malwarebytes Anti-Malware ] D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Steam] "D:\Games\STEAM\Steam.exe" -silent O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [RocketDock] "D:\Programme\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Bitdefender-Geldbörse-Agent] D:\Programme\Bitdefender\Bitdefender\pmbxag.exe O4 - HKCU\..\Run: [Bitdefender-Geldbörse] D:\Programme\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard O4 - HKCU\..\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [Bitdefender-Geldbörse-Agent] D:\Programme\Bitdefender\Bitdefender\pmbxag.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Bitdefender-Geldbörse] D:\Programme\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Bitdefender-Geldbörse-Agent] D:\Programme\Bitdefender\Bitdefender\pmbxag.exe (User 'Default user') O4 - Startup: Dropbox.lnk = zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Rainmeter.lnk = D:\Programme\Rainmeter.exe O4 - Startup: Xfire.lnk = D:\Programme\XFire\Xfire.exe O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\zoOky\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: HTCMonitorService - Nero AG - D:\Programme\HTC\HSMServiceEntry.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SplitCamService (SpliCamService) - SplitCam Co. - D:\Programme\SplitCam\SplitCamService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - D:\Programme\Bitdefender\Bitdefender\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - D:\Programme\Bitdefender\Bitdefender\vsserv.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13447 bytes TuneUp etc traue ich nicht so wirklich. mfg, seReniX |
|
10.11.2013, 15:39
| #2 |
| /// the machine /// TB-Ausbilder    | smileys we love toolbar for IE hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
10.11.2013, 17:54
| #3 |
| | smileys we love toolbar for IE Hi,
__________________danke für die antwort. Hier die log files: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 Ran by zoOky (administrator) on ZOOKY-PC on 10-11-2013 17:37:54 Running from C:\Users\zoOky\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Bitdefender) D:\Programme\Bitdefender\Bitdefender\vsserv.exe (AMD) C:\Windows\system32\atiesrxx.exe (The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (AMD) C:\Windows\system32\atieclxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Nero AG) D:\Programme\HTC\HSMServiceEntry.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Razer) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe (SplitCam Co.) D:\Programme\SplitCam\SplitCamService.exe (Rocket Division Software) D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Bitdefender) D:\Programme\Bitdefender\Bitdefender\updatesrv.exe (Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe () D:\Programme\Sapphire TRIXX\TRIXX.exe () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe (Bitdefender) D:\Programme\Bitdefender\Bitdefender\bdagent.exe (Valve Corporation) D:\Games\STEAM\Steam.exe () D:\Programme\HTC\HTC Sync\adb.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () D:\Programme\RocketDock\RocketDock.exe (Bitdefender) D:\Programme\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender) D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Dropbox, Inc.) C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe () D:\Programme\Rainmeter.exe (Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe (Xfire Inc.) D:\Programme\XFire\Xfire.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Xfire Inc.) D:\Programme\XFire\Xfire.exe () D:\Programme\XFire\xfire64.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Yontoo LLC) C:\Users\zoOky\AppData\Roaming\Yontoo\YontooDesktop.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe (Bitdefender) D:\Programme\Bitdefender\Bitdefender\seccenter.exe () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (TeamSpeak Systems GmbH) D:\Programme\TS\ts3client_win32.exe (Solid State Networks) D:\Games\TERA\TERA-Launcher.exe () D:\Games\TERA\Client\TL.exe () D:\Games\TERA\Client\Binaries\TERA.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Bdagent] - D:\Programme\Bitdefender\Bitdefender\bdagent.exe [1738968 2013-10-30] (Bitdefender) HKLM-x32\...\RunOnce: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] () HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation) HKCU\...\Run: [Steam] - D:\Games\STEAM\Steam.exe [1820584 2013-10-30] (Valve Corporation) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.) HKCU\...\Run: [RocketDock] - D:\Programme\RocketDock\RocketDock.exe [495616 2007-09-02] () HKCU\...\Run: [DAEMON Tools Lite] - D:\Programme\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - D:\Programme\Bitdefender\Bitdefender\pmbxag.exe [564256 2013-10-30] (Bitdefender) HKCU\...\Run: [Bitdefender-Geldbörse] - D:\Programme\Bitdefender\Bitdefender\pwdmanui.exe [1004608 2013-10-30] (Bitdefender) HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [621448 2013-10-30] (Bitdefender) HKCU\...\Run: [Google Update] - C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-07] (Google Inc.) MountPoints2: G - G:\HTC_Sync_Manager_PC.exe MountPoints2: {3cc854aa-4f72-11e2-ae3b-806e6f6e6963} - G:\HTC_Sync_Manager_PC.exe MountPoints2: {59b966de-5411-11e2-ba4f-001fd0dc171d} - K:\HTC_Sync_Manager_PC.exe MountPoints2: {8e59e9de-c097-11e2-bab5-001fd0dc171d} - I:\SETUP.EXE MountPoints2: {c90a6927-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe MountPoints2: {c90a6a8e-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Razer Imperator Driver] - C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-02-09] (Razer USA Ltd) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.) Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk ShortcutTarget: Rainmeter.lnk -> D:\Programme\Rainmeter.exe () Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk ShortcutTarget: Xfire.lnk -> D:\Programme\XFire\Xfire.exe (Xfire Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD79BF8D408E2CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms} SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP1491FE71-97E1-4635-96D7-6E5A540C5D1F&q={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms} SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP1491FE71-97E1-4635-96D7-6E5A540C5D1F&q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&affID=121845&tt=gc_&babsrc=SP_ss_Btisdt7&mntrId=A289001FD0DC171D BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender) BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: No Name - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} - No File BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM - No Name - {CF0F43AB-9C23-4D7B-8040-201B82844854} - No File Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62 FireFox: ======== FF ProfilePath: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default FF user.js: detected! => C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\user.js FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20(shExpMatch(host%2C%20'(*.turntable.fm%7Cturntable.fm)')%20%26%26%20url.indexOf('.css')%20%3D%3D%20-1%20%26%26%20url.indexOf('.js')%20%3D%3D%20-1)%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1))%20%7B%20return%20'PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D" FF NetworkProxy: "type", 2 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\itunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\searchplugins\conduit-search.xml FF SearchPlugin: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\searchplugins\delta.xml FF SearchPlugin: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\ich@maltegoetz.de FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi FF Extension: stylish - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi FF Extension: Adblock Plus - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\ FF Extension: Bitdefender Wallet - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\ Chrome: ======= CHR HomePage: hxxp://google.de/ CHR RestoreOnStartup: "hxxp://google.de/" CHR Plugin: (Shockwave Flash) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Google Update) - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll No File CHR Extension: (ProxTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.4_0 CHR Extension: (Google Drive) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Bitdefender Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.19.0_0 CHR Extension: (Google Search) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Free Smileys & Emoticons) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.0.24.0_0 CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0 CHR Extension: (Google Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx ==================== Services (Whitelisted) ================= R2 HTCMonitorService; D:\Programme\HTC\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG) R2 MBAMScheduler; D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-31] () R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [31448 2013-05-03] (Razer) R2 SpliCamService; D:\Programme\SplitCam\SplitCamService.exe [311456 2013-10-17] (SplitCam Co.) R2 StarWindServiceAE; D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software) R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC) R2 UPDATESRV; D:\Programme\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-23] (Bitdefender) R2 VSSERV; D:\Programme\Bitdefender\Bitdefender\vsserv.exe [1506736 2013-10-30] (Bitdefender) R2 Yontoo Desktop Updater; C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [23552 2013-05-17] (Microsoft) ==================== Drivers (Whitelisted) ==================== R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-07-23] (BitDefender SRL) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-15] (DT Soft Ltd) S3 etdrv; C:\Windows\etdrv.sys [25640 2013-10-20] (Windows (R) Server 2003 DDK provider) R3 gdrv; C:\Windows\gdrv.sys [25640 2013-11-10] (Windows (R) Server 2003 DDK provider) R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-11-10] () R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [128856 2013-05-03] (Razer USA Ltd) R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74456 2013-05-03] (Razer USA Ltd) R3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider) R3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2013-07-12] (Windows (R) Win 7 DDK provider) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-05-19] () R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-02] (BitDefender S.R.L.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software) R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] () U3 a6tpyuja; C:\Windows\System32\Drivers\a6tpyuja.sys [0 ] (Microsoft Corporation) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] R3 TRIXX; \??\C:\Users\zoOky\AppData\Local\Temp\TRIXX.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-10 17:37 - 2013-11-10 17:37 - 01957562 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe 2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST 2013-11-10 13:54 - 2013-11-10 13:54 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum 2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk 2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk 2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET 2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe 2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes 2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-10 12:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe 2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe 2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD 2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe 2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html 2013-11-10 12:00 - 2013-11-10 12:01 - 00000000 ____D C:\Users\zoOky\Downloads\backups 2013-11-10 11:58 - 2013-11-10 12:38 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log 2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe 2013-11-09 11:12 - 2013-11-09 11:14 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip 2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java 2013-11-08 14:28 - 2013-11-08 14:31 - 00000000 ____D C:\ProgramData\Oracle 2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe 2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe 2013-11-01 17:09 - 2013-10-25 02:02 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy 2013-10-31 14:21 - 2013-10-31 14:23 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3 2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2 2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe 2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk 2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe 2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk 2013-10-20 14:05 - 2013-11-10 10:38 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref 2013-10-20 10:58 - 2013-11-10 11:57 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft 2013-10-20 10:56 - 2013-11-10 10:38 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job 2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize 2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk 2013-10-20 10:51 - 2013-11-10 12:23 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-10-20 10:51 - 2013-11-10 12:23 - 00000000 ____D C:\Program Files\CCleaner 2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe 2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip 2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip 2013-10-18 08:07 - 2013-04-24 09:45 - 00810496 _____ C:\Windows\SysWOW64\xvidcore.dll 2013-10-18 08:07 - 2013-04-24 09:45 - 00183808 _____ C:\Windows\SysWOW64\xvidvfw.dll 2013-10-18 08:07 - 2013-04-24 09:45 - 00080896 _____ C:\Windows\SysWOW64\ff_vfw.dll 2013-10-18 08:07 - 2013-04-24 09:45 - 00000590 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest 2013-10-18 08:03 - 2013-10-20 10:47 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate 2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express 2013-10-18 08:00 - 2013-10-18 08:00 - 00000000 ____D C:\Users\zoOky\Documents\PC Speed Maximizer 2013-10-18 07:55 - 2013-10-18 07:55 - 00000000 _____ C:\END 2013-10-14 13:40 - 2013-10-14 13:42 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 4 Beta 2013-10-12 09:14 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-12 09:14 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-12 09:14 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-12 09:14 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-12 09:14 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-12 09:14 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-12 09:14 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys ==================== One Month Modified Files and Folders ======= 2013-11-10 17:38 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Skype 2013-11-10 17:37 - 2013-11-10 17:37 - 01957562 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe 2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST 2013-11-10 17:20 - 2012-12-17 21:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-10 16:44 - 2013-01-07 22:08 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA.job 2013-11-10 16:28 - 2013-05-19 15:31 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Yontoo 2013-11-10 16:15 - 2012-12-17 20:29 - 01535540 _____ C:\Windows\WindowsUpdate.log 2013-11-10 14:23 - 2013-06-29 16:50 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\TS3Client 2013-11-10 13:56 - 2009-07-14 06:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-10 13:54 - 2013-11-10 13:54 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum 2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk 2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk 2013-11-10 13:26 - 2013-05-19 15:31 - 00000000 ____D C:\Program Files (x86)\Yontoo 2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET 2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe 2013-11-10 12:38 - 2013-11-10 11:58 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log 2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes 2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-10 12:25 - 2013-04-29 20:07 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFusion 2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe 2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe 2013-11-10 12:23 - 2013-10-20 10:51 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-11-10 12:23 - 2013-10-20 10:51 - 00000000 ____D C:\Program Files\CCleaner 2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD 2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe 2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html 2013-11-10 12:01 - 2013-11-10 12:00 - 00000000 ____D C:\Users\zoOky\Downloads\backups 2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe 2013-11-10 11:57 - 2013-10-20 10:58 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft 2013-11-10 10:45 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-10 10:45 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-10 10:39 - 2012-12-26 16:42 - 00000000 ____D C:\Users\zoOky\AppData\Local\HTC MediaHub 2013-11-10 10:38 - 2013-10-20 14:05 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref 2013-11-10 10:38 - 2013-10-20 10:56 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job 2013-11-10 10:38 - 2013-04-27 18:21 - 00000000 ___RD C:\Users\zoOky\Dropbox 2013-11-10 10:38 - 2013-04-27 18:19 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Dropbox 2013-11-10 10:38 - 2012-12-27 20:07 - 00030528 _____ C:\Windows\GVTDrv64.sys 2013-11-10 10:38 - 2012-12-27 11:35 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2013-11-10 10:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-09 18:40 - 2013-01-07 22:08 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core.job 2013-11-09 11:14 - 2013-11-09 11:12 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip 2013-11-08 16:44 - 2012-12-21 20:22 - 00000000 ____D C:\Users\zoOky\AppData\Local\PMB Files 2013-11-08 16:44 - 2012-12-21 20:22 - 00000000 ____D C:\ProgramData\PMB Files 2013-11-08 16:09 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Xfire 2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-11-08 14:31 - 2013-11-08 14:28 - 00000000 ____D C:\ProgramData\Oracle 2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java 2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe 2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe 2013-11-08 00:03 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Spotify 2013-11-07 15:02 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Local\Spotify 2013-11-07 13:48 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Xfire 2013-10-31 14:31 - 2012-12-18 16:34 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2013-10-31 14:31 - 2012-12-17 21:23 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-10-31 14:31 - 2012-12-17 21:23 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2013-10-31 14:24 - 2012-12-17 21:23 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2013-10-31 14:23 - 2013-10-31 14:21 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3 2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2 2013-10-30 15:34 - 2012-12-24 15:24 - 00000000 ____D C:\Users\zoOky\Documents\Guild Wars 2 2013-10-30 15:32 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe 2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk 2013-10-30 10:58 - 2013-09-03 10:58 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-10-30 10:09 - 2013-02-11 17:10 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-30 10:09 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Skype 2013-10-30 10:07 - 2012-12-17 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-10-29 22:05 - 2013-09-18 00:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe 2013-10-25 02:02 - 2013-11-01 17:09 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy 2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk 2013-10-20 11:03 - 2012-12-29 18:10 - 00000000 ____D C:\Windows\system32\appmgmt 2013-10-20 11:03 - 2012-12-18 20:01 - 00000000 ____D C:\Program Files (x86)\Origin Games 2013-10-20 11:00 - 2012-12-30 20:29 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys 2013-10-20 10:58 - 2012-12-18 16:29 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize 2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk 2013-10-20 10:52 - 2013-02-15 19:07 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\DAEMON Tools Lite 2013-10-20 10:52 - 2012-12-18 05:23 - 00000000 ____D C:\Windows\Panther 2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-10-20 10:48 - 2012-12-17 21:10 - 00000000 ____D C:\Program Files\Creative 2013-10-20 10:47 - 2013-10-18 08:03 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate 2013-10-20 10:47 - 2012-12-17 20:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe 2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip 2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip 2013-10-18 15:48 - 2012-12-17 20:30 - 00000000 ____D C:\Users\zoOky 2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express 2013-10-18 08:00 - 2013-10-18 08:00 - 00000000 ____D C:\Users\zoOky\Documents\PC Speed Maximizer 2013-10-18 07:55 - 2013-10-18 07:55 - 00000000 _____ C:\END 2013-10-14 13:42 - 2013-10-14 13:40 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 4 Beta 2013-10-13 22:27 - 2013-07-13 15:55 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-13 16:39 - 2013-01-07 22:08 - 00004090 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA 2013-10-13 16:39 - 2013-01-07 22:08 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core 2013-10-12 09:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-10-11 12:50 - 2009-07-14 05:45 - 00477488 _____ C:\Windows\system32\FNTCACHE.DAT Some content of TEMP: ==================== C:\Users\zoOky\AppData\Local\Temp\i4jdel0.exe C:\Users\zoOky\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe [2012-12-22 11:12] - [2010-04-11 23:03] - 2870272 ____A (Microsoft Corporation) EE79A736D8ACF23A080FC00E36486C98 C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-31 09:39 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2013
Ran by zoOky at 2013-11-10 17:38:33
Running from C:\Users\zoOky\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
==================== Installed Programs ======================
@BIOS (x32 Version: 2.28)
«Fifa Manager 2013» 1.0.0.0 (x32 Version: 1.0.0.0)
Adobe AIR (x32 Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Aion (x32 Version: 1.0.0.2)
AION Free-to-Play Version 1.0 (x32 Version: 1.0)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
AMD Wireless Display v3.0 (Version: 1.0.0.10)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlefield 4™ Beta (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.3.0)
Bitdefender Antivirus Plus (Version: 17.15.0.682)
Bonjour (Version: 3.0.0.10)
CABAL Online Europe (Europe) (x32)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)
CCC Help Czech (x32 Version: 2013.0328.2217.38225)
CCC Help Danish (x32 Version: 2013.0328.2217.38225)
CCC Help Dutch (x32 Version: 2013.0328.2217.38225)
CCC Help English (x32 Version: 2013.0328.2217.38225)
CCC Help Finnish (x32 Version: 2013.0328.2217.38225)
CCC Help French (x32 Version: 2013.0328.2217.38225)
CCC Help German (x32 Version: 2013.0328.2217.38225)
CCC Help Greek (x32 Version: 2013.0328.2217.38225)
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)
CCC Help Italian (x32 Version: 2013.0328.2217.38225)
CCC Help Japanese (x32 Version: 2013.0328.2217.38225)
CCC Help Korean (x32 Version: 2013.0328.2217.38225)
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)
CCC Help Polish (x32 Version: 2013.0328.2217.38225)
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)
CCC Help Russian (x32 Version: 2013.0328.2217.38225)
CCC Help Spanish (x32 Version: 2013.0328.2217.38225)
CCC Help Swedish (x32 Version: 2013.0328.2217.38225)
CCC Help Thai (x32 Version: 2013.0328.2217.38225)
CCC Help Turkish (x32 Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.07)
Core Temp 1.0 RC4 (Version: 1.0)
Counter-Strike: Global Offensive (x32)
CPUID CPU-Z 1.62
Creative Audio-Systemsteuerung (x32 Version: 2.00)
Creative Konsole Starter (x32)
Creative Software AutoUpdate (x32 Version: 1.40)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Dead Space™ 3 (x32 Version: 1.0.0.0)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Diablo III (x32 Version: 1.0.8.16603)
DMC Devi May Cry (c) Capcom version 1 (x32 Version: 1)
Dropbox (HKCU Version: 2.0.22)
Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000)
ESET Online Scanner v3 (x32)
ESN Sonar (x32 Version: 0.70.4)
FIFA 14 Demo (x32 Version: 1.0.0.0)
Free YouTube to MP3 Converter version 3.11.37.1212 (x32 Version: 3.11.37.1212)
Gameforge Live 1.0 "Legend" (x32 Version: 1.1.1724)
Glary Utilities 2.56.0.1822 (x32 Version: 2.56.0.1822)
Google Chrome (HKCU Version: 30.0.1599.101)
Guild Wars 2 (x32)
HTC BMP USB Driver (x32 Version: 1.0.5375)
HTC Driver Installer (x32 Version: 4.3.0.001)
HTC Sync (x32 Version: 3.3.7)
HTC Sync Manager (x32 Version: 2.1.54.0)
ImgBurn (x32 Version: 2.5.7.0)
IPTInstaller (x32 Version: 4.0.8)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.5)
League of Legends (x32 Version: 1.3)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Mirror's Edge™ (x32 Version: 1.0.1.0)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 25.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
NCSOFT Game Launcher (x32)
NCsoft Launcher (x32 Version: 1.5.19002)
Need for Speed™ Most Wanted (x32 Version: 1.5.0.0)
NVIDIA PhysX v8.10.17 (x32 Version: 8.10.17)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Origin (x32 Version: 9.1.3.2637)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
PakkISO 0.4 (x32 Version: PakkISO 0.4 by zorted, installer by BitLooter)
Pando Media Booster (x32 Version: 2.6.0.8)
PCSX2 - Playstation 2 Emulator (x32)
PunkBuster Services (x32 Version: 0.991)
Rainmeter (x32 Version: 2.4 r1678)
Razer Comms (x32)
Razer Core (x32 Version: 0.01.144)
Razer Imperator (x32 Version: 2.02.00)
RocketDock 1.3.5 (x32)
Sapphire TRIXX (x32)
Secure Download Manager (x32 Version: 3.1.10)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.9 (x32 Version: 6.9.106)
Smileys We Love Toolbar for IE (x32 Version: 3.0.17)
SpeedFan (remove only) (x32)
SplitCam (x32 Version: 5.14.4.1)
Spotify (HKCU Version: 0.9.4.185.g7545a404)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (HKCU Version: 3.0.13)
TERA (x32 Version: 18.10.03)
Theme Resource Changer X64 v1.0
TmNationsForever (x32)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.110)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.110)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
Update for Microsoft InfoPath 2013 (KB2752078) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760257) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817309) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817311) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817493) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817640) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827228) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827235) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2810016) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2825632) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2817625) 64-Bit Edition
Update for Microsoft Project 2013 (KB2767859) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2752097) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2825633) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2752018) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2817631) 64-Bit Edition
Update for Microsoft Word 2013 (KB2827218) 64-Bit Edition
UxStyle Core Beta (Version: 0.2.1.1)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.5 (Version: 2.0.5)
WinMerge 2.14.0 (x32 Version: 2.14.0)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Xfire (x32)
==================== Restore Points =========================
10-11-2013 11:25:54 Removed Smileys We Love Toolbar for IE
10-11-2013 11:36:39 Removed Smileys We Love Toolbar for IE
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05622429-4A19-4952-B2B2-6A6517C5A26D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {0F0AEB0D-2F66-4F37-AFFC-7CB3681E8A09} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-29] ()
Task: {117A9638-FC0F-4C51-9922-634B569E9465} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {175BEC22-4A53-41DB-9EAA-FFDC3FFD1748} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {37F2675B-16C1-49FE-A5D8-35ADCFF8E5AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {55AB4294-9210-480B-9FB5-006BFEBAD76D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {6B26C148-6DC4-4D87-A088-360069B2092B} - System32\Tasks\Google Updater and Installer => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {715FE8C9-0B31-41FB-88A1-4B58A9A53FC5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {82FE0479-B4A5-4303-A20F-CEC53AAF5950} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {8B9735A0-E195-4F93-9575-F36A7C939B55} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {8EDA1BEC-CD67-480F-9B20-6F0C88C588C7} - System32\Tasks\Sapphire TRIXX => D:\Programme\Sapphire TRIXX\TRIXX.exe [2013-02-07] ()
Task: {9D98A4FC-FE39-4C6D-A29E-A3324297D584} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {9EA78E21-A6AF-4865-A977-69FAB038148F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9EC9D126-B639-4B97-9201-E99A5E2B34ED} - System32\Tasks\GlaryInitialize => D:\Programme\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {A8FC602F-62C7-42DC-8E17-A4047095804E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {B3A8506E-21D6-4D88-8547-079285BCCDAD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {B49A1B05-9181-40DB-A801-38ECE8D2D046} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-09-09] (TuneUp Software)
Task: {D01F3F7A-6DA6-4AFD-ACCB-75CEF18B518A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {D11FB221-7F2D-4D46-8BF2-B54C9C667AD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F616E482-9F2A-4591-B2C8-6D3703298451} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-01-29] (Microsoft)
Task: {FDB2CF3E-4102-4FB7-8E06-DDE2F79DEB40} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => D:\Programme\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core.job => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA.job => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-08-20 18:43 - 2013-06-19 11:45 - 00265080 _____ () D:\Programme\Bitdefender\Bitdefender\txmlutil.dll
2012-11-04 15:25 - 2012-11-04 15:25 - 00736968 _____ () D:\Programme\Rainmeter.dll
2012-11-04 15:22 - 2012-11-04 15:22 - 00026624 _____ () D:\Programme\Plugins\InputText.dll
2013-10-02 17:43 - 2013-10-02 17:43 - 00101328 _____ () D:\Programme\Bitdefender\Bitdefender\bdmetrics.dll
2013-10-23 17:35 - 2013-10-23 17:35 - 00480296 _____ () D:\Programme\Bitdefender\Bitdefender\bdidntconp.dll
2013-09-04 14:11 - 2013-09-04 14:11 - 00201728 _____ () D:\Programme\Bitdefender\Bitdefender\UI\bdidntconp.ui
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-15 15:40 - 2013-08-15 15:40 - 00030056 _____ () D:\Programme\HTC\DbAccess.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00607376 _____ () D:\Programme\HTC\sqlite3.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00044392 _____ () D:\Programme\HTC\NAdvLog.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00036216 _____ () D:\Programme\HTC\NFileCacheDBAccess.dll
2013-08-15 15:42 - 2013-08-15 15:42 - 00080248 _____ () D:\Programme\HTC\ninstallerhelper.dll
2013-08-15 15:49 - 2013-08-15 15:49 - 00223592 _____ () D:\Programme\HTC\DevConnMon.dll
2013-10-17 13:24 - 2013-10-17 13:24 - 00114336 _____ () D:\Programme\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2012-11-14 14:44 - 2012-11-14 14:44 - 02875463 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
2012-11-14 10:42 - 2012-11-14 10:42 - 00651331 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll
2012-09-17 16:25 - 2012-09-17 16:25 - 00106496 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
2012-05-08 15:01 - 2012-05-08 15:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
2011-09-14 17:12 - 2011-09-14 17:12 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
2011-03-01 19:00 - 2011-03-01 19:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
2011-10-18 09:26 - 2011-10-18 09:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
2012-11-14 14:00 - 2012-11-14 14:00 - 01499204 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
2012-09-18 14:45 - 2012-09-18 14:45 - 01335362 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
2012-11-09 16:51 - 2012-11-09 16:51 - 01429582 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
2010-06-10 15:52 - 2010-06-10 15:52 - 00110592 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
2010-03-12 05:40 - 2010-03-12 05:40 - 04449632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
2010-03-12 05:40 - 2010-03-12 05:40 - 00423256 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
2012-11-20 17:38 - 2012-11-20 17:38 - 00311296 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
2013-03-25 19:34 - 2007-09-02 13:57 - 00069632 _____ () D:\Programme\RocketDock\RocketDock.dll
2013-03-25 13:23 - 2013-10-24 18:45 - 00691200 _____ () D:\Games\STEAM\SDL2.dll
2013-01-01 15:24 - 2013-10-30 20:25 - 01123240 _____ () D:\Games\STEAM\bin\chromehtml.DLL
2013-01-01 15:24 - 2013-10-23 21:07 - 20625832 _____ () D:\Games\STEAM\bin\libcef.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 01100800 _____ () D:\Games\STEAM\bin\avcodec-53.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 00124416 _____ () D:\Games\STEAM\bin\avutil-51.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 00192000 _____ () D:\Games\STEAM\bin\avformat-53.dll
2013-10-17 13:24 - 2013-10-17 13:24 - 00153760 _____ () D:\Programme\SplitCam\SplitCamFilter.ax
2013-07-02 05:36 - 2013-07-02 05:36 - 02088960 _____ () D:\Programme\SplitCam\opencv_core246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 01905664 _____ () D:\Programme\SplitCam\opencv_imgproc246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 02092544 _____ () D:\Programme\SplitCam\opencv_highgui246.dll
2013-08-20 18:43 - 2013-06-19 11:44 - 00204280 _____ () D:\Programme\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\zoOky\AppData\Roaming\Dropbox\bin\libcef.dll
2012-12-17 21:10 - 2006-06-09 15:20 - 00003072 _____ () C:\Windows\system32\CTXFIGER.DLL
2012-12-17 21:10 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2013-05-19 15:31 - 2013-11-10 10:39 - 00013600 _____ () C:\Users\zoOky\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll
2013-09-18 00:36 - 2013-10-26 02:53 - 03368048 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-10 13:20 - 2013-10-10 13:20 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
2013-04-04 09:38 - 2013-10-01 15:41 - 00230376 _____ () D:\Programme\TS\soundbackends\directsound_win32.dll
2013-04-04 09:38 - 2013-10-01 15:41 - 00237032 _____ () D:\Programme\TS\soundbackends\windowsaudiosession_win32.dll
2013-04-04 09:38 - 2013-10-01 15:41 - 00159208 _____ () D:\Programme\TS\plugins\appscanner_plugin.dll
2013-04-04 09:38 - 2013-10-01 15:41 - 00431080 _____ () D:\Programme\TS\plugins\clientquery_plugin.dll
2013-10-01 15:41 - 2013-10-01 15:41 - 00555496 _____ () D:\Programme\TS\plugins\teamspeak_control_plugin.dll
2013-03-03 21:51 - 2012-10-01 12:36 - 20452352 _____ () D:\Games\TERA\libcef.dll
2013-03-03 21:51 - 2013-04-23 08:45 - 00115240 _____ () D:\Games\TERA\CopyCub.dll
2013-03-03 22:59 - 2013-10-17 09:36 - 20645216 _____ () D:\Games\TERA\Client\Binaries\awesomium.dll
2013-03-03 22:59 - 2013-10-17 09:36 - 00166992 _____ () D:\Games\TERA\Client\Binaries\PhysXExtensions.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\zoOky\Downloads\ccsetup407(1).exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\ccsetup407.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\HiJackThis204.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\WindowsSetupBox.exe:BDU
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/10/2013 01:14:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/10/2013 00:42:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/10/2013 00:42:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/10/2013 00:37:31 PM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin
Error: (11/10/2013 00:26:57 PM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin
Error: (11/10/2013 00:18:38 PM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin
Error: (11/10/2013 00:14:45 PM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin
Error: (11/10/2013 00:02:29 PM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin
Error: (11/10/2013 11:57:15 AM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin
Error: (11/10/2013 11:55:56 AM) (Source: MsiInstaller) (User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin
System errors:
=============
Error: (11/10/2013 03:55:32 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Error: (11/10/2013 03:55:32 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Error: (11/10/2013 03:55:32 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Error: (11/10/2013 03:55:32 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Error: (11/10/2013 03:55:32 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801
Error: (11/10/2013 03:55:32 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801
Error: (11/10/2013 01:55:08 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
Error: (11/10/2013 01:55:03 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
Error: (11/10/2013 00:06:19 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Error: (11/10/2013 00:06:19 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Microsoft Office Sessions:
=========================
Error: (11/10/2013 01:14:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
Error: (11/10/2013 00:42:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
Error: (11/10/2013 00:42:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
Error: (11/10/2013 00:37:31 PM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/10/2013 00:26:57 PM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/10/2013 00:18:38 PM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/10/2013 00:14:45 PM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/10/2013 00:02:29 PM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/10/2013 11:57:15 AM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/10/2013 11:55:56 AM) (Source: MsiInstaller)(User: zoOky-PC)
Description: Product: Smileys We Love Toolbar for IE -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _974FD6A7_FA08_4F5F_8F11_FD5D14F1680E, location: C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe, command: /uninstall="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll" /privileges=admin (NULL)(NULL)(NULL)(NULL)(NULL)
==================== Memory info ===========================
Percentage of memory in use: 87%
Total physical RAM: 8190.3 MB
Available physical RAM: 1007.89 MB
Total Pagefile: 16378.79 MB
Available Pagefile: 8939.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.24 GB) (Free:31.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:416.93 GB) (Free:53.78 GB) NTFS
Drive e: (Windows 7) (Fixed) (Total:48.83 GB) (Free:23.14 GB) NTFS
Drive g: (Metro: Last Light Disc2) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
Drive i: (15.0.4420.1017) (CDROM) (Total:0.76 GB) (Free:0 GB) UDF
Drive j: (VOLUME) (Fixed) (Total:297.94 GB) (Free:59.89 GB) FAT32
Drive k: (ESD-USB) (Removable) (Total:3.73 GB) (Free:0.66 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 777EC869)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8D243882)
Partition 1: (Not Active) - (Size=417 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: B986EA92)
Partition 1: (Not Active) - (Size=298 GB) - (Type=0C)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)
==================== End Of Log ============================
Code:
ATTFilter C:\Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application
C:\Program Files (x86)\Yontoo\YontooLayers.crx multiple threats
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\zoOky\Downloads\backups\backup-20131110-120025-761.dll a variant of Win32/Adware.Yontoo.A application
C:\Users\zoOky\Downloads\backups\backup-20131110-120133-760.dll a variant of Win32/Adware.Yontoo.A application
C:\Users\zoOky\Downloads\backups\backup-20131110-120158-494.dll a variant of Win32/Adware.Yontoo.A application
|
|
11.11.2013, 10:02
| #4 |
| /// the machine /// TB-Ausbilder | smileys we love toolbar for IE Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.11.2013, 14:13
| #5 |
| | smileys we love toolbar for IE Malewarebytes: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.11.10.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16721 zoOky :: ZOOKY-PC [Administrator] Schutz: Aktiviert 10.11.2013 12:32:30 mbam-log-2013-11-10 (12-32-30).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|J:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 456552 Laufzeit: 52 Minute(n), 21 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 8 HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} (PUP.Optional.SmileysWeLove.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} (PUP.Optional.SmileysWeLove.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 3 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CF0F43AB-9C23-4D7B-8040-201B82844854} (PUP.Optional.SmileysWeLove.A) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{CF0F43AB-9C23-4D7B-8040-201B82844854} (PUP.Optional.SmileysWeLove.A) -> Daten: SmileysWeLoveToolbar.IEModule -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0L1N1H2O1S -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 4 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoW3i&dpid=SnapdoW3i&co=DE&userid=88c03465-5def-4a6b-8379-33a304977184&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 3 C:\Users\zoOky\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\zoOky\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\zoOky\AppData\Roaming\OpenCandy\7774B20B101F47E7B5141C407BFF336E (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 3 C:\Program Files (x86)\Yontoo\OptChrome.exe (PUP.Optional.OptChrome.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. D:\R.G. Catalyst\Fifa Manager 2013\rld.dll (Trojan.VirTool) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\zoOky\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x64
Ran by zoOky on 11.11.2013 at 13:54:49,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Failed to stop: [Service] yontoo desktop updater
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\snapdo_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\snapdo_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
~~~ Files
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\zoOky\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\zoOky\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"
~~~ FireFox
Successfully deleted: [File] C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\user.js
Successfully deleted: [File] C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\invalidprefs.js
Successfully deleted: [File] C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\searchplugins\delta.xml
Successfully deleted: [File] C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\searchplugins\web search.xml
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted the following from C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\prefs.js
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "a2893c17000000000000001fd0dc171d");
user_pref("extensions.delta.instlDay", "15844");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.21.0");
user_pref("extensions.delta.vrsnTs", "1.8.21.016:31:45");
user_pref("extensions.delta.vrsni", "1.8.21.0");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=121845&tt=gc_");
user_pref("extensions.delta_i.srcExt", "ss");
Emptied folder: C:\Users\zoOky\AppData\Roaming\mozilla\firefox\profiles\p1hkmspx.default\minidumps [4 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.11.2013 at 14:03:23,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ADWCleaner: Code:
ATTFilter # AdwCleaner v3.012 - Report created 11/11/2013 at 14:04:24
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : zoOky - ZOOKY-PC
# Running from : C:\Users\zoOky\Downloads\adwcleaner_3012.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : Yontoo Desktop Updater
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\zoOky\Documents\PC Speed Maximizer
Folder Deleted : C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
File Deleted : C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\foxydeal.sqlite
File Deleted : C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\searchplugins\conduit-search.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\SmileysWeLove
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : [x64] HKLM\SOFTWARE\systweak
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v25.0 (de)
[ File : C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\prefs.js ]
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Line Deleted : user_pref("extentions.y2layers.installId", "fdb7c55c-68fe-4c3d-9637-90a6b8430b40");
-\\ Google Chrome v
[ File : C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [8151 octets] - [11/11/2013 13:54:56]
AdwCleaner[S0].txt - [2921 octets] - [11/11/2013 14:04:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2981 octets] ##########
FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by zoOky (administrator) on ZOOKY-PC on 11-11-2013 14:11:14
Running from C:\Users\zoOky\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\vsserv.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) D:\Programme\HTC\HSMServiceEntry.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(SplitCam Co.) D:\Programme\SplitCam\SplitCamService.exe
(Rocket Division Software) D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\updatesrv.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
() D:\Programme\HTC\HTC Sync\adb.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\bdagent.exe
(Valve Corporation) D:\Games\STEAM\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() D:\Programme\RocketDock\RocketDock.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Dropbox, Inc.) C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe
() D:\Programme\Rainmeter.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Xfire Inc.) D:\Programme\XFire\Xfire.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
() D:\Programme\Sapphire TRIXX\TRIXX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Xfire Inc.) D:\Programme\XFire\Xfire.exe
() D:\Programme\XFire\xfire64.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\seccenter.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Bdagent] - D:\Programme\Bitdefender\Bitdefender\bdagent.exe [1738968 2013-10-30] (Bitdefender)
HKLM-x32\...\RunOnce: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKCU\...\Run: [Steam] - D:\Games\STEAM\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [RocketDock] - D:\Programme\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [DAEMON Tools Lite] - D:\Programme\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - D:\Programme\Bitdefender\Bitdefender\pmbxag.exe [564256 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse] - D:\Programme\Bitdefender\Bitdefender\pwdmanui.exe [1004608 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [621448 2013-10-30] (Bitdefender)
HKCU\...\Run: [Google Update] - C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-07] (Google Inc.)
MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {3cc854aa-4f72-11e2-ae3b-806e6f6e6963} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {59b966de-5411-11e2-ba4f-001fd0dc171d} - K:\HTC_Sync_Manager_PC.exe
MountPoints2: {8e59e9de-c097-11e2-bab5-001fd0dc171d} - I:\SETUP.EXE
MountPoints2: {c90a6927-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {c90a6a8e-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Razer Imperator Driver] - C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-02-09] (Razer USA Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> D:\Programme\Rainmeter.exe ()
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> D:\Programme\XFire\Xfire.exe (Xfire Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD79BF8D408E2CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} - No File
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CF0F43AB-9C23-4D7B-8040-201B82844854} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62
FireFox:
========
FF ProfilePath: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20((url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20(shExpMatch(host%2C%20'(*.turntable.fm%7Cturntable.fm)')%20%26%26%20url.indexOf('.css')%20%3D%3D%20-1%20%26%26%20url.indexOf('.js')%20%3D%3D%20-1)%20%7C%7C%20host%20%3D%3D%20'www.pandora.com')%20%7B%20return%20'PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\itunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\ich@maltegoetz.de
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: stylish - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR RestoreOnStartup: "hxxp://google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\zoOky\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Google Update) - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll No File
CHR Extension: (ProxTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.4_0
CHR Extension: (Google Drive) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Bitdefender Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.19.0_0
CHR Extension: (Google Search) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0
CHR Extension: (Google Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx
==================== Services (Whitelisted) =================
R2 HTCMonitorService; D:\Programme\HTC\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
R2 MBAMScheduler; D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-31] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [31448 2013-05-03] (Razer)
R2 SpliCamService; D:\Programme\SplitCam\SplitCamService.exe [311456 2013-10-17] (SplitCam Co.)
R2 StarWindServiceAE; D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 UPDATESRV; D:\Programme\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-23] (Bitdefender)
R2 VSSERV; D:\Programme\Bitdefender\Bitdefender\vsserv.exe [1506736 2013-10-30] (Bitdefender)
==================== Drivers (Whitelisted) ====================
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-07-23] (BitDefender SRL)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-15] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-10-20] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-11-11] (Windows (R) Server 2003 DDK provider)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-11-11] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [128856 2013-05-03] (Razer USA Ltd)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74456 2013-05-03] (Razer USA Ltd)
R3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider)
R3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2013-07-12] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-05-19] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-02] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
U3 ak2uxw3u; C:\Windows\System32\Drivers\ak2uxw3u.sys [0 ] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
R3 TRIXX; \??\C:\Users\zoOky\AppData\Local\Temp\TRIXX.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-11 14:11 - 2013-11-11 14:11 - 01957590 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe
2013-11-11 14:03 - 2013-11-11 14:03 - 00006764 _____ C:\Users\zoOky\Desktop\JRT.txt
2013-11-11 13:54 - 2013-11-11 13:54 - 01034531 _____ (Thisisu) C:\Users\zoOky\Downloads\JRT.exe
2013-11-11 13:54 - 2013-11-11 13:54 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 13:53 - 2013-11-11 14:04 - 00000000 ____D C:\AdwCleaner
2013-11-11 06:08 - 2013-11-11 14:06 - 00002270 _____ C:\Windows\PFRO.log
2013-11-11 06:08 - 2013-11-11 14:06 - 00000112 _____ C:\Windows\setupact.log
2013-11-11 06:08 - 2013-11-11 06:08 - 00000000 _____ C:\Windows\setuperr.log
2013-11-10 17:52 - 2013-11-10 17:52 - 00000762 _____ C:\Users\zoOky\Desktop\eset.txt
2013-11-10 17:38 - 2013-11-10 17:39 - 00040941 _____ C:\Users\zoOky\Downloads\Addition.txt
2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST
2013-11-10 13:54 - 2013-11-11 06:25 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum
2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk
2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 12:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe
2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD
2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe
2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html
2013-11-10 12:00 - 2013-11-10 12:01 - 00000000 ____D C:\Users\zoOky\Downloads\backups
2013-11-10 11:58 - 2013-11-10 12:38 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log
2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe
2013-11-09 11:12 - 2013-11-09 11:14 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip
2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java
2013-11-08 14:28 - 2013-11-08 14:31 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe
2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe
2013-11-01 17:09 - 2013-10-25 02:02 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy
2013-10-31 14:21 - 2013-10-31 14:23 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3
2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2
2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe
2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe
2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-10-20 14:05 - 2013-11-11 14:06 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-10-20 10:58 - 2013-11-10 11:57 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft
2013-10-20 10:56 - 2013-11-11 14:06 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize
2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk
2013-10-20 10:51 - 2013-11-10 12:23 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-20 10:51 - 2013-11-10 12:23 - 00000000 ____D C:\Program Files\CCleaner
2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe
2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip
2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip
2013-10-18 08:07 - 2013-04-24 09:45 - 00810496 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00183808 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00080896 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00000590 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2013-10-18 08:03 - 2013-10-20 10:47 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate
2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express
2013-10-14 13:40 - 2013-10-14 13:42 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 4 Beta
2013-10-12 09:14 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-12 09:14 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
==================== One Month Modified Files and Folders =======
2013-11-11 14:11 - 2013-11-11 14:11 - 01957590 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe
2013-11-11 14:07 - 2013-04-27 18:19 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Dropbox
2013-11-11 14:07 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Skype
2013-11-11 14:06 - 2013-11-11 06:08 - 00002270 _____ C:\Windows\PFRO.log
2013-11-11 14:06 - 2013-11-11 06:08 - 00000112 _____ C:\Windows\setupact.log
2013-11-11 14:06 - 2013-10-20 14:05 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-11-11 14:06 - 2013-10-20 10:56 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-11-11 14:06 - 2013-04-27 18:21 - 00000000 ___RD C:\Users\zoOky\Dropbox
2013-11-11 14:06 - 2012-12-27 20:07 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-11-11 14:06 - 2012-12-27 11:35 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-11-11 14:06 - 2012-12-26 16:42 - 00000000 ____D C:\Users\zoOky\AppData\Local\HTC MediaHub
2013-11-11 14:06 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-11 14:05 - 2012-12-17 20:29 - 01567786 _____ C:\Windows\WindowsUpdate.log
2013-11-11 14:04 - 2013-11-11 13:53 - 00000000 ____D C:\AdwCleaner
2013-11-11 14:04 - 2012-12-17 20:30 - 00000000 ____D C:\Users\zoOky
2013-11-11 14:03 - 2013-11-11 14:03 - 00006764 _____ C:\Users\zoOky\Desktop\JRT.txt
2013-11-11 14:02 - 2012-12-21 20:22 - 00000000 ____D C:\Users\zoOky\AppData\Local\PMB Files
2013-11-11 14:02 - 2012-12-21 20:22 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-11 13:54 - 2013-11-11 13:54 - 01034531 _____ (Thisisu) C:\Users\zoOky\Downloads\JRT.exe
2013-11-11 13:54 - 2013-11-11 13:54 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 13:44 - 2013-01-07 22:08 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA.job
2013-11-11 13:20 - 2012-12-17 21:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-11 06:25 - 2013-11-10 13:54 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum
2013-11-11 06:25 - 2013-09-18 00:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-11 06:15 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-11 06:15 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-11 06:14 - 2009-07-14 06:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 06:08 - 2013-11-11 06:08 - 00000000 _____ C:\Windows\setuperr.log
2013-11-10 23:23 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Spotify
2013-11-10 19:19 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Xfire
2013-11-10 18:09 - 2012-12-18 16:34 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-10 18:09 - 2012-12-17 21:23 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-10 18:08 - 2012-12-17 21:23 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-10 17:57 - 2013-06-29 16:50 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\TS3Client
2013-11-10 17:52 - 2013-11-10 17:52 - 00000762 _____ C:\Users\zoOky\Desktop\eset.txt
2013-11-10 17:44 - 2013-01-07 22:08 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core.job
2013-11-10 17:39 - 2013-11-10 17:38 - 00040941 _____ C:\Users\zoOky\Downloads\Addition.txt
2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST
2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk
2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
2013-11-10 12:38 - 2013-11-10 11:58 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log
2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe
2013-11-10 12:23 - 2013-10-20 10:51 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-10 12:23 - 2013-10-20 10:51 - 00000000 ____D C:\Program Files\CCleaner
2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD
2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe
2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html
2013-11-10 12:01 - 2013-11-10 12:00 - 00000000 ____D C:\Users\zoOky\Downloads\backups
2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe
2013-11-10 11:57 - 2013-10-20 10:58 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft
2013-11-09 11:14 - 2013-11-09 11:12 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip
2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-08 14:31 - 2013-11-08 14:28 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java
2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe
2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe
2013-11-07 15:02 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Local\Spotify
2013-11-07 13:48 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Xfire
2013-10-31 14:24 - 2012-12-17 21:23 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-31 14:23 - 2013-10-31 14:21 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3
2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2
2013-10-30 15:34 - 2012-12-24 15:24 - 00000000 ____D C:\Users\zoOky\Documents\Guild Wars 2
2013-10-30 15:32 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe
2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-10-30 10:58 - 2013-09-03 10:58 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-30 10:09 - 2013-02-11 17:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-30 10:09 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Skype
2013-10-30 10:07 - 2012-12-17 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe
2013-10-25 02:02 - 2013-11-01 17:09 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy
2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-10-20 11:03 - 2012-12-29 18:10 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-20 11:03 - 2012-12-18 20:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-10-20 11:00 - 2012-12-30 20:29 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize
2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk
2013-10-20 10:52 - 2013-02-15 19:07 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\DAEMON Tools Lite
2013-10-20 10:52 - 2012-12-18 05:23 - 00000000 ____D C:\Windows\Panther
2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 10:48 - 2012-12-17 21:10 - 00000000 ____D C:\Program Files\Creative
2013-10-20 10:47 - 2013-10-18 08:03 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate
2013-10-20 10:47 - 2012-12-17 20:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe
2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip
2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip
2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express
2013-10-14 13:42 - 2013-10-14 13:40 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 4 Beta
2013-10-13 22:27 - 2013-07-13 15:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-13 16:39 - 2013-01-07 22:08 - 00004090 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA
2013-10-13 16:39 - 2013-01-07 22:08 - 00003694 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core
2013-10-12 09:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
Some content of TEMP:
====================
C:\Users\zoOky\AppData\Local\Temp\TUUUninstallHelper.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-12-22 11:12] - [2010-04-11 23:03] - 2870272 ____A (Microsoft Corporation) EE79A736D8ACF23A080FC00E36486C98
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-10 22:16
==================== End Of Log ============================
|
|
12.11.2013, 09:55
| #6 |
| /// the machine /// TB-Ausbilder | smileys we love toolbar for IEESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> smileys we love toolbar for IE |
|
14.11.2013, 14:51
| #7 |
| | smileys we love toolbar for IE ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6f0de9cf54cef84d85fde7c8b58aed87
# engine=15826
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-10 04:41:41
# local_time=2013-11-10 05:41:41 (+0100, W. Europe Standard Time)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 10531646 135731551 0 0
# scanned=261273
# found=7
# cleaned=0
# scan_time=17825
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Program Files (x86)\Yontoo\YontooIEClient.dll"
sh=0A062BB6E0FBDF15ADF72201EAAD9E4026FC5FFA ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Program Files (x86)\Yontoo\YontooLayers.crx"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll"
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120025-761.dll"
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120133-760.dll"
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120158-494.dll"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6f0de9cf54cef84d85fde7c8b58aed87
# engine=15877
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-14 02:02:19
# local_time=2013-11-14 03:02:19 (+0100, W. Europe Standard Time)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 10824484 136024389 0 0
# scanned=215947
# found=3
# cleaned=0
# scan_time=11511
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120025-761.dll"
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120133-760.dll"
sh=43A0423EB5F242B9EE703AE5FF09734D88A5B76E ft=1 fh=715f0401b0e7db2a vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\Users\zoOky\Downloads\backups\backup-20131110-120158-494.dll"
SecurityCheck: Code:
ATTFilter Results of screen317's Security Check version 0.99.76 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Bitdefender Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java 7 Update 25 Java version out of Date! Adobe Flash Player 11.9.900.117 Adobe Reader XI Mozilla Firefox (25.0) Google Chrome 30.0.1599.101 Google Chrome 30.0.1599.69 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe Bitdefender Bitdefender vsserv.exe Bitdefender Bitdefender updatesrv.exe Bitdefender Bitdefender bdagent.exe Bitdefender Bitdefender pmbxag.exe Bitdefender Bitdefender antispam32 bdapppassmgr.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 28% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by zoOky (administrator) on ZOOKY-PC on 14-11-2013 14:50:23
Running from C:\Users\zoOky\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\vsserv.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) D:\Programme\HTC\HSMServiceEntry.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(SplitCam Co.) D:\Programme\SplitCam\SplitCamService.exe
(Rocket Division Software) D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\updatesrv.exe
(Malwarebytes Corporation) D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\bdagent.exe
(Valve Corporation) D:\Games\STEAM\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() D:\Programme\RocketDock\RocketDock.exe
() D:\Programme\HTC\HTC Sync\adb.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\RazerCore.exe
(Dropbox, Inc.) C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe
() D:\Programme\Rainmeter.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Xfire Inc.) D:\Programme\XFire\Xfire.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
() D:\Programme\Sapphire TRIXX\TRIXX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Xfire Inc.) D:\Programme\XFire\Xfire.exe
() D:\Programme\XFire\xfire64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\zoOky\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Bdagent] - D:\Programme\Bitdefender\Bitdefender\bdagent.exe [1738968 2013-10-30] (Bitdefender)
HKLM-x32\...\RunOnce: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKCU\...\Run: [Steam] - D:\Games\STEAM\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [RocketDock] - D:\Programme\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [DAEMON Tools Lite] - D:\Programme\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - D:\Programme\Bitdefender\Bitdefender\pmbxag.exe [564256 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse] - D:\Programme\Bitdefender\Bitdefender\pwdmanui.exe [1004608 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - D:\Programme\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [621448 2013-10-30] (Bitdefender)
HKCU\...\Run: [Google Update] - C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-07] (Google Inc.)
HKCU\...\Run: [Razer Comms] - C:\Program Files (x86)\Razer\Core\RazerCore.exe [1094336 2013-10-25] (Razer, Inc.)
MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {3cc854aa-4f72-11e2-ae3b-806e6f6e6963} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {59b966de-5411-11e2-ba4f-001fd0dc171d} - K:\HTC_Sync_Manager_PC.exe
MountPoints2: {8e59e9de-c097-11e2-bab5-001fd0dc171d} - I:\SETUP.EXE
MountPoints2: {c90a6927-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {c90a6a8e-4f51-11e2-a44e-001fd0dc171d} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {d0beb5f3-778f-11e2-a6d9-001fd0dc171d} - G:\setup.exe
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Razer Imperator Driver] - C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-02-09] (Razer USA Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\zoOky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> D:\Programme\Rainmeter.exe ()
Startup: C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> D:\Programme\XFire\Xfire.exe (Xfire Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD79BF8D408E2CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} - No File
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CF0F43AB-9C23-4D7B-8040-201B82844854} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62
FireFox:
========
FF ProfilePath: C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2682599&SearchSource=2&CUI=UN43605740482668152&UM=1&q=
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20(shExpMatch(host%2C%20'(*.turntable.fm%7Cturntable.fm)')%20%26%26%20url.indexOf('.css')%20%3D%3D%20-1%20%26%26%20url.indexOf('.js')%20%3D%3D%20-1)%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*'))%20%7B%20return%20'PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\itunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\zoOky\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\ich@maltegoetz.de
FF Extension: InnoGames - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{c7478d43-2bd5-4844-98b8-c2a6aa9ed677}
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: stylish - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF Extension: Adblock Plus - C:\Users\zoOky\AppData\Roaming\Mozilla\Firefox\Profiles\p1hkmspx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - D:\Programme\Bitdefender\Bitdefender\Antispam32\ffpwdman\
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR Extension: (ProxTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.4_0
CHR Extension: (Google Drive) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Bitdefender Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.19.0_0
CHR Extension: (Google Search) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0
CHR Extension: (Google Wallet) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\zoOky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - D:\Programme\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx
==================== Services (Whitelisted) =================
R2 HTCMonitorService; D:\Programme\HTC\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
R2 MBAMScheduler; D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-31] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-10-25] (Razer, Inc.)
R2 SpliCamService; D:\Programme\SplitCam\SplitCamService.exe [311456 2013-10-17] (SplitCam Co.)
R2 StarWindServiceAE; D:\Programme\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 UPDATESRV; D:\Programme\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-23] (Bitdefender)
R2 VSSERV; D:\Programme\Bitdefender\Bitdefender\vsserv.exe [1506736 2013-10-30] (Bitdefender)
==================== Drivers (Whitelisted) ====================
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-07-23] (BitDefender SRL)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-15] (DT Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-10-20] (Windows (R) Server 2003 DDK provider)
R3 gdrv; C:\Windows\gdrv.sys [25640 2013-11-14] (Windows (R) Server 2003 DDK provider)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-11-14] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-02] (BitDefender LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-25] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-10-25] (Razer, Inc.)
R3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2013-04-24] (Windows (R) Win 7 DDK provider)
R3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2013-07-12] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-05-19] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-02] (BitDefender S.R.L.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
U3 a2sel3e6; C:\Windows\System32\Drivers\a2sel3e6.sys [0 ] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
R3 TRIXX; \??\C:\Users\zoOky\AppData\Local\Temp\TRIXX.sys [x]
U5 UnlockerDriver5; D:\Programme\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-14 14:49 - 2013-11-14 14:49 - 01957794 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe
2013-11-14 14:44 - 2013-11-14 14:44 - 00891184 _____ C:\Users\zoOky\Downloads\SecurityCheck.exe
2013-11-14 03:04 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 03:04 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 03:04 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 03:04 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 03:04 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 03:04 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 03:04 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 03:04 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 03:04 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 03:04 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 03:04 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 03:04 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 02:58 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 02:58 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 02:58 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 02:58 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 02:58 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 15:53 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 15:53 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 15:53 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 15:53 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 15:53 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 15:53 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 15:53 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 15:53 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 15:53 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 15:53 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 15:53 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 15:53 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 15:53 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 15:53 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 15:53 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 15:53 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 15:53 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 15:53 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 15:53 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 15:53 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 15:53 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 15:53 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 15:53 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 15:53 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 15:53 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-12 21:46 - 2013-11-12 21:55 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\ts3overlay
2013-11-12 16:42 - 2013-11-12 16:42 - 705666554 _____ C:\Windows\MEMORY.DMP
2013-11-12 16:42 - 2013-11-12 16:42 - 00278072 _____ C:\Windows\Minidump\111213-12932-01.dmp
2013-11-11 20:28 - 2013-11-11 20:28 - 01467128 _____ C:\Users\zoOky\Downloads\SystemCheck_deDE.exe
2013-11-11 20:13 - 2013-11-11 20:13 - 00000009 _____ C:\END
2013-11-11 20:12 - 2013-11-11 20:12 - 01118384 _____ (Conduit) C:\Users\zoOky\Downloads\InnoGames_brff.exe
2013-11-11 14:38 - 2013-11-11 14:38 - 00001250 _____ C:\Users\Public\Desktop\Razer Comms.lnk
2013-11-11 14:37 - 2013-11-11 14:37 - 41985704 _____ (Razer Inc.) C:\Users\zoOky\Downloads\RazerComms1.70.14.exe
2013-11-11 14:23 - 2013-11-11 14:23 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-11-11 14:21 - 2013-11-11 14:21 - 01078591 _____ C:\Users\zoOky\Downloads\Unlocker1.9.2.exe
2013-11-11 14:11 - 2013-11-14 14:50 - 00021563 _____ C:\Users\zoOky\Downloads\FRST.txt
2013-11-11 14:03 - 2013-11-11 14:03 - 00006764 _____ C:\Users\zoOky\Desktop\JRT.txt
2013-11-11 13:54 - 2013-11-11 13:54 - 01034531 _____ (Thisisu) C:\Users\zoOky\Downloads\JRT.exe
2013-11-11 13:54 - 2013-11-11 13:54 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 13:53 - 2013-11-11 14:04 - 00000000 ____D C:\AdwCleaner
2013-11-11 06:08 - 2013-11-14 13:44 - 00000761 _____ C:\Windows\setupact.log
2013-11-11 06:08 - 2013-11-11 14:06 - 00002270 _____ C:\Windows\PFRO.log
2013-11-11 06:08 - 2013-11-11 06:08 - 00000000 _____ C:\Windows\setuperr.log
2013-11-10 17:52 - 2013-11-10 17:52 - 00000762 _____ C:\Users\zoOky\Desktop\eset.txt
2013-11-10 17:38 - 2013-11-10 17:39 - 00040941 _____ C:\Users\zoOky\Downloads\Addition.txt
2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST
2013-11-10 13:54 - 2013-11-11 06:25 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum
2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk
2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 12:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe
2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD
2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe
2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html
2013-11-10 11:58 - 2013-11-10 12:38 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log
2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe
2013-11-09 11:12 - 2013-11-09 11:14 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip
2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java
2013-11-08 14:28 - 2013-11-08 14:31 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe
2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe
2013-11-01 17:09 - 2013-10-25 02:02 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy
2013-10-31 14:21 - 2013-10-31 14:23 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3
2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2
2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe
2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe
2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-10-20 14:05 - 2013-11-14 13:51 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-10-20 10:58 - 2013-11-10 11:57 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft
2013-10-20 10:56 - 2013-11-14 13:51 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize
2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk
2013-10-20 10:51 - 2013-11-10 12:23 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-20 10:51 - 2013-11-10 12:23 - 00000000 ____D C:\Program Files\CCleaner
2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe
2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip
2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip
2013-10-18 08:07 - 2013-04-24 09:45 - 00810496 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00183808 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00080896 _____ C:\Windows\SysWOW64\ff_vfw.dll
2013-10-18 08:07 - 2013-04-24 09:45 - 00000590 _____ C:\Windows\SysWOW64\ff_vfw.dll.manifest
2013-10-18 08:03 - 2013-10-20 10:47 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate
2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express
==================== One Month Modified Files and Folders =======
2013-11-14 14:50 - 2013-11-11 14:11 - 00021563 _____ C:\Users\zoOky\Downloads\FRST.txt
2013-11-14 14:49 - 2013-11-14 14:49 - 01957794 _____ (Farbar) C:\Users\zoOky\Downloads\FRST64.exe
2013-11-14 14:49 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Skype
2013-11-14 14:48 - 2013-01-07 22:08 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA.job
2013-11-14 14:44 - 2013-11-14 14:44 - 00891184 _____ C:\Users\zoOky\Downloads\SecurityCheck.exe
2013-11-14 14:20 - 2012-12-17 21:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-14 13:58 - 2012-12-17 20:29 - 02029004 _____ C:\Windows\WindowsUpdate.log
2013-11-14 13:56 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-14 13:56 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-14 13:54 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-14 13:51 - 2013-10-20 14:05 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-11-14 13:51 - 2013-10-20 10:56 - 00000304 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-11-14 13:51 - 2013-04-27 18:21 - 00000000 ___RD C:\Users\zoOky\Dropbox
2013-11-14 13:51 - 2013-04-27 18:19 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Dropbox
2013-11-14 13:51 - 2012-12-27 20:07 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-11-14 13:51 - 2012-12-26 16:42 - 00000000 ____D C:\Users\zoOky\AppData\Local\HTC MediaHub
2013-11-14 13:50 - 2012-12-27 11:35 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-11-14 13:48 - 2009-07-14 06:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-14 13:44 - 2013-11-11 06:08 - 00000761 _____ C:\Windows\setupact.log
2013-11-14 13:44 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-14 13:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-14 03:52 - 2012-12-18 05:23 - 00000000 ____D C:\Windows\Panther
2013-11-14 03:04 - 2013-07-13 15:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 03:04 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2013-11-14 03:02 - 2013-07-19 18:57 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 03:00 - 2012-12-17 21:32 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 23:33 - 2013-06-29 16:50 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\TS3Client
2013-11-13 22:24 - 2012-12-17 20:47 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Xfire
2013-11-13 18:36 - 2012-12-21 20:22 - 00000000 ____D C:\Users\zoOky\AppData\Local\PMB Files
2013-11-13 18:36 - 2012-12-21 20:22 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-13 17:44 - 2013-01-07 22:08 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core.job
2013-11-12 21:55 - 2013-11-12 21:46 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\ts3overlay
2013-11-12 16:42 - 2013-11-12 16:42 - 705666554 _____ C:\Windows\MEMORY.DMP
2013-11-12 16:42 - 2013-11-12 16:42 - 00278072 _____ C:\Windows\Minidump\111213-12932-01.dmp
2013-11-12 16:42 - 2013-01-29 17:49 - 00000000 ____D C:\Windows\Minidump
2013-11-11 20:28 - 2013-11-11 20:28 - 01467128 _____ C:\Users\zoOky\Downloads\SystemCheck_deDE.exe
2013-11-11 20:13 - 2013-11-11 20:13 - 00000009 _____ C:\END
2013-11-11 20:12 - 2013-11-11 20:12 - 01118384 _____ (Conduit) C:\Users\zoOky\Downloads\InnoGames_brff.exe
2013-11-11 14:38 - 2013-11-11 14:38 - 00001250 _____ C:\Users\Public\Desktop\Razer Comms.lnk
2013-11-11 14:38 - 2013-05-07 22:08 - 00000000 ____D C:\Windows\Razer Core
2013-11-11 14:37 - 2013-11-11 14:37 - 41985704 _____ (Razer Inc.) C:\Users\zoOky\Downloads\RazerComms1.70.14.exe
2013-11-11 14:23 - 2013-11-11 14:23 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-11-11 14:21 - 2013-11-11 14:21 - 01078591 _____ C:\Users\zoOky\Downloads\Unlocker1.9.2.exe
2013-11-11 14:16 - 2013-02-15 19:07 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\DAEMON Tools Lite
2013-11-11 14:06 - 2013-11-11 06:08 - 00002270 _____ C:\Windows\PFRO.log
2013-11-11 14:04 - 2013-11-11 13:53 - 00000000 ____D C:\AdwCleaner
2013-11-11 14:04 - 2012-12-17 20:30 - 00000000 ____D C:\Users\zoOky
2013-11-11 14:03 - 2013-11-11 14:03 - 00006764 _____ C:\Users\zoOky\Desktop\JRT.txt
2013-11-11 13:54 - 2013-11-11 13:54 - 01034531 _____ (Thisisu) C:\Users\zoOky\Downloads\JRT.exe
2013-11-11 13:54 - 2013-11-11 13:54 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 06:25 - 2013-11-10 13:54 - 00000000 ____D C:\Users\zoOky\Desktop\Praktikum
2013-11-11 06:25 - 2013-09-18 00:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-11 06:08 - 2013-11-11 06:08 - 00000000 _____ C:\Windows\setuperr.log
2013-11-10 23:23 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Spotify
2013-11-10 18:09 - 2012-12-18 16:34 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-11-10 18:09 - 2012-12-17 21:23 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-10 18:08 - 2012-12-17 21:23 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-11-10 17:52 - 2013-11-10 17:52 - 00000762 _____ C:\Users\zoOky\Desktop\eset.txt
2013-11-10 17:39 - 2013-11-10 17:38 - 00040941 _____ C:\Users\zoOky\Downloads\Addition.txt
2013-11-10 17:37 - 2013-11-10 17:37 - 00000000 ____D C:\FRST
2013-11-10 13:46 - 2013-11-10 13:46 - 00001382 _____ C:\Users\zoOky\AppData\Roaming\Microsoft\Windows\Start Menu\Install Windows.lnk
2013-11-10 13:46 - 2013-11-10 13:46 - 00001380 _____ C:\Users\zoOky\Desktop\Install Windows.lnk
2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D C:\Program Files (x86)\ESET
2013-11-10 12:41 - 2013-11-10 12:41 - 02347384 _____ (ESET) C:\Users\zoOky\Downloads\esetsmartinstaller_enu.exe
2013-11-10 12:38 - 2013-11-10 11:58 - 00013449 _____ C:\Users\zoOky\Downloads\hijackthis.log
2013-11-10 12:30 - 2013-11-10 12:30 - 00000736 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Malwarebytes
2013-11-10 12:30 - 2013-11-10 12:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 12:29 - 2013-11-10 12:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407.exe
2013-11-10 12:23 - 2013-11-10 12:23 - 04379048 _____ (Piriform Ltd) C:\Users\zoOky\Downloads\ccsetup407(1).exe
2013-11-10 12:23 - 2013-10-20 10:51 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-10 12:23 - 2013-10-20 10:51 - 00000000 ____D C:\Program Files\CCleaner
2013-11-10 12:11 - 2013-11-10 12:11 - 00000000 __RHD C:\ESD
2013-11-10 12:07 - 2013-11-10 12:07 - 04954736 _____ (Microsoft Corporation) C:\Users\zoOky\Downloads\WindowsSetupBox.exe
2013-11-10 12:06 - 2013-11-10 12:06 - 00293321 _____ C:\Users\zoOky\Desktop\bookmarks.html
2013-11-10 11:58 - 2013-11-10 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\zoOky\Downloads\HiJackThis204.exe
2013-11-10 11:57 - 2013-10-20 10:58 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\GlarySoft
2013-11-09 11:14 - 2013-11-09 11:12 - 182549774 _____ C:\Users\zoOky\Downloads\Die_111_besten_Multi-Monitoring-Wallpaper.zip
2013-11-08 14:31 - 2013-11-08 14:31 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 14:31 - 2013-11-08 14:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-08 14:31 - 2013-11-08 14:28 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 14:30 - 2013-11-08 14:30 - 00000000 ____D C:\Program Files\Java
2013-11-08 14:28 - 2013-11-08 14:28 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe
2013-11-08 14:27 - 2013-11-08 14:27 - 30694824 _____ (Oracle Corporation) C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe
2013-11-07 15:02 - 2013-05-01 11:43 - 00000000 ____D C:\Users\zoOky\AppData\Local\Spotify
2013-11-07 13:48 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Xfire
2013-10-31 14:24 - 2012-12-17 21:23 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-31 14:23 - 2013-10-31 14:21 - 00000000 ____D C:\Users\zoOky\Documents\Battlefield 3
2013-10-30 15:34 - 2013-10-30 15:34 - 00000000 ____D C:\Users\zoOky\AppData\Roaming\Guild Wars 2
2013-10-30 15:34 - 2012-12-24 15:24 - 00000000 ____D C:\Users\zoOky\Documents\Guild Wars 2
2013-10-30 15:32 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-30 10:58 - 2013-10-30 10:58 - 08945660 _____ C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe
2013-10-30 10:58 - 2013-10-30 10:58 - 00000788 _____ C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
2013-10-30 10:58 - 2013-09-03 10:58 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-10-30 10:09 - 2013-02-11 17:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-30 10:09 - 2012-12-17 20:47 - 00000000 ____D C:\ProgramData\Skype
2013-10-30 10:07 - 2012-12-17 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-29 22:05 - 2013-10-29 22:05 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-29 22:04 - 2013-10-29 22:04 - 23123208 _____ (Mozilla) C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe
2013-10-25 07:57 - 2013-05-07 22:08 - 00129472 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzDxgk.sys
2013-10-25 07:57 - 2013-05-07 22:08 - 00074432 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzFilter.sys
2013-10-25 02:02 - 2013-11-01 17:09 - 00000000 ____D C:\Users\zoOky\Desktop\kkkkaaaayyyy
2013-10-20 17:16 - 2013-10-20 17:16 - 00000849 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-10-20 11:03 - 2012-12-29 18:10 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-20 11:03 - 2012-12-18 20:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-10-20 11:00 - 2012-12-30 20:29 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2013-10-20 10:56 - 2013-10-20 10:56 - 00002582 _____ C:\Windows\System32\Tasks\GlaryInitialize
2013-10-20 10:56 - 2013-10-20 10:56 - 00000703 _____ C:\Users\zoOky\Desktop\Glary Utilities.lnk
2013-10-20 10:51 - 2013-10-20 10:51 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-20 10:48 - 2012-12-17 21:10 - 00000000 ____D C:\Program Files\Creative
2013-10-20 10:47 - 2013-10-18 08:03 - 00000000 ____D C:\Program Files (x86)\SqueakyChocolate
2013-10-20 10:47 - 2012-12-17 20:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-20 10:46 - 2013-10-20 10:46 - 06685392 _____ (Glarysoft Ltd ) C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe
2013-10-19 16:40 - 2013-10-19 16:40 - 00130673 _____ C:\Users\zoOky\Downloads\Ps2_Save_Builder_0.8x.zip
2013-10-19 16:37 - 2013-10-19 16:37 - 00012559 _____ C:\Users\zoOky\Downloads\state1.zip
2013-10-18 08:03 - 2013-10-18 08:03 - 00000000 ____D C:\Users\zoOky\Documents\Add-in Express
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-12-22 11:12] - [2010-04-11 23:03] - 2870272 ____A (Microsoft Corporation) EE79A736D8ACF23A080FC00E36486C98
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-10 22:16
==================== End Of Log ============================
|
|
15.11.2013, 10:53
| #8 |
| /// the machine /// TB-Ausbilder | smileys we love toolbar for IE Java updaten. Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.11.2013, 18:52
| #9 |
| | smileys we love toolbar for IE smileys we Love for IE lässt sich nach wie vor nicht aus den systemsteuerungen löschen Die Reihenfolge ist hier entscheidend. Code:
ATTFilter Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
Windowstaste + R > Combofix /Uninstall (eingeben) > OK
Alternative: Combofix.exe in uninstall.exe umbenennen und starten
Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.
 bzw was meinst mit "Die Reihenfolge ist hier entscheidend." Geändert von serenix (15.11.2013 um 18:58 Uhr) |
|
16.11.2013, 15:21
| #10 |
| /// the machine /// TB-Ausbilder | smileys we love toolbar for IE Na in der Reihenfolge abarbeiten. Da wir aber kein CF benutzt haben könntest Du direkt Delfix laufen lassen, aber warte damit noch. Öffne bitte FRST, setz nen haken bei additional und scanne, poste beide Logfiles.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.11.2013, 16:39
| #11 |
| | smileys we love toolbar for IECode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by zoOky at 2013-11-20 16:35:16
Running from C:\Users\zoOky\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
==================== Installed Programs ======================
@BIOS (x32 Version: 2.28)
Adobe AIR (x32 Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Aion (x32 Version: 1.0.0.2)
AION Free-to-Play Version 1.0 (x32 Version: 1.0)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
AMD Wireless Display v3.0 (Version: 1.0.0.10)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlelog Web Plugins (x32 Version: 2.3.0)
Bitdefender Antivirus Plus (Version: 17.15.0.682)
Bonjour (Version: 3.0.0.10)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)
CCC Help Czech (x32 Version: 2013.0328.2217.38225)
CCC Help Danish (x32 Version: 2013.0328.2217.38225)
CCC Help Dutch (x32 Version: 2013.0328.2217.38225)
CCC Help English (x32 Version: 2013.0328.2217.38225)
CCC Help Finnish (x32 Version: 2013.0328.2217.38225)
CCC Help French (x32 Version: 2013.0328.2217.38225)
CCC Help German (x32 Version: 2013.0328.2217.38225)
CCC Help Greek (x32 Version: 2013.0328.2217.38225)
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)
CCC Help Italian (x32 Version: 2013.0328.2217.38225)
CCC Help Japanese (x32 Version: 2013.0328.2217.38225)
CCC Help Korean (x32 Version: 2013.0328.2217.38225)
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)
CCC Help Polish (x32 Version: 2013.0328.2217.38225)
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)
CCC Help Russian (x32 Version: 2013.0328.2217.38225)
CCC Help Spanish (x32 Version: 2013.0328.2217.38225)
CCC Help Swedish (x32 Version: 2013.0328.2217.38225)
CCC Help Thai (x32 Version: 2013.0328.2217.38225)
CCC Help Turkish (x32 Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.07)
Core Temp 1.0 RC4 (Version: 1.0)
Counter-Strike: Global Offensive (x32)
CPUID CPU-Z 1.62
Creative Audio-Systemsteuerung (x32 Version: 2.00)
Creative Konsole Starter (x32)
Creative Software AutoUpdate (x32 Version: 1.40)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Dead Space™ 3 (x32 Version: 1.0.0.0)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Diablo III (x32)
DMC Devi May Cry (c) Capcom version 1 (x32 Version: 1)
Dropbox (HKCU Version: 2.0.22)
Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000)
ESET Online Scanner v3 (x32)
ESN Sonar (x32 Version: 0.70.4)
FIFA 14 Demo (x32 Version: 1.0.0.0)
Free YouTube to MP3 Converter version 3.11.37.1212 (x32 Version: 3.11.37.1212)
Gameforge Live 1.0 "Legend" (x32 Version: 1.1.1724)
Glary Utilities 2.56.0.1822 (x32 Version: 2.56.0.1822)
Google Chrome (HKCU Version: 31.0.1650.57)
Guild Wars 2 (x32)
HTC BMP USB Driver (x32 Version: 1.0.5375)
HTC Driver Installer (x32 Version: 4.3.0.001)
HTC Sync (x32 Version: 3.3.7)
HTC Sync Manager (x32 Version: 2.1.54.0)
ImgBurn (x32 Version: 2.5.7.0)
IPTInstaller (x32 Version: 4.0.8)
iTunes (Version: 11.0.4.4)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
League of Legends (x32 Version: 1.3)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Mirror's Edge™ (x32 Version: 1.0.1.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
NCSOFT Game Launcher (x32)
NCsoft Launcher (x32 Version: 1.5.19002)
Need for Speed™ Most Wanted (x32 Version: 1.5.0.0)
NVIDIA PhysX v8.10.17 (x32 Version: 8.10.17)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Opera Stable 17.0.1241.53 (x32 Version: 17.0.1241.53)
Origin (x32 Version: 9.1.3.2637)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
PakkISO 0.4 (x32 Version: PakkISO 0.4 by zorted, installer by BitLooter)
Pando Media Booster (x32 Version: 2.6.0.8)
PCSX2 - Playstation 2 Emulator (x32)
PunkBuster Services (x32 Version: 0.991)
Rainmeter (x32 Version: 2.4 r1678)
Razer Comms (x32 Version: 1.70.14)
Razer Core (x32 Version: 1.0.1.46)
Razer Imperator (x32 Version: 2.02.00)
RocketDock 1.3.5 (x32)
Sapphire TRIXX (x32)
Secure Download Manager (x32 Version: 3.1.10)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.9 (x32 Version: 6.9.106)
Smileys We Love Toolbar for IE (x32 Version: 3.0.17)
SpeedFan (remove only) (x32)
SplitCam (x32 Version: 5.14.4.1)
Spotify (HKCU Version: 0.9.6.72.ge389c074)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (HKCU Version: 3.0.13.1)
TERA (x32 Version: 18.10.03)
Theme Resource Changer X64 v1.0
TmNationsForever (x32)
Unlocker 1.9.2 (Version: 1.9.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
Update for Microsoft InfoPath 2013 (KB2752078) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2825630) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760257) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817309) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817311) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817640) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837643) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837649) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2837642) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2817625) 64-Bit Edition
Update for Microsoft Project 2013 (KB2767859) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2752097) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2752018) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2817631) 64-Bit Edition
Update for Microsoft Word 2013 (KB2837630) 64-Bit Edition
UxStyle Core Beta (Version: 0.2.1.1)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.5 (Version: 2.0.5)
WinMerge 2.14.0 (x32 Version: 2.14.0)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Xfire (x32)
==================== Restore Points =========================
15-11-2013 17:59:48 End of disinfection
17-11-2013 02:00:21 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05622429-4A19-4952-B2B2-6A6517C5A26D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {0F0AEB0D-2F66-4F37-AFFC-7CB3681E8A09} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-29] ()
Task: {117A9638-FC0F-4C51-9922-634B569E9465} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {175BEC22-4A53-41DB-9EAA-FFDC3FFD1748} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {37F2675B-16C1-49FE-A5D8-35ADCFF8E5AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {55AB4294-9210-480B-9FB5-006BFEBAD76D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {6B26C148-6DC4-4D87-A088-360069B2092B} - System32\Tasks\Google Updater and Installer => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {715FE8C9-0B31-41FB-88A1-4B58A9A53FC5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {82FE0479-B4A5-4303-A20F-CEC53AAF5950} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {8B9735A0-E195-4F93-9575-F36A7C939B55} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {8EDA1BEC-CD67-480F-9B20-6F0C88C588C7} - System32\Tasks\Sapphire TRIXX => D:\Programme\Sapphire TRIXX\TRIXX.exe [2013-02-07] ()
Task: {9D98A4FC-FE39-4C6D-A29E-A3324297D584} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {9EA78E21-A6AF-4865-A977-69FAB038148F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9EC9D126-B639-4B97-9201-E99A5E2B34ED} - System32\Tasks\GlaryInitialize => D:\Programme\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {A8FC602F-62C7-42DC-8E17-A4047095804E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {B3A8506E-21D6-4D88-8547-079285BCCDAD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {D01F3F7A-6DA6-4AFD-ACCB-75CEF18B518A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core => C:\Users\zoOky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-07] (Google Inc.)
Task: {D11FB221-7F2D-4D46-8BF2-B54C9C667AD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F616E482-9F2A-4591-B2C8-6D3703298451} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-01-29] (Microsoft)
Task: {FDB2CF3E-4102-4FB7-8E06-DDE2F79DEB40} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GlaryInitialize.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3474958773-3223843518-2572617103-1001UA.job => ?
==================== Loaded Modules (whitelisted) =============
2013-08-20 18:43 - 2013-06-19 11:45 - 00265080 _____ () D:\Programme\Bitdefender\Bitdefender\txmlutil.dll
2012-11-04 15:25 - 2012-11-04 15:25 - 00736968 _____ () D:\Programme\Rainmeter.dll
2012-11-04 15:22 - 2012-11-04 15:22 - 00026624 _____ () D:\Programme\Plugins\InputText.dll
2013-10-02 17:43 - 2013-10-02 17:43 - 00101328 _____ () D:\Programme\Bitdefender\Bitdefender\bdmetrics.dll
2013-10-23 17:35 - 2013-10-23 17:35 - 00480296 _____ () D:\Programme\Bitdefender\Bitdefender\bdidntconp.dll
2013-09-04 14:11 - 2013-09-04 14:11 - 00201728 _____ () D:\Programme\Bitdefender\Bitdefender\UI\bdidntconp.ui
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-15 15:40 - 2013-08-15 15:40 - 00030056 _____ () D:\Programme\HTC\DbAccess.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00607376 _____ () D:\Programme\HTC\sqlite3.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00044392 _____ () D:\Programme\HTC\NAdvLog.dll
2013-08-15 15:41 - 2013-08-15 15:41 - 00036216 _____ () D:\Programme\HTC\NFileCacheDBAccess.dll
2013-08-15 15:42 - 2013-08-15 15:42 - 00080248 _____ () D:\Programme\HTC\ninstallerhelper.dll
2013-08-15 15:49 - 2013-08-15 15:49 - 00223592 _____ () D:\Programme\HTC\DevConnMon.dll
2013-10-17 13:24 - 2013-10-17 13:24 - 00114336 _____ () D:\Programme\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2013-03-25 19:34 - 2007-09-02 13:57 - 00069632 _____ () D:\Programme\RocketDock\RocketDock.dll
2013-03-25 13:23 - 2013-10-24 18:45 - 00691200 _____ () D:\Games\STEAM\SDL2.dll
2013-01-01 15:24 - 2013-10-30 20:25 - 01123240 _____ () D:\Games\STEAM\bin\chromehtml.DLL
2013-01-01 15:24 - 2013-10-23 21:07 - 20625832 _____ () D:\Games\STEAM\bin\libcef.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 01100800 _____ () D:\Games\STEAM\bin\avcodec-53.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 00124416 _____ () D:\Games\STEAM\bin\avutil-51.dll
2013-01-01 15:24 - 2013-06-15 00:49 - 00192000 _____ () D:\Games\STEAM\bin\avformat-53.dll
2013-10-17 13:24 - 2013-10-17 13:24 - 00153760 _____ () D:\Programme\SplitCam\SplitCamFilter.ax
2013-07-02 05:36 - 2013-07-02 05:36 - 02088960 _____ () D:\Programme\SplitCam\opencv_core246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 01905664 _____ () D:\Programme\SplitCam\opencv_imgproc246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 02092544 _____ () D:\Programme\SplitCam\opencv_highgui246.dll
2013-08-20 18:43 - 2013-06-19 11:44 - 00204280 _____ () D:\Programme\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2012-03-23 11:15 - 2012-03-23 11:15 - 00988160 _____ () C:\Program Files (x86)\Razer\Core\Plugins\ChatApplet\libssh2.dll
2012-03-02 09:23 - 2012-03-02 09:23 - 00577621 _____ () C:\Program Files (x86)\Razer\Core\Plugins\ChatApplet\sqlite3.dll
2012-10-18 08:13 - 2012-10-18 08:13 - 04141056 _____ () C:\Program Files (x86)\Razer\Core\Plugins\ChatApplet\QQPYEngine.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\zoOky\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-16 07:37 - 2013-11-16 07:37 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-10 13:20 - 2013-10-10 13:20 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
2013-04-24 09:45 - 2013-04-24 09:45 - 03668992 _____ () D:\Programme\SplitCam\DSFilters\Decoding\ffdshow.ax
2013-04-24 09:45 - 2013-04-24 09:45 - 03867770 _____ () D:\Programme\SplitCam\DSFilters\Decoding\ffmpeg.dll
2013-11-15 14:48 - 2013-11-14 12:28 - 00702416 _____ () C:\Users\zoOky\AppData\Local\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-15 14:48 - 2013-11-14 12:28 - 00099792 _____ () C:\Users\zoOky\AppData\Local\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-15 14:48 - 2013-11-14 12:29 - 04055504 _____ () C:\Users\zoOky\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-15 14:48 - 2013-11-14 12:29 - 00399312 _____ () C:\Users\zoOky\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-15 14:48 - 2013-11-14 12:28 - 01619408 _____ () C:\Users\zoOky\AppData\Local\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 00667648 _____ () D:\Programme\SplitCam\opencv_objdetect246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 00379904 _____ () D:\Programme\SplitCam\opencv_video246.dll
2013-07-02 05:38 - 2013-07-02 05:38 - 00797696 _____ () D:\Programme\SplitCam\opencv_calib3d246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 00493568 _____ () D:\Programme\SplitCam\opencv_flann246.dll
2013-07-02 05:38 - 2013-07-02 05:38 - 00732672 _____ () D:\Programme\SplitCam\opencv_features2d246.dll
2013-07-02 05:39 - 2013-07-02 05:39 - 01236992 _____ () D:\Programme\SplitCam\opencv_legacy246.dll
2013-07-02 05:37 - 2013-07-02 05:37 - 00514048 _____ () D:\Programme\SplitCam\opencv_ml246.dll
2013-10-17 13:24 - 2013-10-17 13:24 - 00146592 _____ () D:\Programme\SplitCam\AudioGrabber.ax
2013-10-17 13:24 - 2013-10-17 13:24 - 00146592 _____ () D:\Programme\SplitCam\AudioMixer.ax
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\zoOky\Downloads\ccsetup407(1).exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\ccsetup407.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\Firefox_Setup_25.0.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\gusetup_slim_2.56.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\InnoGames_brff.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\jre-7u45-windows-x64(1).exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\jre-7u45-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\jxpiinstall.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\mbam-setup-1.75.0.1300.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\Opera_17.0.1241.53_Setup.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\pcsx2-1.0.0-r5350-setup.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\RazerComms1.70.14.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\ROCCAT_Power_Grid_v0458.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\SystemCheck_deDE.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\Unlocker1.9.2.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\WindowsSetupBox.exe:BDU
AlternateDataStreams: C:\Users\zoOky\Downloads\wpsetup.exe:BDU
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/20/2013 03:54:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/20/2013 06:22:53 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418231
Error: (11/20/2013 06:14:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2013 05:13:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/19/2013 04:07:19 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418231
Error: (11/19/2013 03:58:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2013 06:20:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2013 06:13:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/18/2013 05:25:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034
Error: (11/18/2013 05:25:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034
System errors:
=============
Error: (11/19/2013 10:20:38 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer C3PO-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{31A4207F-913F-4AB8-92E3-74D13CC63C68}.
The master browser is stopping or an election is being forced.
Error: (11/19/2013 06:18:34 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 06:16:34 on 19.11.2013 was unexpected.
Error: (11/18/2013 09:27:39 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer C3PO-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{31A4207F-913F-4AB8-92E3-74D13CC63C68}.
The master browser is stopping or an election is being forced.
Error: (11/17/2013 10:04:39 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer C3PO-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{31A4207F-913F-4AB8-92E3-74D13CC63C68}.
The master browser is stopping or an election is being forced.
Error: (11/17/2013 02:38:01 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (11/16/2013 11:31:55 AM) (Source: BugCheck) (User: )
Description: 0x000000f4 (0x0000000000000003, 0xfffffa80095b6950, 0xfffffa80095b6c30, 0xfffff800033857b0)C:\Windows\MEMORY.DMP111613-12214-01
Error: (11/16/2013 11:31:53 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:29:57 on 16.11.2013 was unexpected.
Error: (11/15/2013 07:02:13 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VSSERV service.
Error: (11/15/2013 07:01:23 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (11/14/2013 01:41:12 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Microsoft Office Sessions:
=========================
Error: (11/20/2013 03:54:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/20/2013 06:22:53 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418231
Error: (11/20/2013 06:14:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2013 05:13:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (11/19/2013 04:07:19 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418231
Error: (11/19/2013 03:58:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2013 06:20:12 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2013 06:13:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/18/2013 05:25:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8034
Error: (11/18/2013 05:25:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8034
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 8190.3 MB
Available physical RAM: 4918.16 MB
Total Pagefile: 16378.79 MB
Available Pagefile: 11876.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.24 GB) (Free:30.94 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:416.93 GB) (Free:70.44 GB) NTFS
Drive e: (Windows 7) (Fixed) (Total:48.83 GB) (Free:23.14 GB) NTFS
Drive g: (DMC) (CDROM) (Total:8.33 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 777EC869)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8D243882)
Partition 1: (Not Active) - (Size=417 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
21.11.2013, 11:54
| #12 |
| /// the machine /// TB-Ausbilder | smileys we love toolbar for IE Lösche FRST und lade es neu, scanne nochmal. Ich brauch die FRST.txt.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.11.2013, 15:42
| #13 |
| | smileys we love toolbar for IE Hi, ich habe die richtige version drauf aber es geht iwie trotzdem nicht :S |
|
26.11.2013, 10:27
| #14 |
| /// the machine /// TB-Ausbilder | smileys we love toolbar for IE Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop. SystemLook (64 bit)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.12.2013, 17:26
| #15 |
| | smileys we love toolbar for IECode:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 17:25 on 02/12/2013 by zoOky
Administrator - Elevation successful
========== regfind ==========
Searching for "smileys we love"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|AddinExpress.IE.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|HtmlAgilityPack.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|Interop.SHDocVw.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|Microsoft.mshtml.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|SmileysWeLoveToolbar.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|SWLCustomInstaller.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|SWLHelperLibrary.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|SWLSettingsApp.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Smileys We Love Toolbar for IE|System.Net.Json.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\105E76B4A1674454DB88C3BC32475661]
"ProductName"="Smileys We Love Toolbar for IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}]
"AppPath"="C:\Program Files (x86)\Smileys We Love Toolbar for IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\105E76B4A1674454DB88C3BC32475661]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4182712812E52EE8A490E129983F8C7F]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SWLHelperLibrary.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\487E5F88610E54E201263C1B510A8A69]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SWLCustomInstaller.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5194C7311BDF79329DBAFCA023D9C4C7]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697C65E29B241FAAE1EECFDD5D0C110B]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\AddinExpress.IE.tlb"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6BD2D2832E658D88A3691EDC035441E9]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\Microsoft.mshtml.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79660A529B0B48A22E62EE89A94F17AE]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxregistrator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A59C87ECC3E80574D6BF4D4D31F7B4E]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLoveToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8003041F7A2750EBFACEDC18D6890C04]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\HtmlAgilityPack.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8676CA8899A9B69BCC69181C9CB86AFB]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\Interop.SHDocVw.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9791499B61804638A3C56C443BFFDFFE]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll.manifest"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C0ABAB249AB27F3AC228E408700DB0CC]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SmileysWeLove.ico"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CBBCF48B99DC0CF5CFF44DEC1736CECC]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\AddinExpress.IE.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5B0C334B0133CFD220A7DF2B18415EB]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\System.Net.Json.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E7CBE4CE8B05D38A3812DCC5A28BFCF5]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\SWLSettingsApp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAE34644E6DF7E99AB4D59FB0041A04B]
"105E76B4A1674454DB88C3BC32475661"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\105E76B4A1674454DB88C3BC32475661\InstallProperties]
"DisplayName"="Smileys We Love Toolbar for IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\105E76B4A1674454DB88C3BC32475661\InstallProperties]
"Comments"="Smileys We Love Toolbar - insert smileys into your emails and webpages."
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\1afb8e7a-a08b-475a-beb2-376df461eb17]
"AppPath"="C:\Program Files (x86)\Smileys We Love Toolbar for IE\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B67E501-761A-4544-BD88-3CCB23746516}]
"DisplayName"="Smileys We Love Toolbar for IE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B67E501-761A-4544-BD88-3CCB23746516}]
"Comments"="Smileys We Love Toolbar - insert smileys into your emails and webpages."
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{3BF3CEC6-D4A4-3E85-BF7F-B914991D1CFA}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{647EFA4E-6349-3093-8C57-B26EC1ACA785}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{8A6E668C-308A-3456-8D66-5BD429A17A88}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{9E1D4C49-E255-3A4D-8364-E69B3DCD5421}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{B781EE97-26A2-388A-802C-29BE927500AF}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E30DA02E-EB04-3ABB-A3B4-A26FF74C14F3}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{EF250318-E93A-3279-8896-F8DF95C0CF2B}\InprocServer32\3.0.17.0]
"CodeBase"="file:///C:/Program Files (x86)/Smileys We Love Toolbar for IE/SmileysWeLoveToolbar.DLL"
-= EOF =-
|
|
Linear-Darstellung
