| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.02.2014, 13:12
| #1 |
 |  Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Hallöchen, leider ist es mal wieder so weit: ich brauche Hilfe... Win 7, 64 Bit System Laptop... Selbst wenn ich die Regeln dieses Forum beachten möchte und versuche den Defogger oder FRST runter zu laden, gehen andere Fenster auf, aber der Download funktioniert nicht... Bitte um Hilfe Herzlichen DANK mfG Annabell |
|
15.02.2014, 14:37
| #2 |
| /// the machine /// TB-Ausbilder    | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
15.02.2014, 17:49
| #3 |
| | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Hallöchen
__________________leider lässt der download nicht starten... stattdessen öffnet sich immer die Seite "i mesh" oder ähnlich mit dem download für music und songs.... und nun? gruß a |
|
16.02.2014, 07:52
| #4 |
| /// the machine /// TB-Ausbilder | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Lösch das, lad das Tool neu, diesmal auf den korrekten Download klicken (Schriftzug), nicht auf die Werbung 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.02.2014, 12:54
| #5 |
| | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Ok, DANKE!! Leider springt mir ständig die Seite weg und ich kann nicht mehr nachsehen, wie ich den Log hier in "Kurzform"??? einfügen kann, drum bitte entschuldigen das ich es hier rein kopiere... FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by User (administrator) on USER-PC on 16-02-2014 12:43:33
Running from C:\Users\User\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGEE.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(DVDVideoSoft Ltd.) C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9744800 2013-11-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5399456 2013-11-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2013-11-18] (Lenovo)
HKLM\...\Run: [InstallerLauncher] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2010-12-05] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [224352 2010-12-05] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [301568 2013-11-27] (Microsoft Corporation)
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\Run: [EPSON S22 Series] - C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGEE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {0faace18-85ea-11e3-8173-b870f43d656a} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {5cf96507-568b-11e3-be35-74de2b03ec9f} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {6d2bfbc1-539e-11e3-9866-74de2b03ec9f} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {6d2bfbcc-539e-11e3-9866-74de2b03ec9f} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {8b98efaf-88f9-11e3-88f3-b870f43d656a} - E:\setup.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {d315e85f-5907-11e3-96be-74de2b03ec9f} - E:\AutoRun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = WEB.DE - E-Mail-Adresse kostenlos, FreeMail, De-Mail & Nachrichten
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=0c149783-03e6-221c-27ec-080fb04458d4&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6AD0DCF1-74B9-4324-9888-8D86762DBCA8&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6AD0DCF1-74B9-4324-9888-8D86762DBCA8&q={searchTerms}&SSPV=
BHO: Plus-HD-7.7 - {11111111-1111-1111-1111-110511071180} - C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-bho64.dll No File
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Plus-HD-7.7 - {11111111-1111-1111-1111-110511071180} - C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-bho.dll No File
BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.80.1 192.168.80.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\user.js
FF DefaultSearchEngine: Conduit Search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Conduit Search
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-7.7 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\Extensions\29abb661-0efc-4f64-8a89-b11430d434c4@9678608e-dc95-42b0-8db0-4ce126239776.com [2014-02-12]
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\Extensions\trash [2014-01-19]
FF HKLM-x32\...\Firefox\Extensions: [gethighlightly@gethighlightly.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\gethighlightly@gethighlightly.com
Chrome:
=======
CHR HomePage: chrome://newtab
CHR RestoreOnStartup: "hxxp://www.giga.de/software/"
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-29]
CHR Extension: (No Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2013-11-29]
==================== Services (Whitelisted) =================
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-11-22] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2010-11-29] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [710976 2014-01-27] ()
==================== Drivers (Whitelisted) ====================
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2013-11-22] (The OpenVPN Project)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [115328 2008-07-24] (Huawei Technologies Co., Ltd.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
S1 hlnfd; system32\drivers\hlnfd.sys [X]
U2 IAStorDataMgrSvc;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerServic;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SoftwareService;
U2 Stereo Service;
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-16 12:43 - 2014-02-16 12:43 - 00015402 _____ () C:\Users\User\Desktop\FRST.txt
2014-02-16 12:41 - 2014-02-16 12:43 - 00000000 ____D () C:\FRST
2014-02-16 12:36 - 2014-02-16 12:37 - 00196448 _____ () C:\Users\User\Downloads\setup.exe
2014-02-16 12:31 - 2014-02-16 12:31 - 02152960 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-02-15 01:55 - 2014-02-15 08:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 13:17 - 2014-02-14 13:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-02-14 13:11 - 2014-02-14 13:11 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-13 09:46 - 2014-02-13 22:09 - 00000000 ____D () C:\Ulli
2014-02-12 23:21 - 2014-02-12 23:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\XMedia Recode
2014-02-12 22:43 - 2014-02-12 22:43 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-02-12 22:42 - 2014-02-12 22:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVS4YOU
2014-02-12 22:40 - 2010-05-11 14:17 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2014-02-12 22:38 - 2014-02-13 09:32 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-02-12 22:23 - 2014-02-12 22:23 - 00000000 ____D () C:\Program Files (x86)\Free MP3 Converter
2014-02-12 17:20 - 2014-02-16 12:16 - 00001506 _____ () C:\windows\Tasks\Plus-HD-7.7-updater.job
2014-02-12 17:20 - 2014-02-16 12:16 - 00001462 _____ () C:\windows\Tasks\Plus-HD-7.7-codedownloader.job
2014-02-12 17:20 - 2014-02-16 12:16 - 00001360 _____ () C:\windows\Tasks\Plus-HD-7.7-enabler.job
2014-02-12 17:20 - 2014-02-12 17:20 - 00004536 _____ () C:\windows\System32\Tasks\Plus-HD-7.7-updater
2014-02-12 17:20 - 2014-02-12 17:20 - 00004492 _____ () C:\windows\System32\Tasks\Plus-HD-7.7-codedownloader
2014-02-12 17:20 - 2014-02-12 17:20 - 00004390 _____ () C:\windows\System32\Tasks\Plus-HD-7.7-enabler
2014-02-12 17:19 - 2014-02-15 15:01 - 00000274 _____ () C:\windows\Tasks\RegClean Pro_DEFAULT.job
2014-02-12 17:19 - 2014-02-13 07:53 - 00000282 _____ () C:\windows\Tasks\RegClean Pro_UPDATES.job
2014-02-12 17:19 - 2014-02-12 17:19 - 00003020 _____ () C:\windows\System32\Tasks\RegClean Pro_UPDATES
2014-02-12 17:19 - 2014-02-12 17:19 - 00002864 _____ () C:\windows\System32\Tasks\RegClean Pro_DEFAULT
2014-02-12 17:18 - 2014-02-16 12:16 - 00002390 _____ () C:\windows\Tasks\Plus-HD-7.7-validator.job
2014-02-12 17:18 - 2014-02-16 12:16 - 00002324 _____ () C:\windows\Tasks\Plus-HD-7.7-firefoxinstaller.job
2014-02-12 17:18 - 2014-02-15 15:01 - 00000282 _____ () C:\windows\Tasks\System Speedup_DEFAULT.job
2014-02-12 17:18 - 2014-02-13 09:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\systweak
2014-02-12 17:18 - 2014-02-13 07:53 - 00000290 _____ () C:\windows\Tasks\System Speedup_UPDATES.job
2014-02-12 17:18 - 2014-02-12 17:19 - 00005420 _____ () C:\windows\System32\Tasks\Plus-HD-7.7-validator
2014-02-12 17:18 - 2014-02-12 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003132 _____ () C:\windows\System32\Tasks\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003108 _____ () C:\windows\System32\Tasks\RegClean Pro
2014-02-12 17:18 - 2014-02-12 17:18 - 00003028 _____ () C:\windows\System32\Tasks\System Speedup_UPDATES
2014-02-12 17:18 - 2014-02-12 17:18 - 00002872 _____ () C:\windows\System32\Tasks\System Speedup_DEFAULT
2014-02-12 17:18 - 2013-07-11 13:49 - 00020312 _____ (Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free)) C:\windows\system32\roboot64.exe
2014-02-12 17:16 - 2014-02-12 17:16 - 00000000 ____D () C:\Program Files\Level Quality Watcher
2014-02-12 17:08 - 2014-02-13 07:53 - 00000000 ____D () C:\Program Files (x86)\CD Audio MP3 Converter
2014-02-12 17:08 - 2001-03-23 16:29 - 00880912 _____ (Microsoft Corporation) C:\windows\WM8EUTIL.exe
2014-02-12 06:40 - 2014-01-01 00:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-02-12 06:40 - 2014-01-01 00:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-02-12 06:40 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-12 06:40 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-02-12 06:40 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-12 06:40 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-02-12 06:39 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-12 06:39 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-02-12 06:39 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-12 06:39 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-02-12 06:39 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-02-12 06:39 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-02-12 06:39 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-02-12 06:39 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-02-12 06:39 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-02-12 06:39 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 06:39 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-02-12 06:39 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-12 06:39 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-02-12 06:39 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-02-12 06:39 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 06:39 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 06:39 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-12 06:39 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-12 06:34 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-12 06:34 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-12 06:32 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-12 06:32 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-12 06:32 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-12 06:32 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-12 06:32 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-12 06:32 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-12 06:32 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-12 06:32 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-12 06:32 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-12 06:32 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-12 06:32 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-12 06:32 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-12 06:32 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-12 06:32 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-12 06:32 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-12 06:32 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-12 06:32 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-12 06:32 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-12 06:32 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-12 06:32 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-12 06:32 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-12 06:32 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-12 06:32 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-12 06:32 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-12 06:32 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-12 06:32 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-12 06:32 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-12 06:32 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-12 06:32 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-12 06:32 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-12 06:32 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-12 06:32 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-12 06:32 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-12 06:32 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-12 06:32 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-12 06:32 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-12 06:32 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-12 06:32 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-12 06:32 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-11 14:49 - 2014-01-23 04:21 - 00206080 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\windows\system32\Drivers\ssudmdm.sys
2014-02-11 14:49 - 2014-01-23 04:21 - 00108800 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\windows\system32\Drivers\ssudbus.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00188232 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdm.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00169288 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadbus.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00038080 _____ (Google Inc) C:\windows\system32\Drivers\ssadadb.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00021320 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdfl.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00017736 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadwhnt.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00017224 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadcmnt.sys
2014-02-11 13:26 - 2014-02-13 08:04 - 00000000 ____D () C:\Users\User\AppData\Local\Samsung
2014-02-11 13:18 - 2014-02-07 16:33 - 04659712 _____ (Dmitry Streblechenko) C:\windows\SysWOW64\Redemption.dll
2014-02-11 13:17 - 2014-01-23 18:31 - 00821824 _____ (Devguru Co., Ltd.) C:\windows\SysWOW64\dgderapi.dll
2014-02-11 12:46 - 2014-02-11 12:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nero
2014-02-11 12:42 - 2014-02-13 22:25 - 00000000 ____D () C:\ProgramData\Nero
2014-02-11 10:03 - 2014-02-11 10:10 - 82702176 _____ (Nero AG) C:\Users\User\Downloads\Nero_BurningROM2014-15.0.04200_trial.exe
2014-02-09 21:12 - 2014-02-09 21:12 - 01279432 _____ (Koyote-Lab Inc) C:\Users\User\Downloads\FreeVideosToDVDSetup-r0-n-bf.exe
2014-02-09 21:04 - 2014-02-11 19:18 - 00000000 ____D () C:\Users\User\Documents\OpenOffice 4.0.1 (de) Installation Files
2014-02-09 21:04 - 2014-02-11 19:18 - 00000000 ____D () C:\Users\User\Desktop\Drucker
2014-02-09 21:02 - 2014-02-12 17:37 - 00000000 ____D () C:\Users\User\Desktop\Konverter
2014-02-09 21:02 - 2014-02-11 19:18 - 00000000 ___RD () C:\Users\User\Desktop\Lenovo
2014-02-09 21:01 - 2014-02-11 19:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\FreeVideoConverter
2014-02-09 21:00 - 2014-02-12 16:57 - 00000000 ____D () C:\Program Files (x86)\Free Video Converter
2014-02-08 09:10 - 2014-02-08 09:10 - 00000000 ____D () C:\windows\SysWOW64\SearchProtect
2014-01-30 22:34 - 2014-01-30 22:34 - 01071000 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-01-23 18:31 - 2014-01-23 18:31 - 00974848 _____ () C:\windows\SysWOW64\cis-2.4.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00569344 _____ ((c) MusicCity) C:\windows\SysWOW64\muzdecode.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00491520 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzapp.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00352256 _____ (Sample Corporation) C:\windows\SysWOW64\MSLUR71.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00258048 _____ ((c) PeeringPortal) C:\windows\SysWOW64\muzoggsp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00245760 _____ (Teruten Inc.) C:\windows\SysWOW64\MSCLib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00200704 _____ ( (c) MusicCity) C:\windows\SysWOW64\muzwmts.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00172032 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzapp.exe
2014-01-23 18:31 - 2014-01-23 18:31 - 00155648 _____ (Teruten Inc.) C:\windows\SysWOW64\MSFLib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00143360 _____ () C:\windows\SysWOW64\3DAudio.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00135168 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzaf1.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00131072 _____ ((c) MusicCity) C:\windows\SysWOW64\muzmpgsp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00122880 _____ ((c) MUSICCITY) C:\windows\SysWOW64\muzeffect.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00118784 _____ ((주)마크애니) C:\windows\SysWOW64\MaDRM.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00110592 _____ ((c) MusicCity) C:\windows\SysWOW64\muzmp4sp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00081920 _____ () C:\windows\SysWOW64\issacapi_bs-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00065536 _____ () C:\windows\SysWOW64\issacapi_pe-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ (Marktek) C:\windows\SysWOW64\MK_Lyric.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ (Marktek Inc.) C:\windows\SysWOW64\MTXSYNCICON.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ () C:\windows\SysWOW64\issacapi_se-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00049152 _____ ((주) 마크애니) C:\windows\SysWOW64\MaJGUILib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045320 _____ (MARKANY) C:\windows\SysWOW64\MAMACExtract.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045056 _____ ((주) 마크애니) C:\windows\SysWOW64\MaXMLProto.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045056 _____ ((주) 마크애니) C:\windows\SysWOW64\MACXMLProto.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00040960 _____ (Telechips Inc.,) C:\windows\SysWOW64\MTTELECHIP.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00024576 _____ ((주)마크애니) C:\windows\SysWOW64\MASetupCleaner.exe
2014-01-19 14:31 - 2014-01-19 14:31 - 00000000 _____ () C:\END
2014-01-19 14:18 - 2014-02-12 17:05 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-01-19 14:18 - 2014-02-12 17:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\DVDVideoSoft
2014-01-19 14:12 - 2014-01-19 14:15 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe
2014-01-19 13:08 - 2014-01-19 13:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVG2014
2014-01-19 13:07 - 2014-02-13 22:00 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-01-19 13:07 - 2014-01-19 13:07 - 00003230 _____ () C:\windows\System32\Tasks\SidebarExecute
2014-01-19 13:05 - 2014-01-19 13:07 - 00000000 ____D () C:\ProgramData\AVG2014
2014-01-19 13:05 - 2014-01-19 13:05 - 00000000 ___HD () C:\$AVG
2014-01-19 13:04 - 2014-01-19 13:04 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-01-19 13:03 - 2014-02-16 12:22 - 00000000 ____D () C:\ProgramData\MFAData
2014-01-19 13:03 - 2014-01-19 13:34 - 00000000 ____D () C:\Users\User\AppData\Local\Avg2014
2014-01-19 13:03 - 2014-01-19 13:03 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
2014-01-19 11:33 - 2014-01-19 12:38 - 157274976 _____ (AVG Technologies) C:\Users\User\Downloads\avg_isct_x64_all_2014_4259a6848_huawei.exe
2014-01-19 11:18 - 2014-01-19 11:18 - 00257776 _____ () C:\ProgramData\1390126546.bdinstall.bin
2014-01-18 22:10 - 2014-01-18 22:10 - 00487505 _____ () C:\ProgramData\1390079142.bdinstall.bin
2014-01-18 21:50 - 2014-01-18 21:50 - 00000385 _____ () C:\windows\system32\user_gensett.xml
2014-01-18 21:50 - 2014-01-18 21:50 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-01-18 21:09 - 2014-02-12 06:36 - 01594432 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-01-18 19:40 - 2014-01-18 19:40 - 00074512 _____ (BitDefender SRL) C:\windows\system32\bdsandboxuiskin32.dll
2014-01-18 19:34 - 2014-01-18 19:34 - 01381380 _____ () C:\ProgramData\1390063750.bdinstall.bin
2014-01-18 18:22 - 2014-01-18 18:22 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-01-18 18:21 - 2014-01-18 19:36 - 00000000 ____D () C:\ProgramData\BDLogging
2014-01-18 18:20 - 2014-01-18 19:40 - 00074512 _____ (BitDefender SRL) C:\windows\SysWOW64\bdsandboxuiskin32.dll
2014-01-18 18:20 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\windows\capicom.dll
2014-01-18 17:49 - 2014-01-19 13:09 - 00000000 ____D () C:\Program Files\Bitdefender
2014-01-18 17:49 - 2014-01-19 11:17 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-01-18 17:49 - 2014-01-18 17:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-01-18 17:49 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\windows\system32\BDSandBoxUISkin.dll
2014-01-18 17:49 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\windows\system32\BDSandBoxUH.dll
2014-01-18 17:47 - 2014-01-19 11:17 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
==================== One Month Modified Files and Folders =======
2014-02-16 12:43 - 2014-02-16 12:43 - 00015402 _____ () C:\Users\User\Desktop\FRST.txt
2014-02-16 12:43 - 2014-02-16 12:41 - 00000000 ____D () C:\FRST
2014-02-16 12:37 - 2014-02-16 12:36 - 00196448 _____ () C:\Users\User\Downloads\setup.exe
2014-02-16 12:31 - 2014-02-16 12:31 - 02152960 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-02-16 12:25 - 2013-11-18 13:11 - 01335090 _____ () C:\windows\WindowsUpdate.log
2014-02-16 12:22 - 2014-01-19 13:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-16 12:18 - 2013-11-18 20:26 - 00699552 _____ () C:\windows\system32\perfh007.dat
2014-02-16 12:18 - 2013-11-18 20:26 - 00149660 _____ () C:\windows\system32\perfc007.dat
2014-02-16 12:18 - 2009-07-14 06:13 - 01620152 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-16 12:16 - 2014-02-12 17:20 - 00001506 _____ () C:\windows\Tasks\Plus-HD-7.7-updater.job
2014-02-16 12:16 - 2014-02-12 17:20 - 00001462 _____ () C:\windows\Tasks\Plus-HD-7.7-codedownloader.job
2014-02-16 12:16 - 2014-02-12 17:20 - 00001360 _____ () C:\windows\Tasks\Plus-HD-7.7-enabler.job
2014-02-16 12:16 - 2014-02-12 17:18 - 00002390 _____ () C:\windows\Tasks\Plus-HD-7.7-validator.job
2014-02-16 12:16 - 2014-02-12 17:18 - 00002324 _____ () C:\windows\Tasks\Plus-HD-7.7-firefoxinstaller.job
2014-02-16 12:16 - 2013-11-25 06:06 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-16 12:16 - 2009-07-14 05:51 - 00087349 _____ () C:\windows\setupact.log
2014-02-16 10:35 - 2013-12-20 22:18 - 00000000 ____D () C:\Users\User\Documents\Annabell
2014-02-16 04:27 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-16 04:27 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-16 04:22 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-02-16 04:19 - 2013-11-18 13:59 - 00199339 _____ () C:\windows\system32\fastboot.set
2014-02-16 04:18 - 2013-11-22 19:59 - 00676088 _____ () C:\windows\PFRO.log
2014-02-16 04:18 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-16 02:36 - 2013-11-22 21:48 - 00000000 ____D () C:\windows\system32\MRT
2014-02-16 02:33 - 2013-11-22 21:48 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-15 18:51 - 2013-11-18 14:00 - 00002130 _____ () C:\Users\User\Desktop\OneKey Recovery.lnk
2014-02-15 15:01 - 2014-02-12 17:19 - 00000274 _____ () C:\windows\Tasks\RegClean Pro_DEFAULT.job
2014-02-15 15:01 - 2014-02-12 17:18 - 00000282 _____ () C:\windows\Tasks\System Speedup_DEFAULT.job
2014-02-15 08:02 - 2014-02-15 01:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 07:39 - 2013-11-23 18:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-02-14 13:17 - 2014-02-14 13:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-02-14 13:11 - 2014-02-14 13:11 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-02-14 08:30 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-02-13 22:25 - 2014-02-11 12:42 - 00000000 ____D () C:\ProgramData\Nero
2014-02-13 22:09 - 2014-02-13 09:46 - 00000000 ____D () C:\Ulli
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-13 22:00 - 2014-01-19 13:07 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-02-13 09:32 - 2014-02-12 22:38 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-02-13 09:32 - 2014-02-12 17:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\systweak
2014-02-13 08:04 - 2014-02-11 13:26 - 00000000 ____D () C:\Users\User\AppData\Local\Samsung
2014-02-13 08:04 - 2014-01-07 20:12 - 00000000 ____D () C:\ProgramData\Samsung
2014-02-13 08:04 - 2013-11-29 22:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\Samsung
2014-02-13 08:04 - 2013-11-29 22:53 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-02-13 08:04 - 2013-11-18 13:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-13 07:53 - 2014-02-12 17:19 - 00000282 _____ () C:\windows\Tasks\RegClean Pro_UPDATES.job
2014-02-13 07:53 - 2014-02-12 17:18 - 00000290 _____ () C:\windows\Tasks\System Speedup_UPDATES.job
2014-02-13 07:53 - 2014-02-12 17:08 - 00000000 ____D () C:\Program Files (x86)\CD Audio MP3 Converter
2014-02-13 06:31 - 2013-12-18 14:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 06:26 - 2009-07-14 03:34 - 00000478 _____ () C:\windows\win.ini
2014-02-12 23:21 - 2014-02-12 23:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\XMedia Recode
2014-02-12 22:43 - 2014-02-12 22:43 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-02-12 22:42 - 2014-02-12 22:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVS4YOU
2014-02-12 22:23 - 2014-02-12 22:23 - 00000000 ____D () C:\Program Files (x86)\Free MP3 Converter
2014-02-12 17:38 - 2013-11-18 14:02 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-12 17:37 - 2014-02-09 21:02 - 00000000 ____D () C:\Users\User\Desktop\Konverter
2014-02-12 17:20 - 2014-02-12 17:20 - 00004536 _____ () C:\windows\System32\Tasks\Plus-HD-7.7-updater
2014-02-12 17:20 - 2014-02-12 17:20 - 00004492 _____ () C:\windows\System32\Tasks\Plus-HD-7.7-codedownloader
2014-02-12 17:20 - 2014-02-12 17:20 - 00004390 _____ () C:\windows\System32\Tasks\Plus-HD-7.7-enabler
2014-02-12 17:19 - 2014-02-12 17:19 - 00003020 _____ () C:\windows\System32\Tasks\RegClean Pro_UPDATES
2014-02-12 17:19 - 2014-02-12 17:19 - 00002864 _____ () C:\windows\System32\Tasks\RegClean Pro_DEFAULT
2014-02-12 17:19 - 2014-02-12 17:18 - 00005420 _____ () C:\windows\System32\Tasks\Plus-HD-7.7-validator
2014-02-12 17:19 - 2014-02-12 17:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003132 _____ () C:\windows\System32\Tasks\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003108 _____ () C:\windows\System32\Tasks\RegClean Pro
2014-02-12 17:18 - 2014-02-12 17:18 - 00003028 _____ () C:\windows\System32\Tasks\System Speedup_UPDATES
2014-02-12 17:18 - 2014-02-12 17:18 - 00002872 _____ () C:\windows\System32\Tasks\System Speedup_DEFAULT
2014-02-12 17:16 - 2014-02-12 17:16 - 00000000 ____D () C:\Program Files\Level Quality Watcher
2014-02-12 17:05 - 2014-01-19 14:18 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-02-12 17:04 - 2014-01-19 14:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\DVDVideoSoft
2014-02-12 16:57 - 2014-02-09 21:00 - 00000000 ____D () C:\Program Files (x86)\Free Video Converter
2014-02-12 16:05 - 2013-11-29 20:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\OpenCandy
2014-02-12 08:02 - 2013-11-29 20:51 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-12 06:36 - 2014-01-18 21:09 - 01594432 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-11 19:58 - 2013-11-29 22:53 - 00000000 ____D () C:\Users\User\Documents\samsung
2014-02-11 19:33 - 2013-11-29 22:51 - 00000000 ____D () C:\Users\User\AppData\Local\Downloaded Installations
2014-02-11 19:33 - 2013-11-29 20:51 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-11 19:33 - 2013-11-18 14:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-02-11 19:33 - 2009-07-29 08:23 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-11 19:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-02-11 19:33 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2014-02-11 19:19 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-02-11 19:18 - 2014-02-09 21:04 - 00000000 ____D () C:\Users\User\Documents\OpenOffice 4.0.1 (de) Installation Files
2014-02-11 19:18 - 2014-02-09 21:04 - 00000000 ____D () C:\Users\User\Desktop\Drucker
2014-02-11 19:18 - 2014-02-09 21:02 - 00000000 ___RD () C:\Users\User\Desktop\Lenovo
2014-02-11 19:18 - 2014-02-09 21:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\FreeVideoConverter
2014-02-11 19:18 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\AppCompat
2014-02-11 13:26 - 2014-01-07 20:10 - 00000000 ____D () C:\Users\User\Documents\SelfMV
2014-02-11 12:47 - 2014-02-11 12:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nero
2014-02-11 10:10 - 2014-02-11 10:03 - 82702176 _____ (Nero AG) C:\Users\User\Downloads\Nero_BurningROM2014-15.0.04200_trial.exe
2014-02-09 21:12 - 2014-02-09 21:12 - 01279432 _____ (Koyote-Lab Inc) C:\Users\User\Downloads\FreeVideosToDVDSetup-r0-n-bf.exe
2014-02-08 09:10 - 2014-02-08 09:10 - 00000000 ____D () C:\windows\SysWOW64\SearchProtect
2014-02-07 16:33 - 2014-02-11 13:18 - 04659712 _____ (Dmitry Streblechenko) C:\windows\SysWOW64\Redemption.dll
2014-02-06 13:16 - 2014-02-12 06:32 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 06:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 06:32 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 06:32 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 06:32 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 06:32 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 06:32 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 06:32 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 06:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 06:32 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 06:32 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 06:32 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 06:32 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 06:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 06:32 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 06:32 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 06:32 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 06:32 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 06:32 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 06:32 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 06:32 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 06:32 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 06:32 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 06:32 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 06:32 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 06:32 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 06:32 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 06:32 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 06:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 06:32 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 06:32 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 06:32 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 06:32 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 06:32 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 06:32 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 06:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 06:32 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 06:32 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 06:32 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-05 23:16 - 2013-11-25 06:06 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 23:16 - 2013-11-25 06:06 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 23:16 - 2013-11-25 06:06 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 23:11 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-01-30 22:34 - 2014-01-30 22:34 - 01071000 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-01-23 18:31 - 2014-02-11 13:17 - 00821824 _____ (Devguru Co., Ltd.) C:\windows\SysWOW64\dgderapi.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00974848 _____ () C:\windows\SysWOW64\cis-2.4.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00569344 _____ ((c) MusicCity) C:\windows\SysWOW64\muzdecode.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00491520 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzapp.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00352256 _____ (Sample Corporation) C:\windows\SysWOW64\MSLUR71.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00258048 _____ ((c) PeeringPortal) C:\windows\SysWOW64\muzoggsp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00245760 _____ (Teruten Inc.) C:\windows\SysWOW64\MSCLib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00200704 _____ ( (c) MusicCity) C:\windows\SysWOW64\muzwmts.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00172032 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzapp.exe
2014-01-23 18:31 - 2014-01-23 18:31 - 00155648 _____ (Teruten Inc.) C:\windows\SysWOW64\MSFLib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00143360 _____ () C:\windows\SysWOW64\3DAudio.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00135168 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzaf1.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00131072 _____ ((c) MusicCity) C:\windows\SysWOW64\muzmpgsp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00122880 _____ ((c) MUSICCITY) C:\windows\SysWOW64\muzeffect.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00118784 _____ ((주)마크애니) C:\windows\SysWOW64\MaDRM.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00110592 _____ ((c) MusicCity) C:\windows\SysWOW64\muzmp4sp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00081920 _____ () C:\windows\SysWOW64\issacapi_bs-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00065536 _____ () C:\windows\SysWOW64\issacapi_pe-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ (Marktek) C:\windows\SysWOW64\MK_Lyric.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ (Marktek Inc.) C:\windows\SysWOW64\MTXSYNCICON.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ () C:\windows\SysWOW64\issacapi_se-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00049152 _____ ((주) 마크애니) C:\windows\SysWOW64\MaJGUILib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045320 _____ (MARKANY) C:\windows\SysWOW64\MAMACExtract.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045056 _____ ((주) 마크애니) C:\windows\SysWOW64\MaXMLProto.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045056 _____ ((주) 마크애니) C:\windows\SysWOW64\MACXMLProto.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00040960 _____ (Telechips Inc.,) C:\windows\SysWOW64\MTTELECHIP.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00024576 _____ ((주)마크애니) C:\windows\SysWOW64\MASetupCleaner.exe
2014-01-23 04:21 - 2014-02-11 14:49 - 00206080 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\windows\system32\Drivers\ssudmdm.sys
2014-01-23 04:21 - 2014-02-11 14:49 - 00108800 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\windows\system32\Drivers\ssudbus.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00188232 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdm.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00169288 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadbus.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00038080 _____ (Google Inc) C:\windows\system32\Drivers\ssadadb.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00021320 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdfl.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00017736 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadwhnt.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00017224 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadcmnt.sys
2014-01-22 21:26 - 2013-11-22 20:08 - 00022315 _____ () C:\windows\IE11_main.log
2014-01-22 20:26 - 2013-11-25 06:04 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-01-19 14:31 - 2014-01-19 14:31 - 00000000 _____ () C:\END
2014-01-19 14:15 - 2014-01-19 14:12 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\User\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe
2014-01-19 13:34 - 2014-01-19 13:03 - 00000000 ____D () C:\Users\User\AppData\Local\Avg2014
2014-01-19 13:09 - 2014-01-18 17:49 - 00000000 ____D () C:\Program Files\Bitdefender
2014-01-19 13:08 - 2014-01-19 13:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVG2014
2014-01-19 13:07 - 2014-01-19 13:07 - 00003230 _____ () C:\windows\System32\Tasks\SidebarExecute
2014-01-19 13:07 - 2014-01-19 13:05 - 00000000 ____D () C:\ProgramData\AVG2014
2014-01-19 13:07 - 2013-11-29 20:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\TuneUp Software
2014-01-19 13:05 - 2014-01-19 13:05 - 00000000 ___HD () C:\$AVG
2014-01-19 13:04 - 2014-01-19 13:04 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-01-19 13:03 - 2014-01-19 13:03 - 00000000 ____D () C:\Users\User\AppData\Local\MFAData
2014-01-19 12:38 - 2014-01-19 11:33 - 157274976 _____ (AVG Technologies) C:\Users\User\Downloads\avg_isct_x64_all_2014_4259a6848_huawei.exe
2014-01-19 11:18 - 2014-01-19 11:18 - 00257776 _____ () C:\ProgramData\1390126546.bdinstall.bin
2014-01-19 11:17 - 2014-01-18 17:49 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-01-19 11:17 - 2014-01-18 17:47 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-01-19 11:11 - 2009-07-14 05:45 - 00456640 _____ () C:\windows\system32\FNTCACHE.DAT
2014-01-18 22:10 - 2014-01-18 22:10 - 00487505 _____ () C:\ProgramData\1390079142.bdinstall.bin
2014-01-18 21:50 - 2014-01-18 21:50 - 00000385 _____ () C:\windows\system32\user_gensett.xml
2014-01-18 21:50 - 2014-01-18 21:50 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-01-18 21:48 - 2013-12-05 20:26 - 00000000 ____D () C:\avast! sandbox
2014-01-18 21:48 - 2013-11-22 19:37 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-01-18 19:40 - 2014-01-18 19:40 - 00074512 _____ (BitDefender SRL) C:\windows\system32\bdsandboxuiskin32.dll
2014-01-18 19:40 - 2014-01-18 18:20 - 00074512 _____ (BitDefender SRL) C:\windows\SysWOW64\bdsandboxuiskin32.dll
2014-01-18 19:36 - 2014-01-18 18:21 - 00000000 ____D () C:\ProgramData\BDLogging
2014-01-18 19:34 - 2014-01-18 19:34 - 01381380 _____ () C:\ProgramData\1390063750.bdinstall.bin
2014-01-18 18:22 - 2014-01-18 18:22 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-01-18 17:49 - 2014-01-18 17:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\BackupSetup.exe
C:\Users\User\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\User\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\User\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\User\AppData\Local\Temp\Execute2App.exe
C:\Users\User\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\User\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\User\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\User\AppData\Local\Temp\IMsetup.exe
C:\Users\User\AppData\Local\Temp\Kies3RemoveAll.exe
C:\Users\User\AppData\Local\Temp\MSNBDB5.exe
C:\Users\User\AppData\Local\Temp\msvcp90.dll
C:\Users\User\AppData\Local\Temp\msvcr90.dll
C:\Users\User\AppData\Local\Temp\nsj1A7B.exe
C:\Users\User\AppData\Local\Temp\nsj23A0.exe
C:\Users\User\AppData\Local\Temp\nsk6E60.exe
C:\Users\User\AppData\Local\Temp\nskACE6.exe
C:\Users\User\AppData\Local\Temp\nspB5E.exe
C:\Users\User\AppData\Local\Temp\nsqB409.exe
C:\Users\User\AppData\Local\Temp\nsqEB8D.exe
C:\Users\User\AppData\Local\Temp\nsu47A.exe
C:\Users\User\AppData\Local\Temp\nsvF2A0.exe
C:\Users\User\AppData\Local\Temp\RegClean7.exe
C:\Users\User\AppData\Local\Temp\ResetDevice.exe
C:\Users\User\AppData\Local\Temp\Samsung_USB-Driver_for_Mobile_Phones-1.5.27.0.exe
C:\Users\User\AppData\Local\Temp\sdanircmdc.exe
C:\Users\User\AppData\Local\Temp\sdapskill.exe
C:\Users\User\AppData\Local\Temp\sdaspwn.exe
C:\Users\User\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\User\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\User\AppData\Local\Temp\SPSetup.exe
C:\Users\User\AppData\Local\Temp\vcredist_x64.exe
C:\Users\User\AppData\Local\Temp\VersionUpdater.exe
C:\Users\User\AppData\Local\Temp\vis-de.exe
C:\Users\User\AppData\Local\Temp\WtgZip.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-09 19:40
==================== End Of Log ============================
FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by User at 2014-02-16 12:45:14
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
ALDI TALK Verbindungsassistent (x32 Version: - ALDI TALK Verbindungsassistent)
AMD Fuel (Version: 2010.1129.1139.20817 - Ihr Firmenname) Hidden
Atheros Client Installation Program (x32 Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.33 - Atheros Communications Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.51129 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (Version: 3.0.800.0 - ATI Technologies, Inc.)
AVG 2014 (Version: 14.0.3705 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4335 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4335 - AVG Technologies)
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.1129.1139.20817 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1129.1139.20817 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.1129.1139.20817 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2010.1129.1139.20817 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help English (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help French (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help German (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
ccc-core-static (x32 Version: 2010.1129.1139.20817 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.1129.1139.20817 - ATI) Hidden
Conexant HD Audio (Version: 8.46.0.50 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
Druckerdeinstallation für EPSON S22 Series (Version: - SEIKO EPSON Corporation)
Energy Management (x32 Version: 6.0.1.5 - Lenovo)
Energy Management (x32 Version: 6.0.1.5 - Lenovo) Hidden
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON File Manager (x32 Version: 1.3.2.0 - )
EPSON Scan (x32 Version: - Seiko Epson Corporation)
EPSON Scan Assistant (x32 Version: 1.10.00 - )
EpsonNet Config V4 (x32 Version: 4.1.1 - SEIKO EPSON CORPORATION)
Free Audio Converter version 5.0.32.1230 (x32 Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free MP3 Converter (x32 Version: - EIPC)
Free YouTube to MP3 Converter version 3.12.20.1230 (x32 Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EE Boot Optimizer (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (x32 Version: 7.0.1628 - CyberLink Corp.)
Lenovo PowerDVD 10 (x32 Version: 10.0.2318.52 - CyberLink Corp.)
Lenovo PowerDVD 10 (x32 Version: 10.0.2318.52 - CyberLink Corp.) Hidden
Lenovo YouCam (x32 Version: 3.1.3603 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3603 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (x32 Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
PowerXpressHybrid (x32 Version: 1.00.0000 - ATI) Hidden
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Synaptics Pointing Device Driver (Version: 15.1.12.0 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
UserGuide (x32 Version: 1.0.0.6 - Lenovo)
VIS (x32 Version: - ) <==== ATTENTION
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
==================== Restore Points =========================
11-02-2014 11:41:43 Installed Nero Burning ROM 2014.
11-02-2014 11:56:59 Installed Samsung Kies3
11-02-2014 11:58:51 Installed Samsung Kies3
11-02-2014 12:15:41 Installed Samsung Kies
11-02-2014 18:13:03 Wiederherstellungsvorgang
12-02-2014 05:31:43 Windows Update
12-02-2014 12:07:34 TuneUp Utilities 2014 wird entfernt
12-02-2014 15:17:51 TuneUp Utilities 2014 wird entfernt
12-02-2014 15:19:11 TuneUp Utilities 2014 (de-DE) wird entfernt
13-02-2014 05:21:55 Windows Update
13-02-2014 06:59:21 Removed Samsung Kies
13-02-2014 21:23:33 Removed Nero Burning ROM 2014.
13-02-2014 21:26:52 Removed Universal Adb Driver
16-02-2014 01:32:25 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {16B0C564-AC55-4AC7-A0DC-08FE4B61A596} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {2192A892-1841-4708-954D-DE4B6D73E54A} - System32\Tasks\Plus-HD-7.7-firefoxinstaller => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-firefoxinstaller.exe <==== ATTENTION
Task: {231E6030-6754-46F2-999F-7F320BFF2930} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {27F4D992-7D67-4BFC-A758-02C3E550768A} - System32\Tasks\{236E1664-5506-4B0C-92B8-00370A6EFE56} => Firefox.exe
Task: {44F4D613-9FF3-4EDD-9F6F-8495DB5FDE17} - System32\Tasks\Plus-HD-7.7-updater => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-updater.exe <==== ATTENTION
Task: {6B5EF4BE-B91E-4BF1-8D49-A6F70D1BCBA9} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-05] (CyberLink)
Task: {6E6E8677-4B8D-46C9-83A1-FE8CC4E9C2F8} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {8D6504AF-2D29-4A3E-A719-E28CE7630394} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {9D9E50B7-44B5-43A8-8081-7A889008081D} - System32\Tasks\{F5A4EA52-F3E2-4D2A-A1E4-537D1066816B} => C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe [2013-11-22] ()
Task: {AF5DC9FF-7F08-4F4B-8630-46403C40EB00} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {C034590B-9EAD-4187-BA73-27BD91445E7A} - System32\Tasks\Games\UpdateCheck_S-1-5-21-769514679-1109052257-2407649337-1001
Task: {E7E7400C-B1CF-41ED-8200-8F9D1FCB86CA} - System32\Tasks\Plus-HD-7.7-codedownloader => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-codedownloader.exe <==== ATTENTION
Task: {F2C81A9C-C1C4-4A82-9B60-5DEBDEBC6A35} - System32\Tasks\Plus-HD-7.7-enabler => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-enabler.exe <==== ATTENTION
Task: {F77D689F-F513-4A0F-9F6B-6DA986902247} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {FD275931-7ED6-40BC-B2AC-A0CA5AC00D08} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {FDBEDABD-130C-4F3F-BD27-949EBDCEAEA3} - System32\Tasks\Plus-HD-7.7-validator => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-validator.exe <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Plus-HD-7.7-codedownloader.job => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-7.7-enabler.job => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-7.7-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-firefoxinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-7.7-updater.job => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-updater.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-7.7-validator.job => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-validator.exe <==== ATTENTION
Task: C:\windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\windows\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
==================== Loaded Modules (whitelisted) =============
2008-12-20 04:20 - 2013-11-18 13:57 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2013-11-18 13:57 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2013-11-22 19:30 - 2013-11-22 19:30 - 00358968 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2014-01-19 14:19 - 2013-12-30 20:05 - 00132664 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.Resources.dll
2014-01-19 14:19 - 2013-12-30 16:31 - 00036864 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\DVDVideoSoft.Resources.resources.dll
2014-01-19 14:19 - 2013-12-30 21:27 - 00110648 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-01-19 14:18 - 2013-12-30 21:27 - 00037944 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\jansson.dll
2014-01-19 14:19 - 2013-12-30 21:08 - 00083512 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_thread-vc100-mt-1_53.dll
2014-01-19 14:19 - 2013-12-30 21:08 - 00018488 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc100-mt-1_53.dll
2014-01-19 14:19 - 2013-12-30 21:08 - 00103992 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc100-mt-1_53.dll
2014-01-19 14:19 - 2013-12-30 21:08 - 05209656 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avformat-55.dll
2014-01-19 14:19 - 2013-12-30 21:08 - 15904824 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avcodec-55.dll
2014-01-19 14:19 - 2013-12-30 21:08 - 00407096 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avutil-52.dll
2013-09-20 13:50 - 2013-09-20 13:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2013-09-17 04:54 - 2013-09-17 04:54 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2014-02-15 01:55 - 2014-02-15 01:56 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-05 23:16 - 2014-02-05 23:16 - 16287624 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: hlnfd
Description: hlnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hlnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/15/2014 05:41:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/15/2014 00:53:38 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 27.0.1.5156 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e88
Startzeit: 01cf2a3f4c88e724
Endzeit: 75
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: c88d6c15-9637-11e3-8d38-b870f43d656a
Error: (02/15/2014 02:52:28 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x122c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (02/14/2014 01:56:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x8ac
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (02/13/2014 10:25:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x804
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (02/13/2014 11:56:43 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x11e4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (02/12/2014 07:13:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: cltmngui.exe, Version: 2.9.65.0, Zeitstempel: 0x52ef703f
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0x994
Startzeit der fehlerhaften Anwendung: 0xcltmngui.exe0
Pfad der fehlerhaften Anwendung: cltmngui.exe1
Pfad des fehlerhaften Moduls: cltmngui.exe2
Berichtskennung: cltmngui.exe3
Error: (02/12/2014 05:36:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0xdb4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (02/12/2014 05:25:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x26c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (02/11/2014 07:36:28 PM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Installed Nero Burning ROM 2014.). Zusätzliche Informationen: 0x80070005.
System errors:
=============
Error: (02/16/2014 10:51:45 AM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (02/16/2014 10:51:44 AM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (02/16/2014 10:51:44 AM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (02/16/2014 04:19:52 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
hlnfd
Error: (02/16/2014 02:29:49 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (02/15/2014 00:00:29 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (02/14/2014 10:19:05 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (02/14/2014 01:35:21 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (02/14/2014 01:05:30 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (02/14/2014 01:05:29 PM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Microsoft Office Sessions:
=========================
Error: (02/15/2014 05:41:33 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\Software\SoftonicDownloader_fuer_samsung-kies.exe
Error: (02/15/2014 00:53:38 PM) (Source: Application Hang)(User: )
Description: firefox.exe27.0.1.5156e8801cf2a3f4c88e72475C:\Program Files (x86)\Mozilla Firefox\firefox.exec88d6c15-9637-11e3-8d38-b870f43d656a
Error: (02/15/2014 02:52:28 AM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8122c01cf29d03d343f49C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dlld2534126-95e3-11e3-8d38-b870f43d656a
Error: (02/14/2014 01:56:10 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a88ac01cf2980f0708882C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll5fe5e633-9577-11e3-8d38-b870f43d656a
Error: (02/13/2014 10:25:29 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a880401cf29020465f4bcC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll5c12b02d-94f5-11e3-9d08-b870f43d656a
Error: (02/13/2014 11:56:43 AM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a811e401cf28a05f2b9e17C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll85a0f0f0-949d-11e3-adea-b870f43d656a
Error: (02/12/2014 07:13:15 PM) (Source: Application Error)(User: )
Description: cltmngui.exe2.9.65.052ef703fntdll.dll6.1.7601.18247521ea8e7c00000050002e3be99401cf27e9e1b57ed5C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exeC:\windows\SysWOW64\ntdll.dll570baf11-9411-11e3-901d-b870f43d656a
Error: (02/12/2014 05:36:13 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8db401cf280f8fe04a50C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllc9009d99-9403-11e3-901d-b870f43d656a
Error: (02/12/2014 05:25:18 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a826c01cf280ef4f6faf2C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll4247b15a-9402-11e3-901d-b870f43d656a
Error: (02/11/2014 07:36:28 PM) (Source: System Restore)(User: )
Description: Installed Nero Burning ROM 2014.0x80070005
==================== Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 5738.9 MB
Available physical RAM: 3700.52 MB
Total Pagefile: 11475.98 MB
Available Pagefile: 9247.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:254.14 GB) (Free:193.55 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F761340D)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=254 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)
==================== End Of Log ============================
DANKE für dein Verständnis!!! |
|
17.02.2014, 13:16
| #6 |
| /// the machine /// TB-Ausbilder | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. hi, Scan mit Combofix
__________________ --> Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. |
|
17.02.2014, 16:46
| #7 |
| | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Hallo schrauber, leider kann ich nicht bestimmen, wo combofix.exe gepeichert werden kann. so speichert der laptop autommatisch unter dowloads... wenn sich die datei entpackt und scant finde ich das ergebnis nicht mehr wieder  mlg annab. |
|
18.02.2014, 12:26
| #8 |
| /// the machine /// TB-Ausbilder | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Schau mal unter C:\Combofix.txt  Mal abgesehen davon dass DU die DAtei auch einfach aus dem Download Ordner auf den Desktop schieben kannst
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.02.2014, 22:01
| #9 |
| | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Sorry, unter c finde ich combofix darunter finde ich lediglich 2 Ordner de-DE und REGT aber leider nirgendwo die Textdatei dessen was zuvor durchsucht wurde????  |
|
19.02.2014, 16:35
| #10 |
| /// the machine /// TB-Ausbilder | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.02.2014, 08:32
| #11 |
| | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Hallo Schrauber! Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.20.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 User :: USER-PC [Administrator] Schutz: Aktiviert 20.02.2014 16:02:00 mbam-log-2014-02-20 (16-02-00).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|H:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 377023 Laufzeit: 1 Stunde(n), 32 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 22 HKCR\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free Video Converter (PUP.Optional.Koyote.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0050780.BHO (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0050780.Sandbox (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0050780.Sandbox.1 (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\AppDataLow\Software\Plus-HD-7.7 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\AppDataLow\Software\Savings Bull (PUP.Optional.SavingsBull.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Highlightly (PUP.Optional.Highlightly) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Plus-HD-7.7 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD (PUP.Optional.Highlightly) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071180} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{11111111-1111-1111-1111-110511071180} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511071180} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071180} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKLM\SYSTEM\CurrentControlSet\Services\hlnfd|DisplayName (PUP.Optional.Highlightly) -> Daten: hlnfd -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 2 HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.HelperBar.A) -> Bösartig: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=0c149783-03e6-221c-27ec-080fb04458d4&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.HelperBar.A) -> Bösartig: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=0c149783-03e6-221c-27ec-080fb04458d4&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 12 C:\Users\User\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\024A0BD4D1F44C10858FE0D2601EC9EF (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\0EFC820FB7804036BCCAD5E034766539 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\3F8C92158B914389B82CF28BB60567F3 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\6AC51CBE279A4E38AAE8E5EB55C1E3C8 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\A44A96B6C2CA428996DED7E0978F9030 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\A57A535139DD454EBB016768BEAF0A59 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\BCC8B8573C594F15AF1CA9AF28A9B596 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\EFD88FB02D1046348DBE5666606B1607 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\Level Quality Watcher\v1.01 (PUP.Optional.Adpeak) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 29 C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe (PUP.Optional.Savingsbull) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Savingsbull) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Free Video Converter\Uninstall.exe (PUP.Optional.Koyote.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\024A0BD4D1F44C10858FE0D2601EC9EF\dlm.exe (PUP.Optional.OpenCandy.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\3F8C92158B914389B82CF28BB60567F3\Installer.exe (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\A57A535139DD454EBB016768BEAF0A59\SSStub_SearchProtect_p1v0.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\BCC8B8573C594F15AF1CA9AF28A9B596\sp-downloader.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\Downloads\FreeVideosToDVDSetup-r0-n-bf.exe (PUP.Optional.Koyote.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\Downloads\setup.exe (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\Downloads\Software\SoftonicDownloader_fuer_samsung-kies.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\RegClean Pro_UPDATES.job (PUP.Optional.RegCleanerPro.J) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-7.7-codedownloader.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-7.7-enabler.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-7.7-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-7.7-updater.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-7.7-validator.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\RegClean Pro_DEFAULT.job (PUP.Optional.RegCleanPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\024A0BD4D1F44C10858FE0D2601EC9EF\Setup1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\024A0BD4D1F44C10858FE0D2601EC9EF\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\0EFC820FB7804036BCCAD5E034766539\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\6AC51CBE279A4E38AAE8E5EB55C1E3C8\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\A44A96B6C2CA428996DED7E0978F9030\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\EFD88FB02D1046348DBE5666606B1607\Setupsft_chr_p1v7.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\bl.txt (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\log_02-12-2014.log (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter 2014/02/20 15:50:15 +0100 USER-PC User MESSAGE Starting protection
2014/02/20 15:50:15 +0100 USER-PC User MESSAGE Protection started successfully
2014/02/20 15:50:15 +0100 USER-PC User MESSAGE Starting IP protection
2014/02/20 15:51:08 +0100 USER-PC User MESSAGE IP Protection started successfully
2014/02/20 16:01:02 +0100 USER-PC User MESSAGE Starting database refresh
2014/02/20 16:01:02 +0100 USER-PC User MESSAGE Stopping IP protection
2014/02/20 16:01:15 +0100 USER-PC User MESSAGE IP Protection stopped successfully
2014/02/20 16:01:23 +0100 USER-PC User MESSAGE Database refreshed successfully
2014/02/20 16:01:23 +0100 USER-PC User MESSAGE Starting IP protection
2014/02/20 16:01:35 +0100 USER-PC User MESSAGE IP Protection started successfully
2014/02/20 19:18:13 +0100 USER-PC User MESSAGE Starting protection
2014/02/20 19:18:13 +0100 USER-PC User MESSAGE Protection started successfully
2014/02/20 19:18:13 +0100 USER-PC User MESSAGE Starting IP protection
2014/02/20 19:18:27 +0100 USER-PC User MESSAGE IP Protection started successfully
2014/02/20 21:34:11 +0100 USER-PC User MESSAGE Executing scheduled update: Daily
2014/02/20 21:34:48 +0100 USER-PC User MESSAGE Scheduled update executed successfully: database updated from version v2014.02.20.06 to version v2014.02.20.10
2014/02/20 21:34:48 +0100 USER-PC User MESSAGE Starting database refresh
2014/02/20 21:34:48 +0100 USER-PC User MESSAGE Stopping IP protection
2014/02/20 21:34:48 +0100 USER-PC User MESSAGE IP Protection stopped successfully
2014/02/20 21:35:14 +0100 USER-PC User MESSAGE Database refreshed successfully
2014/02/20 21:35:14 +0100 USER-PC User MESSAGE Starting IP protection
2014/02/20 21:35:26 +0100 USER-PC User MESSAGE IP Protection started successfully
Hallo Schrauber, Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.20.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 User :: USER-PC [Administrator] Schutz: Aktiviert 20.02.2014 16:02:00 mbam-log-2014-02-20 (16-02-00).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|H:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 377023 Laufzeit: 1 Stunde(n), 32 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 22 HKCR\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free Video Converter (PUP.Optional.Koyote.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0050780.BHO (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0050780.Sandbox (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0050780.Sandbox.1 (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\AppDataLow\Software\Plus-HD-7.7 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\AppDataLow\Software\Savings Bull (PUP.Optional.SavingsBull.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Highlightly (PUP.Optional.Highlightly) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Plus-HD-7.7 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD (PUP.Optional.Highlightly) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071180} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{11111111-1111-1111-1111-110511071180} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511071180} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071180} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKLM\SYSTEM\CurrentControlSet\Services\hlnfd|DisplayName (PUP.Optional.Highlightly) -> Daten: hlnfd -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 2 HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.HelperBar.A) -> Bösartig: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=0c149783-03e6-221c-27ec-080fb04458d4&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.HelperBar.A) -> Bösartig: (hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=0c149783-03e6-221c-27ec-080fb04458d4&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=13/01/2014&type=hp1000) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 12 C:\Users\User\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\024A0BD4D1F44C10858FE0D2601EC9EF (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\0EFC820FB7804036BCCAD5E034766539 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\3F8C92158B914389B82CF28BB60567F3 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\6AC51CBE279A4E38AAE8E5EB55C1E3C8 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\A44A96B6C2CA428996DED7E0978F9030 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\A57A535139DD454EBB016768BEAF0A59 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\BCC8B8573C594F15AF1CA9AF28A9B596 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\EFD88FB02D1046348DBE5666606B1607 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\Level Quality Watcher\v1.01 (PUP.Optional.Adpeak) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 29 C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe (PUP.Optional.Savingsbull) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Savingsbull) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Free Video Converter\Uninstall.exe (PUP.Optional.Koyote.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\024A0BD4D1F44C10858FE0D2601EC9EF\dlm.exe (PUP.Optional.OpenCandy.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\3F8C92158B914389B82CF28BB60567F3\Installer.exe (PUP.Optional.Linkury.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\A57A535139DD454EBB016768BEAF0A59\SSStub_SearchProtect_p1v0.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\BCC8B8573C594F15AF1CA9AF28A9B596\sp-downloader.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\Downloads\FreeVideosToDVDSetup-r0-n-bf.exe (PUP.Optional.Koyote.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\Downloads\setup.exe (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\Downloads\Software\SoftonicDownloader_fuer_samsung-kies.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\RegClean Pro_UPDATES.job (PUP.Optional.RegCleanerPro.J) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-7.7-codedownloader.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-7.7-enabler.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-7.7-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-7.7-updater.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Plus-HD-7.7-validator.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\RegClean Pro_DEFAULT.job (PUP.Optional.RegCleanPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\024A0BD4D1F44C10858FE0D2601EC9EF\Setup1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\024A0BD4D1F44C10858FE0D2601EC9EF\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\0EFC820FB7804036BCCAD5E034766539\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\6AC51CBE279A4E38AAE8E5EB55C1E3C8\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\A44A96B6C2CA428996DED7E0978F9030\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\OpenCandy\EFD88FB02D1046348DBE5666606B1607\Setupsft_chr_p1v7.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\bl.txt (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\log_02-12-2014.log (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\User\AppData\Roaming\systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter 2014/02/20 15:50:15 +0100 USER-PC User MESSAGE Starting protection
2014/02/20 15:50:15 +0100 USER-PC User MESSAGE Protection started successfully
2014/02/20 15:50:15 +0100 USER-PC User MESSAGE Starting IP protection
2014/02/20 15:51:08 +0100 USER-PC User MESSAGE IP Protection started successfully
2014/02/20 16:01:02 +0100 USER-PC User MESSAGE Starting database refresh
2014/02/20 16:01:02 +0100 USER-PC User MESSAGE Stopping IP protection
2014/02/20 16:01:15 +0100 USER-PC User MESSAGE IP Protection stopped successfully
2014/02/20 16:01:23 +0100 USER-PC User MESSAGE Database refreshed successfully
2014/02/20 16:01:23 +0100 USER-PC User MESSAGE Starting IP protection
2014/02/20 16:01:35 +0100 USER-PC User MESSAGE IP Protection started successfully
2014/02/20 19:18:13 +0100 USER-PC User MESSAGE Starting protection
2014/02/20 19:18:13 +0100 USER-PC User MESSAGE Protection started successfully
2014/02/20 19:18:13 +0100 USER-PC User MESSAGE Starting IP protection
2014/02/20 19:18:27 +0100 USER-PC User MESSAGE IP Protection started successfully
2014/02/20 21:34:11 +0100 USER-PC User MESSAGE Executing scheduled update: Daily
2014/02/20 21:34:48 +0100 USER-PC User MESSAGE Scheduled update executed successfully: database updated from version v2014.02.20.06 to version v2014.02.20.10
2014/02/20 21:34:48 +0100 USER-PC User MESSAGE Starting database refresh
2014/02/20 21:34:48 +0100 USER-PC User MESSAGE Stopping IP protection
2014/02/20 21:34:48 +0100 USER-PC User MESSAGE IP Protection stopped successfully
2014/02/20 21:35:14 +0100 USER-PC User MESSAGE Database refreshed successfully
2014/02/20 21:35:14 +0100 USER-PC User MESSAGE Starting IP protection
2014/02/20 21:35:26 +0100 USER-PC User MESSAGE IP Protection started successfully
2014/02/20 21:55:40 +0100 USER-PC User MESSAGE Starting protection
2014/02/20 21:55:40 +0100 USER-PC User MESSAGE Protection started successfully
2014/02/20 21:55:40 +0100 USER-PC User MESSAGE Starting IP protection
2014/02/20 21:55:54 +0100 USER-PC User MESSAGE IP Protection started successfully
Code:
ATTFilter # AdwCleaner v3.019 - Bericht erstellt am 20/02/2014 um 21:53:12
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : User - USER-PC
# Gestartet von : C:\Users\User\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\sweetpacks bundle uninstaller
Ordner Gelöscht : C:\windows\SysWOW64\Searchprotect
Ordner Gelöscht : C:\Program Files\Level Quality Watcher
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\Allin1Convert_8h
Ordner Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Ordner Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
Datei Gelöscht : C:\windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\user.js
Datei Gelöscht : C:\windows\System32\Tasks\RegClean Pro
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [gethighlightly@gethighlightly.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072280}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075580}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076680}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072280}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075580}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076680}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\systweak
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v27.0.1 (de)
[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Conduit Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Conduit Search");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14426ea628c9b213f90861a2e8301185");
Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.id", "826d0cf5000000000000000000000000");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16038");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.26.8");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.26.822:57:40");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.26.8");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.lastActivePing", "1390139235535");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.weather.location", "10001");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "allin1convert@mindspark.com");
Zeile gelöscht : user_pref("iminent.LayoutId", "28");
Zeile gelöscht : user_pref("iminent.enabledAds", "false");
Zeile gelöscht : user_pref("iminent.version", "7.48.1.1");
-\\ Google Chrome v
[ Datei : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6612 octets] - [20/02/2014 21:48:27]
AdwCleaner[S0].txt - [5957 octets] - [20/02/2014 21:53:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6017 octets] ##########
so, nun der 3. Teil: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by User on 20.02.2014 at 22:17:32,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\free video converter"
~~~ FireFox
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\fqv36ojr.default\minidumps [76 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.02.2014 at 22:51:49,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-02-2014
Ran by User (administrator) on USER-PC on 20-02-2014 22:55:23
Running from C:\Users\User\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9744800 2013-11-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5399456 2013-11-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2013-11-18] (Lenovo)
HKLM\...\Run: [InstallerLauncher] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2010-12-05] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [224352 2010-12-05] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [301568 2013-11-27] (Microsoft Corporation)
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.80.1 192.168.80.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\Extensions\trash [2014-01-19]
Chrome:
=======
CHR HomePage: chrome://newtab
CHR RestoreOnStartup: "hxxp://www.giga.de/software/"
CHR Extension: (No Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-29]
==================== Services (Whitelisted) =================
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-11-22] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2010-11-29] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2013-11-22] (The OpenVPN Project)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [115328 2008-07-24] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 IAStorDataMgrSvc;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerServic;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SoftwareService;
U2 Stereo Service;
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-20 22:55 - 2014-02-20 22:55 - 00012818 _____ () C:\Users\User\Downloads\FRST.txt
2014-02-20 22:51 - 2014-02-20 22:51 - 00000911 _____ () C:\Users\User\Desktop\JRT.txt
2014-02-20 22:19 - 2014-02-20 22:19 - 02153984 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-02-20 22:17 - 2014-02-20 22:17 - 00000000 ____D () C:\windows\ERUNT
2014-02-20 22:16 - 2014-02-20 22:16 - 01037734 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-02-20 21:48 - 2014-02-20 21:53 - 00000000 ____D () C:\AdwCleaner
2014-02-20 15:52 - 2014-02-20 15:52 - 01241834 _____ () C:\Users\User\Downloads\adwcleaner.exe
2014-02-20 15:49 - 2014-02-20 15:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-20 15:49 - 2014-02-20 15:49 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-20 15:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-02-17 21:45 - 2014-02-17 21:45 - 00000000 ____D () C:\Users\User\Documents\My Kindle Content
2014-02-17 21:44 - 2014-02-17 21:44 - 00002221 _____ () C:\Users\User\Desktop\Kindle.lnk
2014-02-17 21:44 - 2014-02-17 21:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-02-17 21:44 - 2014-02-17 21:44 - 00000000 ____D () C:\Users\User\AppData\Local\Amazon
2014-02-17 21:25 - 2014-02-17 21:32 - 38103832 _____ (Amazon.com) C:\Users\User\Downloads\KindleForPC-installer.exe
2014-02-17 16:31 - 2014-02-17 18:55 - 00000000 ___SD () C:\32788R22FWJFW
2014-02-17 16:00 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2014-02-17 16:00 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2014-02-17 16:00 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-02-17 16:00 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-02-17 16:00 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-02-17 16:00 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2014-02-17 16:00 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2014-02-17 16:00 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2014-02-17 15:59 - 2014-02-18 22:00 - 00000000 ___SD () C:\ComboFix
2014-02-17 15:59 - 2014-02-17 15:59 - 00000000 ____D () C:\windows\erdnt
2014-02-17 15:59 - 2014-02-17 15:59 - 00000000 ____D () C:\Qoobox
2014-02-16 12:41 - 2014-02-20 22:55 - 00000000 ____D () C:\FRST
2014-02-15 01:55 - 2014-02-17 21:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 13:17 - 2014-02-14 13:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-02-14 13:11 - 2014-02-14 13:11 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-13 09:46 - 2014-02-13 22:09 - 00000000 ____D () C:\Ulli
2014-02-12 23:21 - 2014-02-12 23:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\XMedia Recode
2014-02-12 22:43 - 2014-02-12 22:43 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-02-12 22:42 - 2014-02-12 22:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVS4YOU
2014-02-12 22:40 - 2010-05-11 14:17 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2014-02-12 22:38 - 2014-02-13 09:32 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-02-12 22:23 - 2014-02-12 22:23 - 00000000 ____D () C:\Program Files (x86)\Free MP3 Converter
2014-02-12 17:18 - 2014-02-20 15:35 - 00000282 _____ () C:\windows\Tasks\System Speedup_DEFAULT.job
2014-02-12 17:18 - 2014-02-19 17:18 - 00000290 _____ () C:\windows\Tasks\System Speedup_UPDATES.job
2014-02-12 17:18 - 2014-02-12 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003132 _____ () C:\windows\System32\Tasks\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003028 _____ () C:\windows\System32\Tasks\System Speedup_UPDATES
2014-02-12 17:18 - 2014-02-12 17:18 - 00002872 _____ () C:\windows\System32\Tasks\System Speedup_DEFAULT
2014-02-12 17:08 - 2014-02-13 07:53 - 00000000 ____D () C:\Program Files (x86)\CD Audio MP3 Converter
2014-02-12 17:08 - 2001-03-23 16:29 - 00880912 _____ (Microsoft Corporation) C:\windows\WM8EUTIL.exe
2014-02-12 06:40 - 2014-01-01 00:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-02-12 06:40 - 2014-01-01 00:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-02-12 06:40 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-12 06:40 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-02-12 06:40 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-12 06:40 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-02-12 06:39 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-12 06:39 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-02-12 06:39 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-12 06:39 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-02-12 06:39 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-02-12 06:39 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-02-12 06:39 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-02-12 06:39 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-02-12 06:39 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-02-12 06:39 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 06:39 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-02-12 06:39 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-12 06:39 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-02-12 06:39 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-02-12 06:39 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 06:39 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 06:39 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-12 06:39 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-12 06:34 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-12 06:34 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-12 06:32 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-12 06:32 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-12 06:32 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-12 06:32 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-12 06:32 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-12 06:32 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-12 06:32 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-12 06:32 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-12 06:32 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-12 06:32 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-12 06:32 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-12 06:32 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-12 06:32 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-12 06:32 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-12 06:32 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-12 06:32 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-12 06:32 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-12 06:32 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-12 06:32 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-12 06:32 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-12 06:32 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-12 06:32 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-12 06:32 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-12 06:32 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-12 06:32 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-12 06:32 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-12 06:32 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-12 06:32 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-12 06:32 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-12 06:32 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-12 06:32 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-12 06:32 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-12 06:32 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-12 06:32 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-12 06:32 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-12 06:32 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-12 06:32 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-12 06:32 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-12 06:32 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-11 14:49 - 2014-01-23 04:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudmdm.sys
2014-02-11 14:49 - 2014-01-23 04:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudbus.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00188232 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdm.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00169288 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadbus.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00038080 _____ (Google Inc) C:\windows\system32\Drivers\ssadadb.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00021320 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdfl.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00017736 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadwhnt.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00017224 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadcmnt.sys
2014-02-11 13:26 - 2014-02-13 08:04 - 00000000 ____D () C:\Users\User\AppData\Local\Samsung
2014-02-11 13:18 - 2014-02-07 16:33 - 04659712 _____ (Dmitry Streblechenko) C:\windows\SysWOW64\Redemption.dll
2014-02-11 13:17 - 2014-01-23 18:31 - 00821824 _____ (Devguru Co., Ltd.) C:\windows\SysWOW64\dgderapi.dll
2014-02-11 12:46 - 2014-02-11 12:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nero
2014-02-11 12:42 - 2014-02-13 22:25 - 00000000 ____D () C:\ProgramData\Nero
2014-02-11 10:03 - 2014-02-11 10:10 - 82702176 _____ (Nero AG) C:\Users\User\Downloads\Nero_BurningROM2014-15.0.04200_trial.exe
2014-02-09 21:04 - 2014-02-11 19:18 - 00000000 ____D () C:\Users\User\Documents\OpenOffice 4.0.1 (de) Installation Files
2014-02-09 21:04 - 2014-02-11 19:18 - 00000000 ____D () C:\Users\User\Desktop\Drucker
2014-02-09 21:02 - 2014-02-12 17:37 - 00000000 ____D () C:\Users\User\Desktop\Konverter
2014-02-09 21:02 - 2014-02-11 19:18 - 00000000 ___RD () C:\Users\User\Desktop\Lenovo
2014-02-09 21:01 - 2014-02-11 19:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\FreeVideoConverter
2014-01-30 22:34 - 2014-01-30 22:34 - 01071000 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-01-23 18:31 - 2014-01-23 18:31 - 00974848 _____ () C:\windows\SysWOW64\cis-2.4.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00569344 _____ ((c) MusicCity) C:\windows\SysWOW64\muzdecode.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00491520 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzapp.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00352256 _____ (Sample Corporation) C:\windows\SysWOW64\MSLUR71.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00258048 _____ ((c) PeeringPortal) C:\windows\SysWOW64\muzoggsp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00245760 _____ (Teruten Inc.) C:\windows\SysWOW64\MSCLib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00200704 _____ ( (c) MusicCity) C:\windows\SysWOW64\muzwmts.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00172032 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzapp.exe
2014-01-23 18:31 - 2014-01-23 18:31 - 00155648 _____ (Teruten Inc.) C:\windows\SysWOW64\MSFLib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00143360 _____ () C:\windows\SysWOW64\3DAudio.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00135168 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzaf1.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00131072 _____ ((c) MusicCity) C:\windows\SysWOW64\muzmpgsp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00122880 _____ ((c) MUSICCITY) C:\windows\SysWOW64\muzeffect.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00118784 _____ ((주)마크애니) C:\windows\SysWOW64\MaDRM.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00110592 _____ ((c) MusicCity) C:\windows\SysWOW64\muzmp4sp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00081920 _____ () C:\windows\SysWOW64\issacapi_bs-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00065536 _____ () C:\windows\SysWOW64\issacapi_pe-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ (Marktek) C:\windows\SysWOW64\MK_Lyric.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ (Marktek Inc.) C:\windows\SysWOW64\MTXSYNCICON.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ () C:\windows\SysWOW64\issacapi_se-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00049152 _____ ((주) 마크애니) C:\windows\SysWOW64\MaJGUILib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045320 _____ (MARKANY) C:\windows\SysWOW64\MAMACExtract.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045056 _____ ((주) 마크애니) C:\windows\SysWOW64\MaXMLProto.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045056 _____ ((주) 마크애니) C:\windows\SysWOW64\MACXMLProto.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00040960 _____ (Telechips Inc.,) C:\windows\SysWOW64\MTTELECHIP.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00024576 _____ ((주)마크애니) C:\windows\SysWOW64\MASetupCleaner.exe
==================== One Month Modified Files and Folders =======
2014-02-20 22:56 - 2014-02-20 22:55 - 00012818 _____ () C:\Users\User\Downloads\FRST.txt
2014-02-20 22:55 - 2014-02-16 12:41 - 00000000 ____D () C:\FRST
2014-02-20 22:51 - 2014-02-20 22:51 - 00000911 _____ () C:\Users\User\Desktop\JRT.txt
2014-02-20 22:35 - 2013-12-20 22:18 - 00000000 ____D () C:\Users\User\Documents\Annabell
2014-02-20 22:19 - 2014-02-20 22:19 - 02153984 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-02-20 22:17 - 2014-02-20 22:17 - 00000000 ____D () C:\windows\ERUNT
2014-02-20 22:16 - 2014-02-20 22:16 - 01037734 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-02-20 22:16 - 2013-11-25 06:06 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 22:14 - 2014-01-19 13:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-20 22:07 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-02-20 22:04 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 22:04 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 22:01 - 2013-11-18 20:26 - 00699552 _____ () C:\windows\system32\perfh007.dat
2014-02-20 22:01 - 2013-11-18 20:26 - 00149660 _____ () C:\windows\system32\perfc007.dat
2014-02-20 22:01 - 2009-07-14 06:13 - 01620152 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-20 21:55 - 2013-11-18 13:59 - 00114093 _____ () C:\windows\system32\fastboot.set
2014-02-20 21:54 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-20 21:54 - 2009-07-14 05:51 - 00089309 _____ () C:\windows\setupact.log
2014-02-20 21:53 - 2014-02-20 21:48 - 00000000 ____D () C:\AdwCleaner
2014-02-20 21:53 - 2013-11-18 13:11 - 01430543 _____ () C:\windows\WindowsUpdate.log
2014-02-20 19:17 - 2013-11-22 19:59 - 00688354 _____ () C:\windows\PFRO.log
2014-02-20 19:14 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-20 17:59 - 2013-12-18 13:58 - 00000000 ____D () C:\Users\User\Downloads\Software
2014-02-20 15:52 - 2014-02-20 15:52 - 01241834 _____ () C:\Users\User\Downloads\adwcleaner.exe
2014-02-20 15:49 - 2014-02-20 15:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-20 15:49 - 2014-02-20 15:49 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-20 15:35 - 2014-02-12 17:18 - 00000282 _____ () C:\windows\Tasks\System Speedup_DEFAULT.job
2014-02-19 17:18 - 2014-02-12 17:18 - 00000290 _____ () C:\windows\Tasks\System Speedup_UPDATES.job
2014-02-18 22:00 - 2014-02-17 15:59 - 00000000 ___SD () C:\ComboFix
2014-02-17 21:45 - 2014-02-17 21:45 - 00000000 ____D () C:\Users\User\Documents\My Kindle Content
2014-02-17 21:44 - 2014-02-17 21:44 - 00002221 _____ () C:\Users\User\Desktop\Kindle.lnk
2014-02-17 21:44 - 2014-02-17 21:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-02-17 21:44 - 2014-02-17 21:44 - 00000000 ____D () C:\Users\User\AppData\Local\Amazon
2014-02-17 21:32 - 2014-02-17 21:25 - 38103832 _____ (Amazon.com) C:\Users\User\Downloads\KindleForPC-installer.exe
2014-02-17 21:04 - 2014-02-15 01:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 18:55 - 2014-02-17 16:31 - 00000000 ___SD () C:\32788R22FWJFW
2014-02-17 15:59 - 2014-02-17 15:59 - 00000000 ____D () C:\windows\erdnt
2014-02-17 15:59 - 2014-02-17 15:59 - 00000000 ____D () C:\Qoobox
2014-02-16 23:18 - 2014-01-13 19:09 - 00000000 ____D () C:\Users\User\Documents\CyberLink
2014-02-16 02:36 - 2013-11-22 21:48 - 00000000 ____D () C:\windows\system32\MRT
2014-02-16 02:33 - 2013-11-22 21:48 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-15 18:51 - 2013-11-18 14:00 - 00002130 _____ () C:\Users\User\Desktop\OneKey Recovery.lnk
2014-02-15 07:39 - 2013-11-23 18:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-02-14 13:17 - 2014-02-14 13:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-02-14 13:11 - 2014-02-14 13:11 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-02-14 08:30 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-02-13 22:25 - 2014-02-11 12:42 - 00000000 ____D () C:\ProgramData\Nero
2014-02-13 22:09 - 2014-02-13 09:46 - 00000000 ____D () C:\Ulli
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-13 22:00 - 2014-01-19 13:07 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-02-13 09:32 - 2014-02-12 22:38 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-02-13 08:04 - 2014-02-11 13:26 - 00000000 ____D () C:\Users\User\AppData\Local\Samsung
2014-02-13 08:04 - 2014-01-07 20:12 - 00000000 ____D () C:\ProgramData\Samsung
2014-02-13 08:04 - 2013-11-29 22:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\Samsung
2014-02-13 08:04 - 2013-11-29 22:53 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-02-13 08:04 - 2013-11-18 13:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-13 07:53 - 2014-02-12 17:08 - 00000000 ____D () C:\Program Files (x86)\CD Audio MP3 Converter
2014-02-13 06:31 - 2013-12-18 14:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 06:26 - 2009-07-14 03:34 - 00000478 _____ () C:\windows\win.ini
2014-02-12 23:21 - 2014-02-12 23:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\XMedia Recode
2014-02-12 22:43 - 2014-02-12 22:43 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-02-12 22:42 - 2014-02-12 22:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVS4YOU
2014-02-12 22:23 - 2014-02-12 22:23 - 00000000 ____D () C:\Program Files (x86)\Free MP3 Converter
2014-02-12 17:38 - 2013-11-18 14:02 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-12 17:37 - 2014-02-09 21:02 - 00000000 ____D () C:\Users\User\Desktop\Konverter
2014-02-12 17:19 - 2014-02-12 17:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003132 _____ () C:\windows\System32\Tasks\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003028 _____ () C:\windows\System32\Tasks\System Speedup_UPDATES
2014-02-12 17:18 - 2014-02-12 17:18 - 00002872 _____ () C:\windows\System32\Tasks\System Speedup_DEFAULT
2014-02-12 17:05 - 2014-01-19 14:18 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-02-12 17:04 - 2014-01-19 14:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\DVDVideoSoft
2014-02-12 08:02 - 2013-11-29 20:51 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-12 06:36 - 2014-01-18 21:09 - 01594432 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-11 19:58 - 2013-11-29 22:53 - 00000000 ____D () C:\Users\User\Documents\samsung
2014-02-11 19:33 - 2013-11-29 22:51 - 00000000 ____D () C:\Users\User\AppData\Local\Downloaded Installations
2014-02-11 19:33 - 2013-11-29 20:51 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-11 19:33 - 2013-11-18 14:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-02-11 19:33 - 2009-07-29 08:23 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-11 19:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-02-11 19:33 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2014-02-11 19:19 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-02-11 19:18 - 2014-02-09 21:04 - 00000000 ____D () C:\Users\User\Documents\OpenOffice 4.0.1 (de) Installation Files
2014-02-11 19:18 - 2014-02-09 21:04 - 00000000 ____D () C:\Users\User\Desktop\Drucker
2014-02-11 19:18 - 2014-02-09 21:02 - 00000000 ___RD () C:\Users\User\Desktop\Lenovo
2014-02-11 19:18 - 2014-02-09 21:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\FreeVideoConverter
2014-02-11 19:18 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\AppCompat
2014-02-11 13:26 - 2014-01-07 20:10 - 00000000 ____D () C:\Users\User\Documents\SelfMV
2014-02-11 12:47 - 2014-02-11 12:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nero
2014-02-11 10:10 - 2014-02-11 10:03 - 82702176 _____ (Nero AG) C:\Users\User\Downloads\Nero_BurningROM2014-15.0.04200_trial.exe
2014-02-07 16:33 - 2014-02-11 13:18 - 04659712 _____ (Dmitry Streblechenko) C:\windows\SysWOW64\Redemption.dll
2014-02-06 13:16 - 2014-02-12 06:32 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 06:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 06:32 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 06:32 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 06:32 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 06:32 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 06:32 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 06:32 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 06:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 06:32 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 06:32 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 06:32 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 06:32 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 06:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 06:32 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 06:32 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 06:32 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 06:32 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 06:32 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 06:32 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 06:32 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 06:32 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 06:32 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 06:32 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 06:32 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 06:32 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 06:32 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 06:32 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 06:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 06:32 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 06:32 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 06:32 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 06:32 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 06:32 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 06:32 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 06:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 06:32 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 06:32 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 06:32 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-05 23:16 - 2013-11-25 06:06 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 23:16 - 2013-11-25 06:06 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 23:16 - 2013-11-25 06:06 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-01-30 22:34 - 2014-01-30 22:34 - 01071000 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-01-23 18:31 - 2014-02-11 13:17 - 00821824 _____ (Devguru Co., Ltd.) C:\windows\SysWOW64\dgderapi.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00974848 _____ () C:\windows\SysWOW64\cis-2.4.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00569344 _____ ((c) MusicCity) C:\windows\SysWOW64\muzdecode.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00491520 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzapp.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00352256 _____ (Sample Corporation) C:\windows\SysWOW64\MSLUR71.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00258048 _____ ((c) PeeringPortal) C:\windows\SysWOW64\muzoggsp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00245760 _____ (Teruten Inc.) C:\windows\SysWOW64\MSCLib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00200704 _____ ( (c) MusicCity) C:\windows\SysWOW64\muzwmts.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00172032 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzapp.exe
2014-01-23 18:31 - 2014-01-23 18:31 - 00155648 _____ (Teruten Inc.) C:\windows\SysWOW64\MSFLib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00143360 _____ () C:\windows\SysWOW64\3DAudio.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00135168 _____ (Musiccity Co.Ltd.) C:\windows\SysWOW64\muzaf1.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00131072 _____ ((c) MusicCity) C:\windows\SysWOW64\muzmpgsp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00122880 _____ ((c) MUSICCITY) C:\windows\SysWOW64\muzeffect.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00118784 _____ ((주)마크애니) C:\windows\SysWOW64\MaDRM.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00110592 _____ ((c) MusicCity) C:\windows\SysWOW64\muzmp4sp.ax
2014-01-23 18:31 - 2014-01-23 18:31 - 00081920 _____ () C:\windows\SysWOW64\issacapi_bs-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00065536 _____ () C:\windows\SysWOW64\issacapi_pe-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ (Marktek) C:\windows\SysWOW64\MK_Lyric.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ (Marktek Inc.) C:\windows\SysWOW64\MTXSYNCICON.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00057344 _____ () C:\windows\SysWOW64\issacapi_se-2.3.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00049152 _____ ((주) 마크애니) C:\windows\SysWOW64\MaJGUILib.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045320 _____ (MARKANY) C:\windows\SysWOW64\MAMACExtract.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045056 _____ ((주) 마크애니) C:\windows\SysWOW64\MaXMLProto.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00045056 _____ ((주) 마크애니) C:\windows\SysWOW64\MACXMLProto.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00040960 _____ (Telechips Inc.,) C:\windows\SysWOW64\MTTELECHIP.dll
2014-01-23 18:31 - 2014-01-23 18:31 - 00024576 _____ ((주)마크애니) C:\windows\SysWOW64\MASetupCleaner.exe
2014-01-23 04:21 - 2014-02-11 14:49 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudmdm.sys
2014-01-23 04:21 - 2014-02-11 14:49 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudbus.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00188232 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdm.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00169288 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadbus.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00038080 _____ (Google Inc) C:\windows\system32\Drivers\ssadadb.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00021320 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdfl.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00017736 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadwhnt.sys
2014-01-23 04:20 - 2014-02-11 14:47 - 00017224 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadcmnt.sys
2014-01-22 21:26 - 2013-11-22 20:08 - 00022315 _____ () C:\windows\IE11_main.log
2014-01-22 20:26 - 2013-11-25 06:04 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-20 18:17
==================== End Of Log ============================
--- --- --- so, nun müßte ich alles scan´s durchlaufen haben...??? |
|
22.02.2014, 12:57
| #12 |
| /// the machine /// TB-Ausbilder | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.02.2014, 20:31
| #13 |
| | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Hallo Schrauber ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=daaa3729c962ba4f9cffd1c3ece4a3d0 # engine=17186 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-02-23 02:04:55 # local_time=2014-02-23 03:04:55 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 100 94 504250 144794145 0 0 # scanned=154006 # found=0 # cleaned=0 # scan_time=21002 Den SecurityCheck kann ich nicht auf dem Desktop speichern.... Es öffnet sich lediglich ein graues Fenster "SecurityCheck.exe. vom Tpy: Binary File Von: http: filepony... möchten Sie diese Datei speichern. Datei speichern oder abbrechen.... Beim ESET war es ähnlich konnte die Anwendung nur über den Download Ordner geöffnet und gestartet werden...??? Warum ist das so? Liegt es an einer Einstellung? Nächstes Problem: die Internetverbindung bricht alle paar Minuten ab, weil der Internetzugriff der hier aktuell über ein W-lan (im Krankenhaus/Netzwerk) eingestellt als Homenetz oder Arbeitsnetz- ständig zurückzwitscht in "Öffentliches" und dann abbricht??? Sorry für die vielen Fragen, aber irgendwie spinnt mein Laptop scheinbar in div. Stellen.... Code:
ATTFilter Results of screen317's Security Check version 0.99.79 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` AVG Internet Security 2014 Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 12.0.0.70 Flash Player out of Date! Adobe Reader XI Mozilla Firefox (27.0.1) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVG avgwdsvc.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 01
Ran by User (administrator) on USER-PC on 23-02-2014 18:25:00
Running from C:\Users\User\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9744800 2013-11-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5399456 2013-11-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2013-11-18] (Lenovo)
HKLM\...\Run: [InstallerLauncher] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2010-12-05] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [224352 2010-12-05] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [301568 2013-11-27] (Microsoft Corporation)
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.80.1 192.168.80.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\Extensions\trash [2014-01-19]
Chrome:
=======
CHR HomePage: chrome://newtab
CHR RestoreOnStartup: "hxxp://www.giga.de/software/"
CHR Extension: (No Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-29]
==================== Services (Whitelisted) =================
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-11-22] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2010-11-29] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
==================== Drivers (Whitelisted) ====================
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2013-11-22] (The OpenVPN Project)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [115328 2008-07-24] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 IAStorDataMgrSvc;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerServic;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SoftwareService;
U2 Stereo Service;
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-23 18:24 - 2014-02-23 18:24 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-02-23 18:17 - 2014-02-23 18:17 - 00987425 _____ () C:\Users\User\Downloads\SecurityCheck.exe
2014-02-20 22:55 - 2014-02-23 18:25 - 00012723 _____ () C:\Users\User\Downloads\FRST.txt
2014-02-20 22:19 - 2014-02-23 18:24 - 02155520 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-02-20 22:17 - 2014-02-20 22:17 - 00000000 ____D () C:\windows\ERUNT
2014-02-20 22:16 - 2014-02-20 22:16 - 01037734 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-02-20 21:48 - 2014-02-20 21:53 - 00000000 ____D () C:\AdwCleaner
2014-02-20 15:52 - 2014-02-20 15:52 - 01241834 _____ () C:\Users\User\Downloads\adwcleaner.exe
2014-02-20 15:49 - 2014-02-20 15:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-20 15:49 - 2014-02-20 15:49 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-20 15:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-02-17 21:45 - 2014-02-17 21:45 - 00000000 ____D () C:\Users\User\Documents\My Kindle Content
2014-02-17 21:44 - 2014-02-17 21:44 - 00002221 _____ () C:\Users\User\Desktop\Kindle.lnk
2014-02-17 21:44 - 2014-02-17 21:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-02-17 21:44 - 2014-02-17 21:44 - 00000000 ____D () C:\Users\User\AppData\Local\Amazon
2014-02-17 21:25 - 2014-02-17 21:32 - 38103832 _____ (Amazon.com) C:\Users\User\Downloads\KindleForPC-installer.exe
2014-02-17 16:31 - 2014-02-17 18:55 - 00000000 ___SD () C:\32788R22FWJFW
2014-02-17 16:00 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2014-02-17 16:00 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2014-02-17 16:00 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-02-17 16:00 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-02-17 16:00 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-02-17 16:00 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2014-02-17 16:00 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2014-02-17 16:00 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2014-02-17 15:59 - 2014-02-18 22:00 - 00000000 ___SD () C:\ComboFix
2014-02-17 15:59 - 2014-02-17 15:59 - 00000000 ____D () C:\windows\erdnt
2014-02-17 15:59 - 2014-02-17 15:59 - 00000000 ____D () C:\Qoobox
2014-02-16 12:41 - 2014-02-23 18:25 - 00000000 ____D () C:\FRST
2014-02-15 01:55 - 2014-02-17 21:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 13:17 - 2014-02-14 13:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-02-14 13:11 - 2014-02-14 13:11 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-13 09:46 - 2014-02-13 22:09 - 00000000 ____D () C:\Ulli
2014-02-12 23:21 - 2014-02-12 23:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\XMedia Recode
2014-02-12 22:43 - 2014-02-12 22:43 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-02-12 22:42 - 2014-02-12 22:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVS4YOU
2014-02-12 22:40 - 2010-05-11 14:17 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2014-02-12 22:38 - 2014-02-13 09:32 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-02-12 22:23 - 2014-02-12 22:23 - 00000000 ____D () C:\Program Files (x86)\Free MP3 Converter
2014-02-12 17:18 - 2014-02-23 15:01 - 00000282 _____ () C:\windows\Tasks\System Speedup_DEFAULT.job
2014-02-12 17:18 - 2014-02-19 17:18 - 00000290 _____ () C:\windows\Tasks\System Speedup_UPDATES.job
2014-02-12 17:18 - 2014-02-12 17:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003132 _____ () C:\windows\System32\Tasks\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003028 _____ () C:\windows\System32\Tasks\System Speedup_UPDATES
2014-02-12 17:18 - 2014-02-12 17:18 - 00002872 _____ () C:\windows\System32\Tasks\System Speedup_DEFAULT
2014-02-12 17:08 - 2014-02-13 07:53 - 00000000 ____D () C:\Program Files (x86)\CD Audio MP3 Converter
2014-02-12 17:08 - 2001-03-23 16:29 - 00880912 _____ (Microsoft Corporation) C:\windows\WM8EUTIL.exe
2014-02-12 06:40 - 2014-01-01 00:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-02-12 06:40 - 2014-01-01 00:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-02-12 06:40 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-12 06:40 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-02-12 06:40 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-12 06:40 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-02-12 06:39 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-12 06:39 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-02-12 06:39 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-02-12 06:39 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-12 06:39 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-02-12 06:39 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-02-12 06:39 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-02-12 06:39 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-02-12 06:39 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-02-12 06:39 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-02-12 06:39 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 06:39 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-02-12 06:39 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-12 06:39 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-02-12 06:39 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-02-12 06:39 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 06:39 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 06:39 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-12 06:39 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-12 06:34 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-12 06:34 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-12 06:32 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-12 06:32 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-12 06:32 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-12 06:32 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-12 06:32 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-12 06:32 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-12 06:32 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-12 06:32 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-12 06:32 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-12 06:32 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-12 06:32 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-12 06:32 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-12 06:32 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-12 06:32 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-12 06:32 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-12 06:32 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-12 06:32 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-12 06:32 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-12 06:32 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-12 06:32 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-12 06:32 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-12 06:32 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-12 06:32 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-12 06:32 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-12 06:32 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-12 06:32 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-12 06:32 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-12 06:32 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-12 06:32 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-12 06:32 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-12 06:32 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-12 06:32 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-12 06:32 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-12 06:32 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-12 06:32 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-12 06:32 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-12 06:32 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-12 06:32 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-12 06:32 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-11 14:49 - 2014-01-23 04:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudmdm.sys
2014-02-11 14:49 - 2014-01-23 04:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\windows\system32\Drivers\ssudbus.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00188232 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdm.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00169288 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadbus.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00038080 _____ (Google Inc) C:\windows\system32\Drivers\ssadadb.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00021320 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadmdfl.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00017736 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadwhnt.sys
2014-02-11 14:47 - 2014-01-23 04:20 - 00017224 _____ (MCCI Corporation) C:\windows\system32\Drivers\ssadcmnt.sys
2014-02-11 13:26 - 2014-02-13 08:04 - 00000000 ____D () C:\Users\User\AppData\Local\Samsung
2014-02-11 13:18 - 2014-02-07 16:33 - 04659712 _____ (Dmitry Streblechenko) C:\windows\SysWOW64\Redemption.dll
2014-02-11 13:17 - 2014-01-23 18:31 - 00821824 _____ (Devguru Co., Ltd.) C:\windows\SysWOW64\dgderapi.dll
2014-02-11 12:46 - 2014-02-11 12:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nero
2014-02-11 12:42 - 2014-02-13 22:25 - 00000000 ____D () C:\ProgramData\Nero
2014-02-11 10:03 - 2014-02-11 10:10 - 82702176 _____ (Nero AG) C:\Users\User\Downloads\Nero_BurningROM2014-15.0.04200_trial.exe
2014-02-09 21:04 - 2014-02-11 19:18 - 00000000 ____D () C:\Users\User\Documents\OpenOffice 4.0.1 (de) Installation Files
2014-02-09 21:04 - 2014-02-11 19:18 - 00000000 ____D () C:\Users\User\Desktop\Drucker
2014-02-09 21:02 - 2014-02-12 17:37 - 00000000 ____D () C:\Users\User\Desktop\Konverter
2014-02-09 21:02 - 2014-02-11 19:18 - 00000000 ___RD () C:\Users\User\Desktop\Lenovo
2014-02-09 21:01 - 2014-02-11 19:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\FreeVideoConverter
2014-01-30 22:34 - 2014-01-30 22:34 - 01071000 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
==================== One Month Modified Files and Folders =======
2014-02-23 18:25 - 2014-02-20 22:55 - 00012723 _____ () C:\Users\User\Downloads\FRST.txt
2014-02-23 18:25 - 2014-02-16 12:41 - 00000000 ____D () C:\FRST
2014-02-23 18:24 - 2014-02-23 18:24 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-02-23 18:24 - 2014-02-20 22:19 - 02155520 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-02-23 18:20 - 2013-12-20 22:18 - 00000000 ____D () C:\Users\User\Documents\Annabell
2014-02-23 18:17 - 2014-02-23 18:17 - 00987425 _____ () C:\Users\User\Downloads\SecurityCheck.exe
2014-02-23 18:16 - 2013-11-25 06:06 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-02-23 18:15 - 2014-01-19 13:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-23 17:55 - 2013-11-18 13:11 - 01484098 _____ () C:\windows\WindowsUpdate.log
2014-02-23 17:31 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-02-23 17:25 - 2013-11-18 20:26 - 00699552 _____ () C:\windows\system32\perfh007.dat
2014-02-23 17:25 - 2013-11-18 20:26 - 00149660 _____ () C:\windows\system32\perfc007.dat
2014-02-23 17:25 - 2009-07-14 06:13 - 01620152 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-23 17:23 - 2009-07-14 05:51 - 00090485 _____ () C:\windows\setupact.log
2014-02-23 15:01 - 2014-02-12 17:18 - 00000282 _____ () C:\windows\Tasks\System Speedup_DEFAULT.job
2014-02-23 08:57 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-22 23:18 - 2013-11-25 06:06 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 23:18 - 2013-11-25 06:06 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-22 23:18 - 2013-11-25 06:06 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-22 21:42 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-22 21:42 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-22 21:30 - 2013-11-18 13:59 - 00521245 _____ () C:\windows\system32\fastboot.set
2014-02-22 21:29 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-20 22:17 - 2014-02-20 22:17 - 00000000 ____D () C:\windows\ERUNT
2014-02-20 22:16 - 2014-02-20 22:16 - 01037734 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-02-20 21:53 - 2014-02-20 21:48 - 00000000 ____D () C:\AdwCleaner
2014-02-20 19:17 - 2013-11-22 19:59 - 00688354 _____ () C:\windows\PFRO.log
2014-02-20 17:59 - 2013-12-18 13:58 - 00000000 ____D () C:\Users\User\Downloads\Software
2014-02-20 15:52 - 2014-02-20 15:52 - 01241834 _____ () C:\Users\User\Downloads\adwcleaner.exe
2014-02-20 15:49 - 2014-02-20 15:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-20 15:49 - 2014-02-20 15:49 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-20 15:49 - 2014-02-20 15:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 17:18 - 2014-02-12 17:18 - 00000290 _____ () C:\windows\Tasks\System Speedup_UPDATES.job
2014-02-18 22:00 - 2014-02-17 15:59 - 00000000 ___SD () C:\ComboFix
2014-02-17 21:45 - 2014-02-17 21:45 - 00000000 ____D () C:\Users\User\Documents\My Kindle Content
2014-02-17 21:44 - 2014-02-17 21:44 - 00002221 _____ () C:\Users\User\Desktop\Kindle.lnk
2014-02-17 21:44 - 2014-02-17 21:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2014-02-17 21:44 - 2014-02-17 21:44 - 00000000 ____D () C:\Users\User\AppData\Local\Amazon
2014-02-17 21:32 - 2014-02-17 21:25 - 38103832 _____ (Amazon.com) C:\Users\User\Downloads\KindleForPC-installer.exe
2014-02-17 21:04 - 2014-02-15 01:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 18:55 - 2014-02-17 16:31 - 00000000 ___SD () C:\32788R22FWJFW
2014-02-17 15:59 - 2014-02-17 15:59 - 00000000 ____D () C:\windows\erdnt
2014-02-17 15:59 - 2014-02-17 15:59 - 00000000 ____D () C:\Qoobox
2014-02-16 23:18 - 2014-01-13 19:09 - 00000000 ____D () C:\Users\User\Documents\CyberLink
2014-02-16 02:36 - 2013-11-22 21:48 - 00000000 ____D () C:\windows\system32\MRT
2014-02-16 02:33 - 2013-11-22 21:48 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-15 18:51 - 2013-11-18 14:00 - 00002130 _____ () C:\Users\User\Desktop\OneKey Recovery.lnk
2014-02-15 07:39 - 2013-11-23 18:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-02-14 13:17 - 2014-02-14 13:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\WindSolutions
2014-02-14 13:11 - 2014-02-14 13:11 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-02-14 08:30 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2014-02-13 22:25 - 2014-02-11 12:42 - 00000000 ____D () C:\ProgramData\Nero
2014-02-13 22:09 - 2014-02-13 09:46 - 00000000 ____D () C:\Ulli
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-13 22:00 - 2014-02-13 22:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-13 22:00 - 2014-01-19 13:07 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-02-13 09:32 - 2014-02-12 22:38 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-02-13 08:04 - 2014-02-11 13:26 - 00000000 ____D () C:\Users\User\AppData\Local\Samsung
2014-02-13 08:04 - 2014-01-07 20:12 - 00000000 ____D () C:\ProgramData\Samsung
2014-02-13 08:04 - 2013-11-29 22:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\Samsung
2014-02-13 08:04 - 2013-11-29 22:53 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-02-13 08:04 - 2013-11-18 13:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-13 07:53 - 2014-02-12 17:08 - 00000000 ____D () C:\Program Files (x86)\CD Audio MP3 Converter
2014-02-13 06:31 - 2013-12-18 14:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 06:26 - 2009-07-14 03:34 - 00000478 _____ () C:\windows\win.ini
2014-02-12 23:21 - 2014-02-12 23:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\XMedia Recode
2014-02-12 22:43 - 2014-02-12 22:43 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-02-12 22:42 - 2014-02-12 22:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVS4YOU
2014-02-12 22:23 - 2014-02-12 22:23 - 00000000 ____D () C:\Program Files (x86)\Free MP3 Converter
2014-02-12 17:38 - 2013-11-18 14:02 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-12 17:37 - 2014-02-09 21:02 - 00000000 ____D () C:\Users\User\Desktop\Konverter
2014-02-12 17:19 - 2014-02-12 17:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003132 _____ () C:\windows\System32\Tasks\System Speedup
2014-02-12 17:18 - 2014-02-12 17:18 - 00003028 _____ () C:\windows\System32\Tasks\System Speedup_UPDATES
2014-02-12 17:18 - 2014-02-12 17:18 - 00002872 _____ () C:\windows\System32\Tasks\System Speedup_DEFAULT
2014-02-12 17:05 - 2014-01-19 14:18 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-02-12 17:04 - 2014-01-19 14:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\DVDVideoSoft
2014-02-12 08:02 - 2013-11-29 20:51 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-12 06:36 - 2014-01-18 21:09 - 01594432 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-11 19:58 - 2013-11-29 22:53 - 00000000 ____D () C:\Users\User\Documents\samsung
2014-02-11 19:33 - 2013-11-29 22:51 - 00000000 ____D () C:\Users\User\AppData\Local\Downloaded Installations
2014-02-11 19:33 - 2013-11-29 20:51 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-11 19:33 - 2013-11-18 14:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-02-11 19:33 - 2009-07-29 08:23 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-11 19:33 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-02-11 19:33 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2014-02-11 19:19 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-02-11 19:18 - 2014-02-09 21:04 - 00000000 ____D () C:\Users\User\Documents\OpenOffice 4.0.1 (de) Installation Files
2014-02-11 19:18 - 2014-02-09 21:04 - 00000000 ____D () C:\Users\User\Desktop\Drucker
2014-02-11 19:18 - 2014-02-09 21:02 - 00000000 ___RD () C:\Users\User\Desktop\Lenovo
2014-02-11 19:18 - 2014-02-09 21:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\FreeVideoConverter
2014-02-11 19:18 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\AppCompat
2014-02-11 13:26 - 2014-01-07 20:10 - 00000000 ____D () C:\Users\User\Documents\SelfMV
2014-02-11 12:47 - 2014-02-11 12:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\Nero
2014-02-11 10:10 - 2014-02-11 10:03 - 82702176 _____ (Nero AG) C:\Users\User\Downloads\Nero_BurningROM2014-15.0.04200_trial.exe
2014-02-07 16:33 - 2014-02-11 13:18 - 04659712 _____ (Dmitry Streblechenko) C:\windows\SysWOW64\Redemption.dll
2014-02-06 13:16 - 2014-02-12 06:32 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 06:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 06:32 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 06:32 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 06:32 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 06:32 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 06:32 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 06:32 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 06:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 06:32 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 06:32 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 06:32 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 06:32 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 06:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 06:32 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 06:32 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 06:32 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 06:32 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 06:32 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 06:32 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 06:32 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 06:32 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 06:32 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 06:32 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 06:32 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 06:32 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 06:32 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 06:32 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 06:32 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 06:32 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 06:32 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 06:32 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 06:32 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 06:32 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 06:32 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 06:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 06:32 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 06:32 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 06:32 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-01-30 22:34 - 2014-01-30 22:34 - 01071000 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-20 18:17
==================== End Of Log ============================
--- --- --- --- --- --- Nachdem ich nun selber ja mit den vielen Zeilen der Logs nichts anfangen kann, bin ich gespannt auf deine Bewertung.... Und vielleicht ein Typ für die Zukunft wie kann man solche Plagegeister auf Dauer verwehren?? Da sie ja trotz kostenloser wie auch bezahlter Antiviren etc. Software meinem Lap das Leben immer mal wieder erschweren.... Herzlichen DANK lG Annabell also langsam verzweifele ich: nun dauert der Seitenaufbau im Internet total lange, obwohl ich gerade sehr guten Empfang habe.... Sorry, aber gerade könnte ich den Läppi aus dem Fenster schmei xxx en... |
|
24.02.2014, 18:31
| #14 |
| /// the machine /// TB-Ausbilder | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Besteht das problem auch in einem anderen Netzwerk? zu Hause oder so?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.02.2014, 23:25
| #15 |
| | Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. Hallo Schrauber, das kann ich leider aktuell nicht beantworten, da ich seit 8 Wochen hier in einer Reha bin... hatte früher auch schon mal probleme, doch ich kann dir leider jetzt nicht sagen, ob es die "gleichen" waren...  Heute ist es wieder extrem schwer mit dem Seiten laden. Häufig dauert es zu lange und funktioniert dann wieder nicht... Manche Seiten lassen sich überhaupt nicht öffnen.... Lieben Gruß Annabell |
|
| Themen zu Bildschirm "friert" ein oder es öffnen sich ungewollt div. Fenster etc. |
| 64 bit, 64 bit system, andere, beachten, bildschirm, brauche, defogger, download, fenster, forum, friert, funktionier, funktioniert, laden, regeln, runter, system, ungewollt, versuche, öffnen |
WARNUNG an die MITLESER: 
Linear-Darstellung
