| |
| |||||||
Log-Analyse und Auswertung: Verdacht auf Virus ,werbung und Browser schließt sich alleineWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.02.2014, 20:01
| #1 |
 |  Verdacht auf Virus ,werbung und Browser schließt sich alleine Hallo zusammen, Ich hoffe ihr könnt mir helfen, ich habe folgendes Problem mir wird auf einmal Werbung im Browser angezeigt und er schließt sich von alleine. Und was mir noch sehr komisch vorkommt ist das wenn ich mich bei Yahoo Messenger abmelden will, werde ich gefragt ob ich mich überall abmelden möchte da ich auf mehreren Geräten online wäre was aber nicht so ist. Hier mal die Logdatei 21.02.2014 17:40:35 MBAM-log-2014-02-21 (18-29-01).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|J:\|W:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 456871 Laufzeit: 46 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 1 C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Savingsbull) -> 2100 -> Keine Aktion durchgeführt. Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 27 HKLM\SYSTEM\CurrentControlSet\Services\Level Quality Watcher (PUP.Optional.Savingsbull) -> Keine Aktion durchgeführt. HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Keine Aktion durchgeführt. HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Keine Aktion durchgeführt. HKCR\IESmartBar.BHO (PUP.Optional.QuickShare.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\loadtbs-3.0 (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} (PUP.Optional.WebSearchInfo) -> Keine Aktion durchgeführt. HKCU\Software\Datamngr (PUP.Optional.DataMngr.A) -> Keine Aktion durchgeführt. HKCU\Software\SavingsBull (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Keine Aktion durchgeführt. HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. HKCU\Software\AppDataLow\Software\Savings Bull (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. HKCU\Software\AppDataLow\Software\SavingsBull (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt. HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} (PUP.Optional.Iminent) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\SavingsbullFilter (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt. HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Optional.BrowseToSave.A) -> Keine Aktion durchgeführt. HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Optional.BrowseToSave.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 1 HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 1Y1I1L1J1OtG0XtF0V -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 3 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=0885e872-02c0-4126-9d64-dc0bfed4b93a&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=0885e872-02c0-4126-9d64-dc0bfed4b93a&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=0885e872-02c0-4126-9d64-dc0bfed4b93a&searchtype=ds&q={searchTerms}) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 14 C:\Users\User\AppData\Roaming\loadtbs (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\chrome@loadtubes.com (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\html (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\ProgramData\Browse2save (PUP.Optional.BrowseToSave.A) -> Keine Aktion durchgeführt. C:\ProgramData\Browse2save\data (PUP.Optional.BrowseToSave.A) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\OpenCandy\4A312AABD75A4E789CB19FF4EB019278 (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\OpenCandy\E949A5E6693D4C6E87AB439CA59DC26C (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\OpenCandy\OpenCandy_E949A5E6693D4C6E87AB439CA59DC26C (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\IminentToolbar (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. C:\Program Files\Level Quality Watcher\v1.01 (PUP.Optional.Adpeak) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Local\Wajam (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Local\Wajam\Chrome (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 127 C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (PUP.Optional.Savingsbull) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\IEOptimizer.dll (PUP.Optional.ScorpionSaver) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N1JXZARJ\Setup[1].exe (PUP.Optional.Melondrea.A) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\ytdl.exe (PUP.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\Desktop\Neuer Ordner\Anti-Malware.Pro.v1.75.0.1300.rar (Dont.Steal.Our.Software) -> Keine Aktion durchgeführt. C:\Users\User\Desktop\Neuer Ordner\Anti-Malware.Pro.v1.75.0.1300\Anti-Malware.Pro.v1.75.0.1300\Keygen-BRD\Keygen.exe (Dont.Steal.Our.Software) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\keyHash.txt (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\config.txt (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\domHash.txt (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\evHash.txt (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\license.txt (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\uninstall.exe (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\updateHash.txt (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.html (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.js (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\chrome@loadtubes.com\download.js (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\chrome@loadtubes.com\fire.js (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\chrome@loadtubes.com\manifest.json (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\html\dimensions.ini (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\html\install.html (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\html\license.txt (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\html\uninstall.html (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\loadtbs\html\uninstallComplete.html (PUP.Optional.LoadTubes) -> Keine Aktion durchgeführt. C:\ProgramData\Browse2save\50f9da4c0640d.tlb (PUP.Optional.BrowseToSave.A) -> Keine Aktion durchgeführt. C:\ProgramData\Browse2save\data\Browse2save.dat (PUP.Optional.BrowseToSave.A) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\OpenCandy\4A312AABD75A4E789CB19FF4EB019278\speedupmypcDE.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\OpenCandy\E949A5E6693D4C6E87AB439CA59DC26C\3709.ico (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\OpenCandy\E949A5E6693D4C6E87AB439CA59DC26C\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\OpenCandy\E949A5E6693D4C6E87AB439CA59DC26C\OCBrowserHelper_1.0.3.85.dll (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\OpenCandy\E949A5E6693D4C6E87AB439CA59DC26C\SnapDo.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\OpenCandy\E949A5E6693D4C6E87AB439CA59DC26C\SnapDo_ALL_p1v4.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Roaming\IminentToolbar\sqlite3.dll (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Local\Wajam\Chrome\wajam.crx (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\bootstrap.js.old (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\CustomActionInstall (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\CustomActionUninstall (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_addonkit_page-mod.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_addonkit_private-browsing.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_addonkit_request.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_addonkit_windows.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_addon_runner.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_api-utils.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_base64.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_byte-streams.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_collection.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_content.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_cortex.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_cuddlefish.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_deprecate.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_environment.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_errors.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_events.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_file.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_functional.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_globals.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_heritage.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_hidden-frame.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_light-traits.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_list.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_loader.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_match-pattern.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_memory.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_namespace.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_observer-service.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_plain-text-console.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_preferences-service.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_promise.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_querystring.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_runtime.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_sandbox.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_self.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_system.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_text-streams.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_timer.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_traceback.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_traits.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_unload.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_url.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_uuid.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_window-utils.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_xhr.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_xpcom.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_base_xul-app.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_bootstrap.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_content_content-proxy.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_content_content-worker.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_content_loader.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_content_symbiont.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_content_worker.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_dom_events.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_events_assembler.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_event_core.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_event_target.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_harness-options.json (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_icon.png (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_icon64.png (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_install.rdf (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_l10n_core.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_l10n_html.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_l10n_loader.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_l10n_locale.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_l10n_prefs.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_locales.json (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_main.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_main.js.old (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_prefs.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_privatebrowsing_utils.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_system_events.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_tabs_events.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_tabs_observer.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_tabs_tab.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_tabs_utils.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_traits_core.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_utils_data.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_utils_object.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_utils_registry.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_utils_thumbnail.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_windows_dom.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_windows_loader.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_windows_observer.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_windows_tabs.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\ff_window_utils.js (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\IEOptimizer64.dll (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.dll (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.xml (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\SavingsBull\SendJson.dll (PUP.Optional.SavingsBull.A) -> Keine Aktion durchgeführt. (Ende) Hoffe habe es richtig gemacht habe wirklich keine Ahnung  soll ich das alles löschen? |
|
21.02.2014, 20:26
| #2 |
| /// the machine /// TB-Ausbilder    | Verdacht auf Virus ,werbung und Browser schließt sich alleine hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
22.02.2014, 14:32
| #3 |
| | Verdacht auf Virus ,werbung und Browser schließt sich alleine frst.txt
__________________can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-02-2014 Ran by User (administrator) on USER-PC on 21-02-2014 20:35:09 Running from C:\Users\User\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums ==================== Processes (Whitelisted) ================= (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (Intel Corporation) C:\Windows\system32\IProsetMonitor.exe () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Abelssoft - Ascora GmbH) C:\Program Files (x86)\CryptBox\Abelssoft.CryptBox.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor) HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1737920 2014-02-09] (Bitdefender) HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-12-11] (LogMeIn, Inc.) HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-11] (Bitdefender) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-11] (Bitdefender) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-11] (Bitdefender) HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-11] (Bitdefender) HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-11] (Bitdefender) HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung) HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [CryptBox] - C:\Program Files (x86)\CryptBox\Abelssoft.CryptBox.exe [11777552 2013-08-14] (Abelssoft - Ascora GmbH) HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000 HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {1a6f5542-28f1-11e3-a6f9-bc0543032e9a} - E:\Startme.exe HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {3ae506ce-e3bf-11e1-922d-bc0543032e9a} - K:\Startme.exe HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {60ff99d2-1111-11e2-ab8f-bc0543032e9a} - E:\CTT-Startmenu.exe HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {6a3e3576-1114-11e2-8858-bc0543032e9a} - E:\CTT-Startmenu.exe HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {6a3e358d-1114-11e2-8858-bc0543032e9a} - L:\CTT-Startmenu.exe HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {78ccc8e2-0934-11e2-ae81-bc0543032e9a} - E:\LGAutoRun.exe HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {7c0f1419-93b3-11e2-94ce-bc0543032e9a} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {b222ac4a-af1b-11e1-b019-f80f41064d8e} - J:\pushinst.exe HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {f6975884-c52c-11e1-ae9e-bc0543032e9a} - L:\Set-up.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=0885e872-02c0-4126-9d64-dc0bfed4b93a&searchtype=ds&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: HKLM-x32 - (No Name) - {1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} - No File SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms} SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=0885e872-02c0-4126-9d64-dc0bfed4b93a&searchtype=ds&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=0885e872-02c0-4126-9d64-dc0bfed4b93a&searchtype=ds&q={searchTerms} SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms} SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.just-browse.info/?l=1&q={searchTerms} SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=96840A13-66B5-4B9A-BC15-21EC29980435&ref=toolbox&q={searchTerms} SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=0885e872-02c0-4126-9d64-dc0bfed4b93a&searchtype=ds&q={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=0885e872-02c0-4126-9d64-dc0bfed4b93a&searchtype=ds&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms} SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.just-browse.info/?l=1&q={searchTerms} SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=96840A13-66B5-4B9A-BC15-21EC29980435&ref=toolbox&q={searchTerms} BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender) BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\SYSTEM32\mscoree.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) BHO-x32: IEOptimizer - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SavingsBull\IEOptimizer.dll () BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender) BHO-x32: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SYSTEM32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - No Name - {1ce76c93-a797-4ca2-ab3c-f4a6cfba3440} - No File Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No File Hosts: 127.0.0.1 secure.tune-up.com Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{A8A31078-1F2A-4BB8-AAE2-8AE9F38E4D73}: [NameServer]192.168.0.1 Chrome: ======= CHR HomePage: hxxp://www.google.de/ CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\gcswf32.dll No File CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Extension: (ProxTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-01-20] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-05] CHR Extension: (Bitdefender Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2013-12-02] CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-01-25] CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-05] CHR Extension: (Blossom) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idjmedbobeakbopimfiicbonioiahhnd [2013-01-09] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06] CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-05] CHR HKCU\...\Chrome\Extension: [ofahndfepeaeelmhdkjiihmofnokhmik] - C:\Users\User\AppData\Local\CRE\ofahndfepeaeelmhdkjiihmofnokhmik.crx [2012-06-30] CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-02-11] CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\User\AppData\Local\Wajam\Chrome\wajam.crx [2012-06-14] CHR HKLM-x32\...\Chrome\Extension: [ofahndfepeaeelmhdkjiihmofnokhmik] - C:\Users\User\AppData\Local\CRE\ofahndfepeaeelmhdkjiihmofnokhmik.crx [2012-06-30] CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender) R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [710976 2014-01-27] () R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-01-20] (LogMeIn, Inc.) R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-01-20] (LogMeIn, Inc.) R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-12-11] (LogMeIn, Inc.) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe [68760 2008-12-27] (SiSoftware) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2014-02-09] (Bitdefender) ==================== Drivers (Whitelisted) ==================== S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2012-11-02] () R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-03] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-03] (BitDefender) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC) S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL) R0 CryptBox; C:\Windows\SysWow64\drivers\CryptBox.sys [221200 2013-08-14] (Abelssoft GmbH) S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows (R) Win 7 DDK provider) R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-22] (AVM GmbH) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-11-02] () R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-12-11] (LogMeIn, Inc.) S4 LMIRfsClientNP; No ImagePath R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.) S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2013-04-24] (LG Electronics Inc.) S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2013-04-24] (LG Electronics Inc.) S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2013-04-24] (LG Electronics Inc.) S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X] S3 clwvd; system32\DRIVERS\clwvd.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-21 20:35 - 2014-02-21 20:35 - 00017834 _____ () C:\Users\User\Downloads\FRST.txt 2014-02-21 20:34 - 2014-02-21 20:35 - 00000000 ____D () C:\FRST 2014-02-21 20:34 - 2014-02-21 20:34 - 02153984 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2014-02-21 18:41 - 2014-02-21 18:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-21 18:41 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-02-21 17:39 - 2014-02-21 17:39 - 00614816 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe 2014-02-21 16:22 - 2014-02-21 16:22 - 00000000 ____D () C:\Program Files (x86)\SavingsBull 2014-02-19 18:10 - 2014-02-19 18:10 - 00881368 _____ () C:\Windows\Minidump\021914-13868-01.dmp 2014-02-18 18:18 - 2014-02-21 09:36 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-02-18 18:18 - 2014-02-18 18:23 - 00000000 ____D () C:\Program Files (x86)\LogMeIn 2014-02-18 18:18 - 2014-02-18 18:18 - 00001024 _____ () C:\.rnd 2014-02-18 18:18 - 2014-02-18 18:18 - 00000000 ____D () C:\Users\User\AppData\Local\LogMeIn 2014-02-18 18:18 - 2014-01-20 13:35 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll 2014-02-18 18:18 - 2014-01-20 13:35 - 00092488 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll 2014-02-18 18:18 - 2014-01-20 13:35 - 00035656 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll 2014-02-18 18:18 - 2013-12-11 17:11 - 00072216 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys 2014-02-18 18:17 - 2014-02-18 18:17 - 25010176 _____ () C:\Users\User\Downloads\LogMeIn.msi 2014-02-18 17:48 - 2014-02-18 17:48 - 00003276 _____ () C:\Windows\System32\Tasks\{EFEF7E74-023B-4682-9D01-E24FB5029237} 2014-02-18 17:41 - 2014-02-18 17:41 - 01324328 _____ ( ) C:\Users\User\Downloads\VLCSetup_5.47.exe 2014-02-18 17:41 - 2014-02-18 17:41 - 00000000 ____D () C:\Program Files (x86)\Hobbyist Software 2014-02-18 16:57 - 2014-02-18 17:13 - 48321178 _____ () C:\Users\User\Downloads\10nelathtec3d.rar 2014-02-15 13:15 - 2014-02-21 18:37 - 00000373 _____ () C:\Users\User\cryptboxdrives.xml 2014-02-15 13:14 - 2014-02-15 13:15 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft 2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\Documents\My Safes 2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Abelssoft 2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Program Files (x86)\CryptBox 2014-02-15 13:14 - 2013-08-14 14:47 - 00221200 _____ (Abelssoft GmbH) C:\Windows\SysWOW64\Drivers\CryptBox.sys 2014-02-15 13:13 - 2014-02-15 13:13 - 31581840 _____ (Abelssoft ) C:\Users\User\Downloads\cryptbox310.exe 2014-02-15 11:48 - 2014-02-15 11:48 - 01650072 _____ () C:\Users\User\Downloads\BusyBox Pro 11.zip 2014-02-14 18:52 - 2014-02-14 18:55 - 00000000 ____D () C:\Program Files\SavingsbullFilter 2014-02-14 18:52 - 2014-02-14 18:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\systweak 2014-02-14 18:52 - 2013-12-13 17:53 - 00019544 _____ (System Speedup) C:\Windows\system32\roboot64.exe 2014-02-14 18:51 - 2014-02-14 18:51 - 00000000 ____D () C:\Program Files\Level Quality Watcher 2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\Users\User\AppData\Local\bdch 2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\ProgramData\bdch 2014-02-13 17:05 - 2014-01-23 04:21 - 00206080 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-02-13 17:05 - 2014-01-23 04:21 - 00108800 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\Windows\system32\Drivers\ssudbus.sys 2014-02-13 11:04 - 2014-02-13 11:04 - 00000022 _____ () C:\Windows\GPU-Z.INI 2014-02-13 11:03 - 2014-02-13 11:04 - 00000000 ____D () C:\Users\User\Documents\3DMark 2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\IsolatedStorage 2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\Futuremark 2014-02-13 11:01 - 2014-02-13 11:01 - 00000345 _____ () C:\Windows\DirectX.log 2014-02-13 11:01 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-02-13 11:01 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-02-13 11:01 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-02-13 11:01 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-02-13 11:01 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-02-13 11:00 - 2014-02-13 11:30 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-13 10:56 - 2014-02-13 10:59 - 1007522262 _____ () C:\Users\User\Downloads\3DMark-v1-2-250.zip 2014-02-12 13:33 - 2014-02-12 13:33 - 00003130 _____ () C:\Windows\System32\Tasks\{E1C1AB26-9304-455B-BDDD-44085F3E6938} 2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\UpdatusUser\Desktop\LGMobile Support Tool.lnk 2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\Gast\Desktop\LGMobile Support Tool.lnk 2014-02-12 13:23 - 2014-02-12 13:23 - 00000000 ____D () C:\Program Files (x86)\LG Electronics 2014-02-12 13:23 - 2013-06-28 11:45 - 00036352 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys 2014-02-12 13:23 - 2013-04-24 10:15 - 00034816 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64modem.sys 2014-02-12 13:23 - 2013-04-24 10:15 - 00028160 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64diag.sys 2014-02-12 13:23 - 2013-04-24 10:15 - 00017920 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64bus.sys 2014-02-12 13:22 - 2014-02-12 13:22 - 00000000 ____D () C:\LGP880 2014-02-12 13:20 - 2014-02-12 13:34 - 00000000 ____D () C:\ProgramData\LGMOBILEAX 2014-02-12 13:20 - 2014-02-12 13:33 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini 2014-02-12 13:20 - 2011-05-06 19:37 - 00655872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll 2014-02-12 13:20 - 2011-05-06 19:37 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll 2014-02-12 13:20 - 2011-05-06 19:37 - 00224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcm90.dll 2014-02-12 13:20 - 2006-04-30 14:33 - 00053248 _____ () C:\Windows\SysWOW64\CommonDL.dll 2014-02-12 13:20 - 2005-09-30 07:39 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll 2014-02-12 10:01 - 2014-02-12 10:01 - 00995769 _____ () C:\Users\User\Downloads\Odin_3.07.zip 2014-02-11 21:32 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-11 21:32 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-11 21:32 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-11 21:32 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-11 21:32 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-11 21:32 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-11 21:32 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-11 21:32 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-11 21:32 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-11 21:32 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-11 21:32 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-11 21:32 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-11 21:32 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-11 21:32 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-11 21:32 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-11 21:32 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-11 21:32 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-11 21:32 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-11 21:32 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-11 21:32 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-11 21:32 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-11 21:32 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-11 21:32 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-11 21:32 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-11 21:32 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-11 21:32 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-11 21:32 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-11 21:32 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-11 21:32 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-11 21:32 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-11 21:32 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-11 21:32 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-11 21:32 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-11 21:32 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-11 21:32 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-11 21:32 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-11 21:32 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-11 21:32 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-11 21:32 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-11 21:29 - 2014-02-11 21:31 - 00000000 ____D () C:\e46c74c125fa678d89a3a83d66 2014-02-11 21:28 - 2014-02-11 21:29 - 00000000 ____D () C:\6f32705bea4e48a3a39f3dfcee25969c 2014-02-11 21:28 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-11 21:28 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-02-11 21:27 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-02-11 21:27 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-11 21:27 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-02-11 21:27 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-02-11 21:26 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-11 21:26 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-02-11 21:26 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-02-11 21:26 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-02-11 21:24 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-02-11 21:24 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-02-11 21:23 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-02-11 21:23 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-02-11 21:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-02-11 21:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-02-11 21:23 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-11 21:23 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-02-11 21:23 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-02-11 21:23 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-02-11 21:23 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-11 21:23 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-02-11 21:23 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-02-11 21:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-11 21:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-11 21:23 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-02-11 21:23 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-11 21:23 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-02-11 21:23 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-11 21:23 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\Documents\Aiseesoft Studio 2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\AppData\Local\Aiseesoft Studio 2014-02-09 17:29 - 2014-02-09 17:29 - 00000000 ____D () C:\Program Files (x86)\Ashampoo 2014-02-09 17:28 - 2014-02-09 17:28 - 00614792 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Vollversion Ashampoo Burning Studio 2014 - CHIP-Downloader.exe 2014-01-30 22:05 - 2014-01-30 22:05 - 00000000 ____D () C:\ProgramData\DriverGenius 2014-01-30 22:05 - 2014-01-30 22:05 - 00000000 ____D () C:\Program Files (x86)\Driver-Soft 2014-01-30 21:15 - 2014-01-30 21:26 - 00004096 _____ () C:\Users\Public\Documents\00001AEC.LCS 2014-01-30 21:15 - 2014-01-30 21:24 - 00003652 _____ () C:\Windows\System32\Tasks\TWIN 7 Live-Update 2014-01-30 21:15 - 2014-01-30 21:24 - 00003602 _____ () C:\Windows\System32\Tasks\TWIN 7 1-Klick-Optimierung 2014-01-30 21:14 - 2014-01-30 21:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\ProtectDisc 2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla 2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla 2014-01-29 10:33 - 2014-01-29 10:39 - 00000000 ____D () C:\Windows\pss ==================== One Month Modified Files and Folders ======= 2014-02-21 20:35 - 2014-02-21 20:35 - 00017834 _____ () C:\Users\User\Downloads\FRST.txt 2014-02-21 20:35 - 2014-02-21 20:34 - 00000000 ____D () C:\FRST 2014-02-21 20:34 - 2014-02-21 20:34 - 02153984 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2014-02-21 20:29 - 2013-10-06 21:17 - 00000000 ____D () C:\Users\User\Desktop\Neuer Ordner 2014-02-21 18:47 - 2012-06-05 12:00 - 02085492 _____ () C:\Windows\WindowsUpdate.log 2014-02-21 18:47 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-21 18:47 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-21 18:45 - 2013-04-29 21:26 - 00000000 ____D () C:\Users\User\Desktop\software 2014-02-21 18:44 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2014-02-21 18:44 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2014-02-21 18:44 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-21 18:41 - 2014-02-21 18:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-21 18:39 - 2013-05-19 11:57 - 00050973 _____ () C:\Windows\setupact.log 2014-02-21 18:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-21 18:37 - 2014-02-15 13:15 - 00000373 _____ () C:\Users\User\cryptboxdrives.xml 2014-02-21 18:36 - 2012-06-14 09:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-21 18:36 - 2012-06-14 09:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-21 17:48 - 2012-06-05 16:16 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2014-02-21 17:39 - 2014-02-21 17:39 - 00614816 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe 2014-02-21 16:36 - 2012-06-14 09:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-21 16:22 - 2014-02-21 16:22 - 00000000 ____D () C:\Program Files (x86)\SavingsBull 2014-02-21 09:36 - 2014-02-18 18:18 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-02-20 17:01 - 2012-12-12 11:54 - 00000000 ____D () C:\Users\User\Documents\Neuer Ordner 2014-02-19 18:10 - 2014-02-19 18:10 - 00881368 _____ () C:\Windows\Minidump\021914-13868-01.dmp 2014-02-19 18:10 - 2013-09-14 21:56 - 615492071 _____ () C:\Windows\MEMORY.DMP 2014-02-19 18:10 - 2013-06-29 10:35 - 00891726 _____ () C:\Windows\PFRO.log 2014-02-19 17:44 - 2012-06-09 09:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc 2014-02-19 11:24 - 2013-11-06 09:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-19 10:54 - 2012-07-07 07:25 - 00000000 ___RD () C:\Users\User\Dropbox 2014-02-19 10:54 - 2012-07-07 07:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox 2014-02-18 18:23 - 2014-02-18 18:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn 2014-02-18 18:18 - 2014-02-18 18:18 - 00001024 _____ () C:\.rnd 2014-02-18 18:18 - 2014-02-18 18:18 - 00000000 ____D () C:\Users\User\AppData\Local\LogMeIn 2014-02-18 18:17 - 2014-02-18 18:17 - 25010176 _____ () C:\Users\User\Downloads\LogMeIn.msi 2014-02-18 17:48 - 2014-02-18 17:48 - 00003276 _____ () C:\Windows\System32\Tasks\{EFEF7E74-023B-4682-9D01-E24FB5029237} 2014-02-18 17:41 - 2014-02-18 17:41 - 01324328 _____ ( ) C:\Users\User\Downloads\VLCSetup_5.47.exe 2014-02-18 17:41 - 2014-02-18 17:41 - 00000000 ____D () C:\Program Files (x86)\Hobbyist Software 2014-02-18 17:13 - 2014-02-18 16:57 - 48321178 _____ () C:\Users\User\Downloads\10nelathtec3d.rar 2014-02-18 16:48 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-18 10:41 - 2013-02-19 13:14 - 00000000 ____D () C:\Users\User\Downloads\handy 2014-02-15 13:15 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft 2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\Documents\My Safes 2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Abelssoft 2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Program Files (x86)\CryptBox 2014-02-15 13:13 - 2014-02-15 13:13 - 31581840 _____ (Abelssoft ) C:\Users\User\Downloads\cryptbox310.exe 2014-02-15 11:48 - 2014-02-15 11:48 - 01650072 _____ () C:\Users\User\Downloads\BusyBox Pro 11.zip 2014-02-14 18:55 - 2014-02-14 18:52 - 00000000 ____D () C:\Program Files\SavingsbullFilter 2014-02-14 18:53 - 2014-02-14 18:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\systweak 2014-02-14 18:51 - 2014-02-14 18:51 - 00000000 ____D () C:\Program Files\Level Quality Watcher 2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\Users\User\AppData\Local\bdch 2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\ProgramData\bdch 2014-02-13 11:30 - 2014-02-13 11:00 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-13 11:04 - 2014-02-13 11:04 - 00000022 _____ () C:\Windows\GPU-Z.INI 2014-02-13 11:04 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\Documents\3DMark 2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\IsolatedStorage 2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\Futuremark 2014-02-13 11:01 - 2014-02-13 11:01 - 00000345 _____ () C:\Windows\DirectX.log 2014-02-13 10:59 - 2014-02-13 10:56 - 1007522262 _____ () C:\Users\User\Downloads\3DMark-v1-2-250.zip 2014-02-12 17:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-02-12 13:36 - 2013-08-26 09:15 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps 2014-02-12 13:34 - 2014-02-12 13:20 - 00000000 ____D () C:\ProgramData\LGMOBILEAX 2014-02-12 13:33 - 2014-02-12 13:33 - 00003130 _____ () C:\Windows\System32\Tasks\{E1C1AB26-9304-455B-BDDD-44085F3E6938} 2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\UpdatusUser\Desktop\LGMobile Support Tool.lnk 2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\Gast\Desktop\LGMobile Support Tool.lnk 2014-02-12 13:33 - 2014-02-12 13:20 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini 2014-02-12 13:23 - 2014-02-12 13:23 - 00000000 ____D () C:\Program Files (x86)\LG Electronics 2014-02-12 13:23 - 2012-06-05 14:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-02-12 13:22 - 2014-02-12 13:22 - 00000000 ____D () C:\LGP880 2014-02-12 10:01 - 2014-02-12 10:01 - 00995769 _____ () C:\Users\User\Downloads\Odin_3.07.zip 2014-02-11 21:32 - 2013-07-10 17:02 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-11 21:31 - 2014-02-11 21:29 - 00000000 ____D () C:\e46c74c125fa678d89a3a83d66 2014-02-11 21:31 - 2012-07-04 05:39 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-11 21:29 - 2014-02-11 21:28 - 00000000 ____D () C:\6f32705bea4e48a3a39f3dfcee25969c 2014-02-11 21:29 - 2012-06-05 16:19 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\Documents\Aiseesoft Studio 2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\AppData\Local\Aiseesoft Studio 2014-02-09 19:36 - 2012-06-14 09:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-09 17:30 - 2012-10-03 07:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ashampoo 2014-02-09 17:29 - 2014-02-09 17:29 - 00000000 ____D () C:\Program Files (x86)\Ashampoo 2014-02-09 17:29 - 2012-10-03 07:37 - 00000000 ____D () C:\ProgramData\ashampoo 2014-02-09 17:28 - 2014-02-09 17:28 - 00614792 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Vollversion Ashampoo Burning Studio 2014 - CHIP-Downloader.exe 2014-02-09 17:07 - 2013-04-16 19:52 - 00000000 ____D () C:\Users\Gast 2014-02-09 17:07 - 2012-06-23 22:36 - 00000000 ____D () C:\Windows\system32\Macromed 2014-02-09 17:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-02-09 17:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-02-09 16:56 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-02-08 22:38 - 2013-10-23 13:00 - 00000000 ____D () C:\Users\User\AppData\Local\DVD Profiler 2014-02-06 13:16 - 2014-02-11 21:32 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-06 12:30 - 2014-02-11 21:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-06 12:30 - 2014-02-11 21:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-06 12:12 - 2014-02-11 21:32 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-06 12:07 - 2014-02-11 21:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-06 12:06 - 2014-02-11 21:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-06 11:57 - 2014-02-11 21:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-06 11:56 - 2014-02-11 21:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-06 11:52 - 2014-02-11 21:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-06 11:49 - 2014-02-11 21:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-06 11:48 - 2014-02-11 21:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-06 11:48 - 2014-02-11 21:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-06 11:38 - 2014-02-11 21:32 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-06 11:32 - 2014-02-11 21:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-06 11:20 - 2014-02-11 21:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-06 11:17 - 2014-02-11 21:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-06 11:11 - 2014-02-11 21:32 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-06 11:01 - 2014-02-11 21:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-06 11:00 - 2014-02-11 21:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-06 10:57 - 2014-02-11 21:32 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-06 10:57 - 2014-02-11 21:32 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-06 10:52 - 2014-02-11 21:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-06 10:52 - 2014-02-11 21:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-06 10:50 - 2014-02-11 21:32 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-06 10:49 - 2014-02-11 21:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-06 10:47 - 2014-02-11 21:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-06 10:46 - 2014-02-11 21:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-06 10:25 - 2014-02-11 21:32 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-06 10:25 - 2014-02-11 21:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-06 10:24 - 2014-02-11 21:32 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-06 10:22 - 2014-02-11 21:32 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-06 10:13 - 2014-02-11 21:32 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-06 10:09 - 2014-02-11 21:32 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-06 10:03 - 2014-02-11 21:32 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-06 09:55 - 2014-02-11 21:32 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-06 09:41 - 2014-02-11 21:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-06 09:40 - 2014-02-11 21:32 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-06 09:36 - 2014-02-11 21:32 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-06 09:34 - 2014-02-11 21:32 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-05 21:10 - 2013-08-24 11:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\.oit 2014-02-05 21:09 - 2013-08-24 11:29 - 00000000 ____D () C:\Program Files (x86)\Kroll Ontrack 2014-02-03 12:28 - 2013-12-02 14:39 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys 2014-02-03 12:28 - 2013-12-02 14:39 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys 2014-02-03 10:20 - 2013-04-26 07:17 - 00000000 ____D () C:\Users\User\Downloads\boerse-bz 2014-01-31 11:46 - 2012-06-05 15:58 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000UA.job 2014-01-31 11:46 - 2012-06-05 15:58 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000Core.job 2014-01-30 22:05 - 2014-01-30 22:05 - 00000000 ____D () C:\ProgramData\DriverGenius 2014-01-30 22:05 - 2014-01-30 22:05 - 00000000 ____D () C:\Program Files (x86)\Driver-Soft 2014-01-30 21:58 - 2012-06-05 15:58 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000UA 2014-01-30 21:58 - 2012-06-05 15:58 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000Core 2014-01-30 21:26 - 2014-01-30 21:15 - 00004096 _____ () C:\Users\Public\Documents\00001AEC.LCS 2014-01-30 21:26 - 2014-01-30 21:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\ProtectDisc 2014-01-30 21:24 - 2014-01-30 21:15 - 00003652 _____ () C:\Windows\System32\Tasks\TWIN 7 Live-Update 2014-01-30 21:24 - 2014-01-30 21:15 - 00003602 _____ () C:\Windows\System32\Tasks\TWIN 7 1-Klick-Optimierung 2014-01-30 21:11 - 2012-11-16 23:56 - 00000000 ____D () C:\Users\User\AppData\Local\Downloaded Installations 2014-01-30 21:11 - 2012-06-11 09:48 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2014-01-30 20:54 - 2012-06-05 15:00 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla 2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla 2014-01-29 18:05 - 2013-04-16 19:52 - 00001421 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-29 10:39 - 2014-01-29 10:33 - 00000000 ____D () C:\Windows\pss 2014-01-29 10:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-01-24 10:29 - 2012-12-13 11:37 - 00000000 ____D () C:\Users\User\Downloads\tattoo 2014-01-23 04:21 - 2014-02-13 17:05 - 00206080 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-01-23 04:21 - 2014-02-13 17:05 - 00108800 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\Windows\system32\Drivers\ssudbus.sys ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-19 09:52 ==================== End Of Log ============================ addition.FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-02-2014
Ran by User at 2014-02-21 20:35:35
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Ashampoo Burning Studio 2014 v.12.0.5 (x32 Version: 12.0.5 - Ashampoo GmbH & Co. KG)
AVM FRITZ!WLAN (x32 Version: - AVM Berlin)
Bitdefender Internet Security (Version: 17.23.0.996 - Bitdefender)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Carbon (x32 Version: 1.0.0 - ClockworkMod)
CryptBox (x32 Version: 1.2 - Abelssoft GmbH)
DivX-Setup (x32 Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
DVD Profiler Version 3.8.2 (x32 Version: - )
Eraser 6.0.8.2273 (Version: 6.0.2273 - The Eraser Project)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.32.0 - MAGIX AG)
Free YouTube to MP3 Converter version 3.12.20.1230 (x32 Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Google Chrome (HKCU Version: 32.0.1700.102 - Google Inc.)
Google Earth (x32 Version: 6.2.2.6613 - Google)
HP Officejet J4500 Series (Version: 13.0 - HP)
Intel(R) Network Connections 15.6.25.0 (Version: 15.6.25.0 - Intel)
Intel(R) Network Connections 15.6.25.0 (Version: 15.6.25.0 - Intel) Hidden
J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
JAP (x32 Version: 00.19.001 - JAP-Team)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (x32 Version: 7.0.50 - Oracle)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
LG United Mobile Driver (x32 Version: 3.10.1.0 - LG Electronics)
loadtbs-3.0 (x32 Version: - )
LogMeIn (x32 Version: 4.1.4132 - LogMeIn, Inc.)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Version: 13.0.0.30 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (x32 Version: 13.0.0.30 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
My Lockbox 2.9.6 (Version: 2.9.6 - )
MyFreeCodec (HKCU Version: - )
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (Version: 6.14.12.5933 - NVIDIA Corporation)
NVIDIA Drivers (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0224 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4 (x32 Version: 3.4.9590 - OpenOffice.org)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKCU Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (x32 Version: - Punk Software)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Mobile phone USB driver Drive Software (Version: - )
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
SavingsBull (x32 Version: 1.0.0.0 - SavingsBull) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Security Task Manager 1.8g (x32 Version: 1.8g - Neuber Software)
SiSoftware Sandra Lite 2013.SP1 (Version: 19.23.2013.1 - SiSoftware)
Slepper 0.2 (x32 Version: 1.0.0 - Volker Sundrum)
Summer Time Sexy Windows 7 Theme (x32 Version: 1.0.0 - Winozoic)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Uncompressor (HKCU Version: - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (x32 Version: 2.0.1 - VideoLAN)
VLC Setup Helper (x32 Version: - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinRAR 4.11 (32-Bit) (x32 Version: 4.11.0 - win.rar GmbH)
Yahoo! Messenger (x32 Version: - Yahoo! Inc.)
Yahoo! Toolbar (x32 Version: - )
==================== Restore Points =========================
13-02-2014 10:00:43 3DMark
13-02-2014 10:01:22 DirectX wurde installiert
13-02-2014 10:29:46 3DMark
14-02-2014 17:53:31 Removed Futuremark SystemInfo
14-02-2014 17:55:18 Removed SavingsbullFilter
18-02-2014 17:18:00 Installed LogMeIn
==================== Hosts content: ==========================
2011-10-14 15:53 - 2011-10-14 15:53 - 00000030 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 secure.tune-up.com
==================== Scheduled Tasks (whitelisted) =============
Task: {02030A6D-88A1-4C43-BF4C-22D5CAD26EFD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-09-05] (Adobe Systems Incorporated)
Task: {10D0CDE9-F0CC-4321-9D28-B137475DE49A} - System32\Tasks\TWIN 7 Live-Update => C:\Program Files (x86)\DATA BECKER\TWIN7 2.0\TvDlgSheduler.exe
Task: {4A757F8D-A733-4280-A710-E7979EB286E6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-05] (Google Inc.)
Task: {7AACDEFD-A57A-4059-A3D6-00EA440D703B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {7DA442AC-D420-4E6D-8D74-5C714E2AE7DF} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {9ACFBCAE-4622-4E55-9133-934F0C8845CB} - System32\Tasks\Google Updater and Installer => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-05] (Google Inc.)
Task: {A5049BE1-F984-4DAC-82AC-B1E9258F350C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-05] (Google Inc.)
Task: {C75740E3-EE0C-4CD8-9765-7DF7D4D1478F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CE11C006-5352-4FB4-8DE6-8D6392D6C9F6} - System32\Tasks\{12427BEF-F981-4EA4-A6C2-D984D069F648} => Chrome.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {F4C936F7-CDDB-4205-8C58-40B15C1FC1B4} - System32\Tasks\TWIN 7 1-Klick-Optimierung => C:\Program Files (x86)\DATA BECKER\TWIN7 2.0\TvDlgSheduler.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000UA.job => ?
==================== Loaded Modules (whitelisted) =============
2013-12-02 14:40 - 2013-06-19 11:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2013-12-02 14:40 - 2013-11-28 12:49 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2013-12-02 14:40 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2013-12-02 14:40 - 2013-11-28 12:49 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-01-30 14:46 - 2014-01-30 14:46 - 00769256 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00035_010\ashttpbr.mdl
2014-01-30 14:46 - 2014-01-30 14:46 - 00567352 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00035_010\ashttpdsp.mdl
2014-01-30 14:46 - 2014-01-30 14:46 - 02585688 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00035_010\ashttpph.mdl
2014-01-30 14:46 - 2014-01-30 14:46 - 01313096 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00035_010\ashttprbl.mdl
2012-11-18 10:01 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-27 21:45 - 2014-01-27 21:45 - 00710976 _____ () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
2012-06-06 10:17 - 2012-02-17 19:55 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-07-27 12:02 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2012-07-27 12:02 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2013-12-02 14:39 - 2013-06-19 11:44 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2014-02-15 13:14 - 2013-08-14 14:47 - 00008704 _____ () C:\Program Files (x86)\CryptBox\AbProcessManager.dll
2014-02-15 13:14 - 2013-08-14 14:44 - 00557056 _____ () C:\Program Files (x86)\CryptBox\SkinProject8.dll
2014-02-15 13:14 - 2013-08-14 14:44 - 00548864 _____ () C:\Program Files (x86)\CryptBox\SkinProject4.dll
2014-02-15 13:14 - 2013-08-14 14:47 - 00004096 _____ () C:\Program Files (x86)\CryptBox\Abelssoft.Info.dll
2014-02-15 13:14 - 2013-08-14 14:47 - 00054272 _____ () C:\Program Files (x86)\CryptBox\Vista Api.dll
2014-02-15 13:14 - 2013-08-14 14:47 - 00009728 _____ () C:\Program Files (x86)\CryptBox\AbMessages.dll
2014-01-29 16:57 - 2014-01-23 06:56 - 00715544 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-29 16:57 - 2014-01-23 06:56 - 00100120 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-29 16:57 - 2014-01-23 06:56 - 04055320 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-29 16:57 - 2014-01-23 06:57 - 00399640 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-29 16:57 - 2014-01-23 06:55 - 01634584 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
2014-01-03 11:07 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-01-29 16:57 - 2014-01-23 06:56 - 13615896 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:B1FBBD09
AlternateDataStreams: C:\Users\User\Downloads\cryptbox310.exe:BDU
AlternateDataStreams: C:\Users\User\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\User\Downloads\JonDoFox28.paf.exe:BDU
AlternateDataStreams: C:\Users\User\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe:BDU
AlternateDataStreams: C:\Users\User\Downloads\VLCSetup_5.47.exe:BDU
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/21/2014 06:43:01 PM) (Source: Application Hang) (User: )
Description: Programm mbam.exe, Version 1.75.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 10b0
Startzeit: 01cf2f2c4f251ba6
Endzeit: 4
Anwendungspfad: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
Berichts-ID: 9ab361b9-9b1f-11e3-bfb2-bc0543032e9a
Error: (02/21/2014 05:07:49 PM) (Source: Application Hang) (User: )
Description: Programm YahooMessenger.exe, Version 11.5.0.228 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f34
Startzeit: 01cf2f0d95c061f9
Endzeit: 5
Anwendungspfad: C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
Berichts-ID: 4cfe562f-9b12-11e3-997c-bc0543032e9a
Error: (02/21/2014 04:23:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514, Zeitstempel: 0x4ce792c4
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000efc6
ID des fehlerhaften Prozesses: 0x32a0
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3
Error: (02/20/2014 06:30:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/19/2014 09:53:37 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/17/2014 00:51:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (02/16/2014 07:28:24 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "N:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (02/14/2014 06:55:43 PM) (Source: Microsoft-Windows-RestartManager) (User: User-PC)
Description: Die Anwendung oder der Dienst "SavingsbullFilterService64" konnte nicht neu gestartet werden.
Error: (02/14/2014 06:52:22 PM) (Source: SavingsbullFilterService64) (User: )
Description: SavingsbullFilterService64Service installed successfully
failed with 0
Error: (02/14/2014 05:39:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
System errors:
=============
Error: (02/21/2014 06:42:46 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ!NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{E8B41C22-0E76-4824-AB21-6689AE958576}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/21/2014 06:42:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (02/21/2014 06:42:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (02/21/2014 06:40:05 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (02/21/2014 06:39:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (02/21/2014 06:39:43 PM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.
Error: (02/21/2014 06:38:46 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (02/21/2014 09:39:14 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ!NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{E8B41C22-0E76-4824-AB21-6689AE958576}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/21/2014 09:38:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (02/21/2014 09:38:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Error: (02/21/2014 06:43:01 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.110b001cf2f2c4f251ba64C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe9ab361b9-9b1f-11e3-bfb2-bc0543032e9a
Error: (02/21/2014 05:07:49 PM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.5.0.228f3401cf2f0d95c061f95C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe4cfe562f-9b12-11e3-997c-bc0543032e9a
Error: (02/21/2014 04:23:01 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.7601.175144ce792c4ole32.dll6.1.7601.175144ce7b96fc00000050000efc632a001cf2f18cdd269f5c:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\ole32.dll0c743d86-9b0c-11e3-997c-bc0543032e9a
Error: (02/20/2014 06:30:26 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (02/19/2014 09:53:37 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (02/17/2014 00:51:31 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (02/16/2014 07:28:24 PM) (Source: Windows Backup)(User: )
Description: N:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (02/14/2014 06:55:43 PM) (Source: Microsoft-Windows-RestartManager)(User: User-PC)
Description: 0SavingsbullFilterService64.exeSavingsbullFilterService6403026217852480
Error: (02/14/2014 06:52:22 PM) (Source: SavingsbullFilterService64)(User: )
Description: SavingsbullFilterService64Service installed successfully
failed with 0
Error: (02/14/2014 05:39:04 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
CodeIntegrity Errors:
===================================
Date: 2013-09-27 15:11:26.736
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-27 15:11:26.734
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-27 15:11:26.732
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-27 15:11:26.706
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-27 15:11:26.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-27 15:11:26.702
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-02-19 10:01:34.642
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-19 10:01:34.620
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-19 10:01:31.531
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-19 10:01:31.509
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 6126.59 MB
Available physical RAM: 3575.77 MB
Total Pagefile: 12251.37 MB
Available Pagefile: 9160.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.55 GB) (Free:243 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive j: (Western Digital) (Fixed) (Total:407.74 GB) (Free:78.46 GB) NTFS
Drive w: () (Fixed) (Total:48.22 GB) (Free:31.26 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3452876E)
Partition 1: (Active) - (Size=476 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=408 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=48 GB) - (Type=OF Extended)
==================== End Of Log ============================
Heute morgen war es so das ich den PC nicht mehr hochfahren konnte,und Systemwiederherstellung geht nicht! kann mir niemand sagen was ich machen kann? |
|
23.02.2014, 11:27
| #4 |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus ,werbung und Browser schließt sich alleine So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Funde von MBAM löschen lassen. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.02.2014, 13:17
| #5 |
| | Verdacht auf Virus ,werbung und Browser schließt sich alleineCode:
ATTFilter AdwCleaner v3.019 - Bericht erstellt am 23/02/2014 um 12:32:07
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : User - USER-PC
# Gestartet von : C:\Users\User\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : Application Updater
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Browse2Save
Ordner Gelöscht : C:\ProgramData\clsoft ltd
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\Application Updater
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\driver-soft
Ordner Gelöscht : C:\Program Files (x86)\IObit Apps Toolbar
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
Ordner Gelöscht : C:\Users\User\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\User\AppData\Local\Slick Savings
Ordner Gelöscht : C:\Users\User\AppData\Local\vghd
Ordner Gelöscht : C:\Users\User\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\IminentToolbar
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\Search Settings
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\GIGA_Deutsch
Ordner Gelöscht : C:\Users\User\AppData\Roaming\IminentToolbar
Ordner Gelöscht : C:\Users\User\AppData\Roaming\loadtbs
Ordner Gelöscht : C:\Users\User\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\User\AppData\Roaming\SendSpace
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\npe0a5at.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\adsremoval@adsremoval.net
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\npe0a5at.default\Extensions\adsremoval@adsremoval.net
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\hxxps-everywhere@eff.org
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{45d8ff86-d909-11db-9705-005056c00008}
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\npe0a5at.default\Extensions\savingsslider@mybrowserbar.com
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Uninstall.exe
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\StartWeb.xml
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\user.js
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\npe0a5at.default\user.js
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4A1D7487-9A11-4E1F-8215-F14C94CCC7FF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AEFA030-7CE4-4576-A687-5E54CFC128D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5D20538-80B2-4ED3-BA69-57A35A29A53E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1CE76C93-A797-4CA2-AB3C-F4A6CFBA3440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1CE76C93-A797-4CA2-AB3C-F4A6CFBA3440}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\GIGA_Deutsch
Schlüssel Gelöscht : HKLM\Software\Application Updater
Schlüssel Gelöscht : HKLM\Software\caphyon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\GIGA_Deutsch
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Uncompressor
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DataMngr
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v17.0.9 (de)
[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\prefs.js ]
Zeile gelöscht : user_pref("pttl.menu-search-groups-tab", false);
Zeile gelöscht : user_pref("pttl.menu-search-groups-win", false);
[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\npe0a5at.default\prefs.js ]
Zeile gelöscht : user_pref("iminent.enabledAds", "false");
-\\ Google Chrome v
[ Datei : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [26162 octets] - [23/02/2014 12:30:42]
AdwCleaner[S0].txt - [23901 octets] - [23/02/2014 12:32:07]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23962 octets] ##########
Code:
ATTFilter Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by User on 23.02.2014 at 12:38:35,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\datamngr"
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{00692F12-4AC2-4E32-8DFA-EB4015FD0835}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0082C20D-1315-4FE3-835F-C21B2FDA7ED0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0190CAC3-D811-456A-9321-2B90C2ADDA0A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{01B9E21F-8B52-4196-A74B-18776EBB6309}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0299B168-3433-4B1D-8E16-BFC60556CEDD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{02E7759E-35B4-4B19-B4DD-6CAC9FD4FE2B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{045B50E4-9035-4013-9C00-04FC0975B410}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0499180C-D704-41F4-8520-86E8AA9D16E6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{05092F8B-8D37-450E-92D4-4432BF33F1EC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{05479D96-8705-4C9B-AEBC-1B6C85618AE1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0569DAD8-7694-45C1-B1EE-7B6CA6ECA08F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{06AFA13B-49F2-414E-A535-9D7EE73982D6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0728DE3C-9DF8-453D-8CD8-44ECCFB6AFE6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{072B3E5B-5596-49A4-8BB7-4DA9DF600B48}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{07C134EB-10E6-4195-9875-65A9275ECC0B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0823960F-F075-46F8-A944-A73D745D3AAE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{09F8F5D6-4C3D-4FBD-8003-26BF66E64EA6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0A1D97DD-3765-44EF-8496-4CEE8EFB6310}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0A2F7F55-C44A-41B7-A133-3B8431A8D6BD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0B54125F-253E-4419-AF0D-769978BD7511}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0D17CD0E-B20D-4292-A61F-83BBA56AB976}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0D5E9800-27A4-4F59-B63A-6A8468F72869}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0D6F2C7E-6786-4DA5-95D2-D0A4D774C9FC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0DBF1A7B-3EF0-40D3-8965-A61FA24CD3FE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0E7FBF00-F81C-4229-9AD8-7AE955F7AD34}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0F4293BA-A12D-4089-A648-AE528ACE0AD3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0F4D9083-55FE-48D6-88B1-D65EA101C387}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{11889B63-7355-4FE6-97D7-67CC324A0A35}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{11DBECC0-3959-484F-B44B-5277EE82D790}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{123D1AD4-83D4-4157-878D-F8CFBA8244B7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{135A9BFA-2985-468E-8617-98BBEEE0F26A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{13C60725-0982-49F7-8699-EC72F4CA8F4F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{144350C7-9F98-471B-83A8-69FBD06D088A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{144CBD9F-41C8-438E-98C6-1FBBA8A7288C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1695A18B-64C3-48BD-A016-5D3C4D503039}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{16A683A2-6BED-420B-932D-A37711E11CB6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{18D23934-598D-46C9-B023-C7C8CEC7E84B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{18E6714E-D5DF-4761-BFF0-5738AF9AA2EF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{18FF49E0-11FC-4F88-BD07-FCB802D55205}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{194A4712-B754-48DA-9480-C76D3A173037}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{197E5D0F-86DB-455A-84E7-511D4AB4C255}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{199756AC-DB7E-4B55-849A-B59E322B4049}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1A0C4DB3-31ED-4FC2-8ADF-3E6E31A8DCCA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1A2CB678-59B1-4837-889A-881DF163138D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1A2CC5CE-8F13-4133-96E3-5D940B2D9F44}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1A787208-106E-4515-A56E-9014DA2D1400}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1BDD8DF7-5149-42B3-A0C0-12479D4F1946}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1D94A5AB-C4C9-4CF1-83E5-0BBAE9BD0C7D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1DB63136-FFB4-4329-8CDB-6BF3320DEBE9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1DBBBC5A-0B83-47A9-937D-802107180341}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1DC5DFE6-DB17-4DBA-9ED4-E55D029ABE5A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1E33601C-ED44-451C-A88B-2B90161198F5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1FB7EAEE-7211-442F-9C66-DADD6881A7D2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1FC40948-FAEE-484F-B920-29ECE4E871A5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2205EFAB-5097-4FF2-874B-8941FC62FCD3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{22193540-B496-400D-B706-C99CF74750C1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{22767EF5-FE27-47CC-95C0-54DAA646AFAC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2284B23A-A37D-4219-BD8D-8935965CBC24}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{23C682F4-992B-4DAB-8225-B85673188E2A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{24523E85-DBF7-40ED-A896-E907CC473AB0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{24F674CA-C32D-4BD7-AEFD-682F306B7339}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2536FFE6-F928-4FFD-922E-65E74DD7C7C1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{26444FE8-258A-4105-AC6E-8C1DF621C4CA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{270EC25F-5658-4A75-9F39-6EB1E8196B82}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{279A2986-E3D0-4D85-B00B-E30090116EF1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{295A84E6-BD23-4EB2-A9AB-5D8409F6CD27}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2996FFDE-95CE-4EA5-9A8E-A8BE8FDF388E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2AE9BBA9-483D-417A-A27D-CEBF4CBAE94D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2BDA1B65-60B7-40A5-8184-B10A1F28980F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2D58A6C0-153E-4A6E-8F67-198E27FA6A2A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2DBFE702-30DE-45D0-AF3F-624C03377A59}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2E3B2922-7FF0-4D5B-807F-C681ED47DE28}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2FAB76D9-5A24-4A32-B79A-44E3E5D6B21F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{308EEA27-B30D-4103-A2DA-0F5A84BD3369}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{31190A20-4321-48F2-BC4A-0EE2D5043C14}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{31641545-6BEA-4E93-A969-78D227C5AB1C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3191A5FA-48D7-49C8-A2E0-EAF75FFE4559}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{34CC241B-D120-4048-9DD2-192AFA09FCAB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{351C8C9B-2A98-431D-8703-8657658EAD33}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{35B6D2E3-6E58-4F2F-95EC-8F0F29F97BE9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{35E4A272-4909-44C0-85D8-4B57F39EFDAB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{35F1D537-B00A-4020-81B5-1E1067B8FCC8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3747BA5B-2671-4C33-A5C1-3A937B1CE6FF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{375C01B1-2CF7-4606-BB53-0BDB9F0D32E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{38763D52-7D88-4EAE-9C4B-668B8893BD54}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3BF31333-B3D8-4CD9-9F43-1F9248C535D3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3CC85E4D-C9FF-4DF0-B511-49DCE9E4D043}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3D106E62-580F-49C9-B3E1-F677E11665C8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3E5BD3B1-7AB5-4848-9D88-8CDB65218E4B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3F258B65-34F2-4F8A-ACA4-C1C4B1FAF018}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3F972D8E-944E-4FC6-B565-5DF84F374201}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3FC79A3A-D479-4467-A7C7-9BB568761FC7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4182DA24-0FB5-405B-87DE-4E2C6A805E01}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{429F8874-AEBF-46C1-8F86-A9F9686202A6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{436BCB2D-CC37-49E9-A0DC-767D60D51189}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{44914048-5BFE-469D-8E0E-27C2F46651DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{459563E4-F4AE-46BA-B318-0AD16C56CBD6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{464556DB-F18A-4716-9DA1-41F23215FBDA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4674D003-44BD-4FF1-B744-AAF781F51E16}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{47F9E055-7CC0-4D6D-9CCF-28C4A5E7ABBC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{48291ABF-75CE-447D-88C3-DACBE2DC3A14}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4928DA75-8FF8-4AAE-AEEF-A2742238BDD8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4A33CCB4-4336-4A5A-B617-CFDC25AE4630}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4B083F33-874F-486F-B16C-AC9716EBD0AE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4B921E15-FDBB-4EE4-B012-E97F1E67C94F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4CA01E55-A816-4816-83BD-DFE68630C4C8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4CB93B33-62F9-4B68-B934-19160161EF81}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4CD75E2D-2F4C-406D-B28D-023B8B7E5140}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4D4E6BE6-89C0-43BA-BD62-B861AA095261}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4D9F7AD0-8BC3-400B-A84E-64F6B6E801C4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4DA5E9CE-1E1F-4710-AE4D-EF7F6241379C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4EA1A421-59CE-48F4-A4C4-93BB7819110D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4EDF9A91-B089-4C07-80EA-7DB9FE6A6E0F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4EEC185E-A479-41CF-A744-234428693D86}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4FCEDCE9-5693-4162-A1E1-4620099109AB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5060D0E8-04E0-4309-9CCD-63D46D162239}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{515D6C8F-B386-4ACE-B85A-0B9E36EFCF16}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{51BAFAF7-A103-4953-9B3E-9BFAE54B47A0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{53614A54-2073-4B85-9071-DCAA8612E703}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{53732C37-051F-4002-9D50-DCE191BCFA1C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{53AE0797-272F-45D9-B9C8-FAAD98DF6CE9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5409285A-90F2-4FB8-AD90-D6854F3823C6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5473933F-65B1-4009-988A-5FC98C94452F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{54C036BD-B51A-45B8-8CAF-83BEEA84E11A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{54E866EA-B9CB-4C37-AF1E-B56A8833E461}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5722C828-E7D0-4B37-9870-DE1DF1F538ED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{581D1193-4E13-458B-8483-7008B576CCA5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{586ABA3F-26BD-41A8-BD24-ADF51C753446}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{588686CC-92D6-49B1-9693-1CD9D75B57C8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{58906A4D-9BA6-4235-8B22-993E84D9C366}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{592254E5-C6DF-40A0-8DD1-02EE7297BAE7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{59B747E8-3C69-4DFA-915E-514746995C4D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5A21731A-69FD-40F0-AACE-F50A64AD0B40}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5B344B71-27A7-4C7E-8B44-036F4D63A86D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5B66D32D-7593-4D98-A7FC-BB9A5E1ED3D9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5B7C9E7A-80F2-4165-9B12-D20E91DC3456}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5CC6D7FF-90B3-4B9F-A7A9-B2D3B2A35052}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5D1DDCA1-1B4D-404D-B946-2245DB796E1B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5D4DC103-83DE-4C08-8088-828E6FD32AD1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5D52613A-8291-489D-98AE-3C02989B7052}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5D906BDF-DDB1-4E1B-81DF-2D704AF8B6F6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5E952705-62D5-43DE-87B1-B8BE6B1145DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5EBBB0F7-89E1-4030-868E-58DA90DF880D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5F02DE5F-2CF4-45F5-86F6-585C6EC09C31}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5F5894BC-AAAB-4540-9BD4-C5A904FAF6E4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5FD6DA3F-AAD0-4821-A39E-DA3A55E6EBC8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{602CD0EE-3929-447D-9093-F13884B3AB79}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{609C9D22-A6DD-49E1-9ECC-8B39DD610A39}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{62F71919-58FD-4F72-A53D-169F46E0FECA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{63AD72F8-39A8-4916-809C-CAEF672D4671}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6438A2DC-85DF-4845-8493-34B29B2F6608}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{654785CA-FE7B-4C21-8FAF-6A8B32776EBA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6567EF8F-33F9-45BC-9D07-EF1364C1745A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6591B229-E4D8-49C4-95F9-107EF5D68868}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{659AF1CB-0DF8-415D-81F6-5864E73EFC02}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{66BE7D74-A00F-4586-9C5E-3ECD84978B52}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{679DF32E-B505-421E-9B05-7606D678D5B5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{68E3120E-508A-4EA4-9FAF-901CAC3FDF21}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6937F4C7-AB7B-48F2-8707-B6B535A97724}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{69472AF4-BF61-4EC5-99D2-6FF5ECD18F89}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6A3DB175-4ED6-465B-91AE-6E88D7CBF960}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6A432104-9470-4DEC-8528-14FA48DD0725}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6AD684A4-A0CE-4E02-B06B-80CD75E1419D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6BA08E6A-F239-4DEF-B972-153242FB17A0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6BAB3F06-D766-49C3-89E3-7EECF564A7ED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6C5BA965-3F62-4EB8-8782-62E388D127C7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6D6E4113-4D20-4731-8B63-758DAD2C50B7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6D83559F-A873-40C8-ACFC-AA4ECED3509F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6E903BD3-B59C-4644-BEF0-4B3EFA7CB92D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6EDF8AA5-FB1C-4920-AC3F-AB16FA2D7D60}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6F508401-FA9A-4AB7-B690-2B77DA580C27}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6F5CFD74-A245-47DE-9956-905FDCD7F5A1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{70CF3071-86CC-4049-B05F-52FB484BDD4D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{71DC51F6-6C79-490F-9A62-FA0AC284362B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{71ED21A2-F831-4773-9354-1FB69967969E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{726FED92-4F24-4F5C-9900-24176DAE866F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{72BD83FD-CD9C-462B-8D4C-615B0C24B5C1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{730455DE-11F2-4E70-A306-3CC4021A24CE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{73684ED4-50D6-4237-AE12-2D5F89C368F6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{748F17CB-7F2F-4050-B8E0-E7A617FA2FB5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{74E4DDFD-FE70-4EDE-BD16-95D9F3E8B531}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{74E55908-95AF-4CDD-A4CB-EA76DD472EA3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{758A3C96-DA18-43FA-B76E-60A9A48E27CA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{759C1EF8-CB34-4410-8D71-E75A835E6E13}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{75C9035A-E51C-496B-B251-20F827AEED83}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{76A2CFD0-177B-4A05-B1BD-271517658A8E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{76E95EED-94D3-41B5-97F2-73181C671FCC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{770BADDF-BFC0-4DBC-A34C-6C4E4D0DAEEA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{78202876-FD5D-4701-96BB-53D60BAF3598}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{78BF13F3-C204-4FB8-A32D-EB05BF4B32BC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{79B04BD7-3D6F-4ABF-A1DF-28560F1FF3B4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7A52AF58-86D6-4A94-90BE-AAA8BBFD6E64}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7ADCBBC2-7555-4C23-B01A-2D826F1591B9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7B198605-DBD2-4C39-83EE-956FBC13F426}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7D674132-8EA1-4131-BF7F-F2944106BA02}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7E4A0DE7-DCE7-4034-9600-897C04D97287}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7EB82209-359E-4833-8F47-4247D5ED2703}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{801C263E-2DF3-44FB-88EC-2431B7074572}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8128D052-54CD-443E-A0E9-1CF6772EFD8A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{81EF78BA-C0DF-4974-9A2E-027F6198D1C4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{82DB6308-DEFB-4DF6-8FED-5C8FDB745C5E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8361EFA0-28FE-4301-B37A-67C7505BF746}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8370158D-0B07-4ED7-A5EE-98EECF925171}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{85045C0E-6326-4F60-BEBB-0F5BB9E58122}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{85B97EB6-C180-491B-BF8D-FC3DCF8A4355}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8659EFFA-A7B3-414F-B4E2-C28CBF798B04}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{88A96D1C-9731-4316-A277-8A70F6E1B6F1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{88B0109A-D29E-495B-A1D9-51400E9D5583}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{88BD4477-A366-47FF-BE42-6351A67D3735}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{89470CC8-B974-4EF1-B905-6146E7C1AE86}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{89E01365-935A-4D4B-8BAC-719568397756}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8B72F37A-8D20-40DA-936C-1BB3F090564B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8C7A1EAD-4B74-4436-BC44-CDC36C44FBEA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8CB43021-A761-4EA5-8925-FAF7CD61E3AA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8CF14583-089D-476F-9542-40C98D52794B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8E4FDD22-2C96-444D-8133-439311D5088A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8F59EA2E-CE4F-451D-81AD-F74044C05BFC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9004C16A-4C30-44CA-A97F-2CD1D5D6F57F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9105DAEB-B10F-4CCD-A75F-ED56FACD9988}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9192B36A-8686-4D7C-903D-07785BF94062}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{92211C6C-2873-43B7-A359-64A2545A4696}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9390051C-1121-4F6F-8F63-81AC47563384}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{94047DE5-0DFE-4C8E-B960-04C4C86510FC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{956EE68A-2E10-4658-A860-F93A3CFCBD92}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{959ABE64-7423-49C9-A6B7-E4C232EB3C73}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{98D76123-84BE-493B-AF73-2F82A2AF4570}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9A09BC9F-FE6C-4EA2-B9CE-0FE136B63E50}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9AA91DE8-BD04-431C-AFED-1FD920A28EA4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9B08CCD1-D8E3-4E4D-A4B7-2E81FE65EB63}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9BA6D523-769E-4EC6-BCD2-AF5A8E88122C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9BE867B9-AC34-4C7F-B84E-06A1B9D70F54}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C2BA8EE-9F57-4A0B-96F3-3BE9520CAAD4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C7707C8-3E34-4838-BB1A-68758AB94EC0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9D3C3FEC-E6AD-4D50-837D-FF97CF338F2B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9D9DD1A8-5997-474E-9246-FE2881D4ED1F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9E5663D6-5A4D-4F38-ABA5-A4F4719F4BF7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A0225DC3-980C-4775-9E8A-82479A7F150C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A1EA307E-F446-4D7E-9D32-CA4A0C7B9513}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A342DCBA-E064-4763-A0F7-9B648D0A21AF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A43B8281-1D67-4387-8F66-9AA88F6146FB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A516B177-F285-40D0-B131-BDE3E9E89BC9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A5DD745A-44D6-4944-88BD-54BCBE2BFB98}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A67EDB4E-D0AC-464A-B408-2234B5A31862}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A808E01B-7266-4B4B-A644-B9BAB31DD730}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A847E1E4-7A0F-4106-B904-77D13915993C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A884CF13-8E1B-4FAD-A4EC-BAB7931AE6DC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A90649D5-BA16-4514-BBF5-56D5DA19717D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A9CDA3D2-3E14-4700-8E73-EE81009E0C81}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AC57185E-5CF5-47DE-896B-52E081E5C386}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AD0E6B68-72C8-47CA-910C-F6E820D06506}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ADD8184A-9F28-49D6-A437-33143019165D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AEBFFA3F-5134-4190-895A-7C758E34B0D3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AF01B592-78B6-42FC-A0F4-B63CCFA79E9C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AF74C5B2-00A3-4CB2-A158-4CEC7296D3F7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AFB3DAE9-33FE-44F1-AFFA-FBDFD67E8153}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AFD83D95-35BE-4CE2-B6A9-F43784AE472E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B0426C85-1C56-45F8-BBD0-108CA9619431}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B067980F-9858-4906-AD2C-F0BA11C4C11E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B0886671-53A9-480A-A120-8A989EBE4CA9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B08E9657-F9E5-4864-9BD5-9008BC03367F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B176DB0C-7B6A-46D1-8E5F-43D2C4F48AA3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B2CF211D-DDA5-4040-9144-AACDB245BFB8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B2D8E21B-CC79-437B-A40F-9D57B90326D4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B3A1224C-E527-4880-BD3E-A952802622E6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B3B65A34-4152-4A4F-B459-AB1ECAA139F6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B45F5D9F-B3D1-41DF-A431-DE66B84E40E5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B6667870-DFAF-440D-B51C-D16131733B38}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B7354089-B0DD-4CB0-8C9A-D118A045284B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B77DE2CB-056C-4708-97E2-840D07569F8B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B7984F8D-DF7B-4496-9AF0-2AC8DF793D7C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B8A292CE-C750-4C6F-98DB-C4D6D640D2C5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BACBC63E-2EB9-454F-A7AF-CE5DB75D217F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BAF08FA3-8FDB-41D7-87F8-07C3E7F54920}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BB0E9578-5E1D-4AE6-AEC3-6E7EBB61E949}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BB9410CE-872C-44E3-AB8B-FC70EF184244}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BBC3708B-941B-489E-A0A2-78A331768EB7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BCE71C31-1AAD-40DA-B895-1C8D2DAAC105}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BED16B53-D71D-4ADF-8845-7C6FF7AC48FF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BED3C299-1058-46FF-853E-4786BAA1E5C1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BF53E460-63CD-4859-BF0E-1175EA965C98}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BFCA0D27-91DD-4310-B587-E35C3E77D4C7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BFD07B8A-174D-4F1A-BFA0-82DF58BDC1E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C002C66C-E964-4DA7-92E9-0DDFDC70907C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C04A2E15-C7D8-47C5-A32A-0438E094825F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C09AD13E-A8BD-408E-9080-0663E826752E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C0C0F894-9966-4036-A92B-C551C2B5FAEA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C275435D-E6A2-45AD-A1DF-1EB3081EFA92}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C2927C9A-8E35-43DE-921C-F017822AA13F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C2A90840-46F2-4696-B569-3ED1243B3BAA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C3786EE2-2D33-47D6-A23F-76B6A5A01955}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C3D7B5A9-7592-481C-8509-2121CCA33957}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C6CB07A6-6ED4-4D2B-9C4C-1C19B1AB7DCF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C6EB1552-E737-4D3A-B9D1-E5B65898958C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C83DDD0E-230C-4D4E-933F-05E66A17C682}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C8994BB2-853B-420B-A8DF-48398395BED8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C952AF3B-6152-4121-B2F1-FAE08EB0F54A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C989B1CC-DB5C-41AC-91F1-7DE2D9996B0F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CA29B263-3CA4-4D61-B61A-0373DFB76169}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CB8C4521-1BD2-46F4-8323-C55585825208}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CD041979-E2A2-4260-969F-0BEBFF2A1411}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CD30B09A-E636-469E-8226-82B08703F3B0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CE712621-95AE-44C1-9E0C-6697EECC2259}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CE82D84C-0866-46E7-9FB8-2E95F9787F9E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D01F3316-6CD0-4DC3-903A-AF36CAF65347}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D0CE29C6-C6A6-4D59-A041-4A7A5EFB0F74}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D16FD2B1-6D83-4360-B56D-75DD94C6715D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D195CA83-38B6-4CB4-859A-EA9F6FE9DAC5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D296FFC9-A75D-4A10-BDE4-D61F4920CB79}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D2C54A44-6F99-45E7-8096-96C388A87EEC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D494C7EF-2874-4F8F-8E77-8BE20D25FE97}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D4FE2820-88C0-4653-96FF-99012A88DF00}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D5F9B4A2-B664-4C49-9C39-2918175A4FDD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D5FA9B72-2906-488A-83A1-B143F338E563}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D6093E14-8ED5-488A-8B96-D6F747ED2C60}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D638DAB4-1CAC-42A1-9673-F06207DF9895}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D6975EA5-2B03-413B-A5CC-2ED8C8E6D387}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D7E80EC7-1C33-40F6-ADF0-FDE103A8476E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D7F0A58E-CBE4-489F-B144-27A1C7E5BD2C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D8D3CF4A-5CB6-4CED-8DFB-2FB4E072603B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D95113B6-2B73-41A6-B787-F9CBD9AE94E9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DA323AD1-5886-4A7B-AA54-4913E2A5D7DD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DA4E1681-0E3E-4047-B22F-5DC165C3A53B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DB9E389B-AE85-416C-A639-B3FCED962ED2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DBEB2DC9-2CC5-416F-AEE2-5219C6197A3D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DC5EC91A-02C2-4A34-8AA8-62508AB35640}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DCFC1C9E-ABB0-47B4-842B-887A2CAA2FBA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DD68EC94-362E-4E28-8802-01D1F9833A34}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DF064031-C1E6-47CF-BAD0-E41DCC8BD738}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DF707619-3680-49CD-99EE-F69F93DCDC32}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E0328019-8DB3-4A6D-BF52-FE0832797A5B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E1825B1F-E143-4F12-9794-52819D68BAFE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E1A6C34C-EE72-47D5-A35D-AA8D9735900D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E1D6BF8A-2009-465E-AC27-2E08FCF95DCE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E26CCEEE-B1A7-4016-8990-9CFE47C2C97C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E295A8A9-5FF1-48BA-AC13-6216DDB796D1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E2C38CE0-FE70-4FD3-BD67-4F2063DB2BDE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E35BA703-8A89-4B0D-9F9D-62CF899F5D4E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E40E1C9B-F024-443A-8D22-D211381A806A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E50D158A-CD3C-4F38-94D6-F0B80C99DB69}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E6D0A53F-34EB-418A-A56C-478AD2D81F67}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E6F4A361-E6F8-4451-8E3B-CD91CF8417B6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E846BB66-9933-41E1-926D-A97A5F624BEB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E87534A1-D7DE-4A9B-AED4-6FF1B234D0F1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E882A2CE-2C79-4B37-9DB6-7516C9A592CD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E8854271-3484-48B9-9308-1B527633336F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E89744D0-BBD3-40FC-B0FE-ECB3D0CCF922}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E8FFEDA6-22FC-42E2-85FC-EC5971485E63}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E97AD7B4-B4EF-41C2-AA41-39018298809C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EADA3937-663D-41A0-8539-7BF304E8C7BA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EAE08811-3F8C-432A-96AB-78550E761069}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EB2D27E5-2EE5-45B0-B1B6-48226095C949}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EB76C823-0E06-44A0-B488-3C1284F9A719}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EC5F932F-F2A7-499C-AA3A-BD0CBF396245}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ECC33C81-9791-475C-8AC1-5346A5BF817E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ED1EE250-EDD7-477A-853E-F24C44F2E01E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F0400F11-F68A-4F5C-B86E-BF261CA1637F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F0B2E349-9397-48FC-8DC4-1455F406D2DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F1B98B39-0FDB-48A7-A6C2-D7BE5F055C3D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F1CB3D2A-6240-422F-80A8-75E0AEAE724B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F26CBF6E-724A-437C-83DF-859D6480E3C5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F3D4BA5A-776B-4B6A-818C-A96499F90791}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F59FD3F1-7409-4767-8B94-F803262908A4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F5C67F15-3191-4591-9919-C89A6A2EE874}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F6279A48-573E-4A98-880B-94A2C1B1C765}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F650A39F-6746-4F28-BC74-1D69961CC86D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F695799D-9840-4BE8-AC15-4745016321DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F6F753D0-005A-4E16-A54B-6517A7BE5FAD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F7050688-5F51-4ACE-A2B6-EAD5A1895321}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F8F7A8A4-F02E-44F9-ABBB-7F9C39395D23}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F9291A95-0342-4DF9-9D59-90EF56ECCDC4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FA0F5D19-82F0-4C36-A1D1-8FEEEAC2215C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FAAC1620-5A47-4F6A-AE54-43CD56EC544F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FAF1F73C-9978-420A-84D9-18BACA24C9AC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FC3DB773-F34B-4725-9189-7372E5D1956A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FCCDDD11-C11C-40C7-8964-70F2F255158D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FDB85C73-04AD-4BFA-89AD-E5511D971CCB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FF87F5FC-321F-496B-A15E-0FEC7532011D}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.02.2014 at 13:06:25,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2014 01
Ran by User (administrator) on USER-PC on 23-02-2014 13:15:25
Running from C:\Users\User\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1737920 2014-02-09] (Bitdefender)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [IObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1566528 2014-01-15] (IObit)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-11] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-11] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-11] (Bitdefender)
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-11] (Bitdefender)
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-11] (Bitdefender)
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {1a6f5542-28f1-11e3-a6f9-bc0543032e9a} - E:\Startme.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {3ae506ce-e3bf-11e1-922d-bc0543032e9a} - K:\Startme.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {60ff99d2-1111-11e2-ab8f-bc0543032e9a} - E:\CTT-Startmenu.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {6a3e3576-1114-11e2-8858-bc0543032e9a} - E:\CTT-Startmenu.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {6a3e358d-1114-11e2-8858-bc0543032e9a} - L:\CTT-Startmenu.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {78ccc8e2-0934-11e2-ae81-bc0543032e9a} - E:\LGAutoRun.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {7c0f1419-93b3-11e2-94ce-bc0543032e9a} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {b222ac4a-af1b-11e1-b019-f80f41064d8e} - J:\pushinst.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {f6975884-c52c-11e1-ae9e-bc0543032e9a} - L:\Set-up.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL =
SearchScopes: HKCU - {192A4B13-BE42-47B1-81A0-1FE74F251B8B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: 127.0.0.1 secure.tune-up.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A8A31078-1F2A-4BB8-AAE2-8AE9F38E4D73}: [NameServer]192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 1
FF Homepage: hxxp://de.search.yahoo.com/?type=800236&fr=spigot-yhp-ff
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\User\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\yahoo_ff.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013-12-02]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013-12-02]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\gcswf32.dll No File
CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (ProxTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-01-20]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-05]
CHR Extension: (Bitdefender Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2013-12-02]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-01-25]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-05]
CHR Extension: (Ads Removal) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-22]
CHR Extension: (Blossom) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idjmedbobeakbopimfiicbonioiahhnd [2013-01-09]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-05]
CHR HKCU\...\Chrome\Extension: [ofahndfepeaeelmhdkjiihmofnokhmik] - C:\Users\User\AppData\Local\CRE\ofahndfepeaeelmhdkjiihmofnokhmik.crx [2012-06-05]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-02-11]
CHR HKLM-x32\...\Chrome\Extension: [ofahndfepeaeelmhdkjiihmofnokhmik] - C:\Users\User\AppData\Local\CRE\ofahndfepeaeelmhdkjiihmofnokhmik.crx [2014-02-11]
CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2014-01-03] (IObit)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe [68760 2008-12-27] (SiSoftware)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2014-02-09] (Bitdefender)
==================== Drivers (Whitelisted) ====================
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2012-11-02] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-03] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-03] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R0 CryptBox; C:\Windows\SysWow64\drivers\CryptBox.sys [221200 2013-08-14] (Abelssoft GmbH)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows (R) Win 7 DDK provider)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-22] (AVM GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-11-02] ()
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-23 13:15 - 2014-02-23 13:15 - 02154496 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-02-23 13:06 - 2014-02-23 13:06 - 00040707 _____ () C:\Users\User\Desktop\JRT.txt
2014-02-23 12:38 - 2014-02-23 12:38 - 01037734 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-02-23 12:38 - 2014-02-23 12:38 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 12:30 - 2014-02-23 12:32 - 00000000 ____D () C:\AdwCleaner
2014-02-23 12:30 - 2014-02-23 12:30 - 01241834 _____ () C:\Users\User\Downloads\adwcleaner.exe
2014-02-23 12:26 - 2014-02-23 12:33 - 00000112 _____ () C:\Windows\setupact.log
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-23 12:25 - 2014-02-23 12:26 - 00005900 _____ () C:\Windows\PFRO.log
2014-02-22 15:01 - 2014-02-22 15:05 - 00000000 ____D () C:\Program Files (x86)\Level Quality Watcher Removal Tool
2014-02-22 15:01 - 2013-11-05 14:38 - 01122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-02-22 15:01 - 2013-11-05 14:38 - 00274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-02-22 15:01 - 2012-12-10 11:04 - 00356352 _____ (eSellerate Inc.) C:\Windows\eSellerateEngine.dll
2014-02-22 15:01 - 2012-12-10 11:04 - 00081920 _____ (eSellerate Inc.) C:\Windows\eSellerateControl350.dll
2014-02-22 14:27 - 2014-02-22 14:28 - 00000000 ____D () C:\ProgramData\IObit
2014-02-22 14:27 - 2014-02-22 14:27 - 00001177 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-02-22 14:27 - 2014-02-22 14:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\IObit
2014-02-22 14:27 - 2014-02-22 14:27 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-22 14:26 - 2014-02-22 14:26 - 26996352 _____ (IObit ) C:\Users\User\Downloads\imf-setup_2.3.0.10.exe
2014-02-22 13:48 - 2014-02-22 13:48 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2014-02-22 13:47 - 2014-02-22 13:47 - 00614816 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Skype - CHIP-Downloader.exe
2014-02-22 11:39 - 2014-02-22 11:40 - 02243616 _____ (Megaify Software ) C:\Users\User\Downloads\driver_setup (1).exe
2014-02-22 11:39 - 2014-02-22 11:39 - 94880463 _____ (Igor Pavlov) C:\Users\User\Downloads\realtek_high_definition_audio_6.01.7026.exe
2014-02-22 11:38 - 2014-02-22 11:38 - 02243616 _____ (Megaify Software ) C:\Users\User\Downloads\driver_setup.exe
2014-02-22 11:18 - 2014-02-22 11:30 - 3192264704 _____ () C:\Users\User\Downloads\X15-65741.iso
2014-02-22 11:12 - 2014-02-22 11:12 - 00000000 ____D () C:\Users\User\Documents\Ashampoo Burning Studio 2014
2014-02-21 20:35 - 2014-02-23 13:15 - 00016977 _____ () C:\Users\User\Downloads\FRST.txt
2014-02-21 20:35 - 2014-02-21 20:35 - 00030565 _____ () C:\Users\User\Downloads\Addition.txt
2014-02-21 20:34 - 2014-02-23 13:15 - 00000000 ____D () C:\FRST
2014-02-21 18:41 - 2014-02-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-18 18:18 - 2014-02-22 09:36 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2014-02-18 18:18 - 2014-02-22 09:27 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-18 18:18 - 2014-02-18 18:18 - 00001024 _____ () C:\.rnd
2014-02-18 18:18 - 2014-02-18 18:18 - 00000000 ____D () C:\Users\User\AppData\Local\LogMeIn
2014-02-18 18:17 - 2014-02-18 18:17 - 25010176 _____ () C:\Users\User\Downloads\LogMeIn.msi
2014-02-18 17:48 - 2014-02-18 17:48 - 00003276 _____ () C:\Windows\System32\Tasks\{EFEF7E74-023B-4682-9D01-E24FB5029237}
2014-02-18 17:41 - 2014-02-22 10:26 - 00000000 ____D () C:\Program Files (x86)\Hobbyist Software
2014-02-18 17:41 - 2014-02-18 17:41 - 01324328 _____ ( ) C:\Users\User\Downloads\VLCSetup_5.47.exe
2014-02-18 16:57 - 2014-02-18 17:13 - 48321178 _____ () C:\Users\User\Downloads\10nelathtec3d.rar
2014-02-15 13:15 - 2014-02-22 21:22 - 00000373 _____ () C:\Users\User\cryptboxdrives.xml
2014-02-15 13:14 - 2014-02-22 10:27 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft
2014-02-15 13:14 - 2014-02-22 10:27 - 00000000 ____D () C:\Program Files (x86)\CryptBox
2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\Documents\My Safes
2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Abelssoft
2014-02-15 13:14 - 2013-08-14 14:47 - 00221200 _____ (Abelssoft GmbH) C:\Windows\SysWOW64\Drivers\CryptBox.sys
2014-02-15 13:13 - 2014-02-15 13:13 - 31581840 _____ (Abelssoft ) C:\Users\User\Downloads\cryptbox310.exe
2014-02-15 11:48 - 2014-02-15 11:48 - 01650072 _____ () C:\Users\User\Downloads\BusyBox Pro 11.zip
2014-02-14 18:52 - 2014-02-22 10:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\System Speedup
2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\Users\User\AppData\Local\bdch
2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\ProgramData\bdch
2014-02-13 17:05 - 2014-01-23 04:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-02-13 17:05 - 2014-01-23 04:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-02-13 11:04 - 2014-02-13 11:04 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-02-13 11:03 - 2014-02-13 11:04 - 00000000 ____D () C:\Users\User\Documents\3DMark
2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\IsolatedStorage
2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\Futuremark
2014-02-13 11:01 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-02-13 11:01 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-02-13 11:01 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-02-13 11:01 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-02-13 11:01 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-02-13 11:00 - 2014-02-13 11:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-13 10:56 - 2014-02-13 10:59 - 1007522262 _____ () C:\Users\User\Downloads\3DMark-v1-2-250.zip
2014-02-12 13:33 - 2014-02-12 13:33 - 00003130 _____ () C:\Windows\System32\Tasks\{E1C1AB26-9304-455B-BDDD-44085F3E6938}
2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\UpdatusUser\Desktop\LGMobile Support Tool.lnk
2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\Gast\Desktop\LGMobile Support Tool.lnk
2014-02-12 13:20 - 2014-02-22 10:27 - 00000000 ____D () C:\ProgramData\LGMOBILEAX
2014-02-12 13:20 - 2014-02-12 13:33 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2014-02-12 13:20 - 2011-05-06 19:37 - 00655872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll
2014-02-12 13:20 - 2011-05-06 19:37 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll
2014-02-12 13:20 - 2011-05-06 19:37 - 00224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcm90.dll
2014-02-12 13:20 - 2006-04-30 14:33 - 00053248 _____ () C:\Windows\SysWOW64\CommonDL.dll
2014-02-12 13:20 - 2005-09-30 07:39 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2014-02-12 10:01 - 2014-02-12 10:01 - 00995769 _____ () C:\Users\User\Downloads\Odin_3.07.zip
2014-02-11 21:32 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-11 21:32 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-11 21:32 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-11 21:32 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-11 21:32 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-11 21:32 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-11 21:32 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-11 21:32 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-11 21:32 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-11 21:32 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-11 21:32 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-11 21:32 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-11 21:32 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector(101).exe
2014-02-11 21:32 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-11 21:32 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-11 21:32 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-11 21:32 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-11 21:32 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-11 21:32 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-11 21:32 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-11 21:32 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-11 21:32 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-11 21:32 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-11 21:32 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-11 21:32 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-11 21:32 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-11 21:32 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-11 21:32 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-11 21:32 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-11 21:32 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-11 21:32 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-11 21:32 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-11 21:32 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-11 21:32 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-11 21:32 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-11 21:32 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-11 21:32 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-11 21:32 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-11 21:32 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-11 21:32 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-11 21:29 - 2014-02-11 21:31 - 00000000 ____D () C:\e46c74c125fa678d89a3a83d66
2014-02-11 21:28 - 2014-02-11 21:29 - 00000000 ____D () C:\6f32705bea4e48a3a39f3dfcee25969c
2014-02-11 21:28 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-11 21:28 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-11 21:27 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-11 21:27 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-11 21:27 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-11 21:27 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 21:26 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-11 21:26 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-11 21:26 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-11 21:26 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-11 21:24 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-11 21:24 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-11 21:23 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-11 21:23 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-11 21:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-11 21:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-11 21:23 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-11 21:23 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-11 21:23 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-11 21:23 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-11 21:23 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-11 21:23 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-11 21:23 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-11 21:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-11 21:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-11 21:23 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-11 21:23 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-11 21:23 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-11 21:23 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-11 21:23 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\Documents\Aiseesoft Studio
2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\AppData\Local\Aiseesoft Studio
2014-02-09 17:29 - 2014-02-09 17:29 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-02-09 17:28 - 2014-02-09 17:28 - 00614792 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Vollversion Ashampoo Burning Studio 2014 - CHIP-Downloader.exe
2014-01-30 22:05 - 2014-01-30 22:05 - 00000000 ____D () C:\ProgramData\DriverGenius
2014-01-30 21:15 - 2014-01-30 21:26 - 00004096 _____ () C:\Users\Public\Documents\00001AEC.LCS
2014-01-30 21:15 - 2014-01-30 21:24 - 00003652 _____ () C:\Windows\System32\Tasks\TWIN 7 Live-Update
2014-01-30 21:15 - 2014-01-30 21:24 - 00003602 _____ () C:\Windows\System32\Tasks\TWIN 7 1-Klick-Optimierung
2014-01-30 21:14 - 2014-01-30 21:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\ProtectDisc
2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla
2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla
2014-01-29 10:33 - 2014-01-29 10:39 - 00000000 ____D () C:\Windows\pss
==================== One Month Modified Files and Folders =======
2014-02-23 13:15 - 2014-02-23 13:15 - 02154496 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-02-23 13:15 - 2014-02-21 20:35 - 00016977 _____ () C:\Users\User\Downloads\FRST.txt
2014-02-23 13:15 - 2014-02-21 20:34 - 00000000 ____D () C:\FRST
2014-02-23 13:06 - 2014-02-23 13:06 - 00040707 _____ () C:\Users\User\Desktop\JRT.txt
2014-02-23 12:41 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-23 12:41 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-23 12:38 - 2014-02-23 12:38 - 01037734 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-02-23 12:38 - 2014-02-23 12:38 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 12:38 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-02-23 12:38 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-02-23 12:38 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 12:36 - 2012-06-14 09:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-23 12:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-23 12:33 - 2014-02-23 12:26 - 00000112 _____ () C:\Windows\setupact.log
2014-02-23 12:33 - 2012-06-05 12:00 - 01933639 _____ () C:\Windows\WindowsUpdate.log
2014-02-23 12:32 - 2014-02-23 12:30 - 00000000 ____D () C:\AdwCleaner
2014-02-23 12:30 - 2014-02-23 12:30 - 01241834 _____ () C:\Users\User\Downloads\adwcleaner.exe
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-23 12:26 - 2014-02-23 12:25 - 00005900 _____ () C:\Windows\PFRO.log
2014-02-22 21:22 - 2014-02-15 13:15 - 00000373 _____ () C:\Users\User\cryptboxdrives.xml
2014-02-22 21:22 - 2012-06-09 09:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-02-22 19:59 - 2012-07-02 15:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\dvdcss
2014-02-22 19:39 - 2013-10-06 21:17 - 00000000 ____D () C:\Users\User\Desktop\Neuer Ordner
2014-02-22 19:38 - 2013-10-23 13:00 - 00000000 ____D () C:\Users\User\AppData\Local\DVD Profiler
2014-02-22 18:58 - 2012-06-05 16:16 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-02-22 17:22 - 2013-08-26 09:15 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-02-22 17:22 - 2012-06-05 12:57 - 00000000 ____D () C:\Windows\Panther
2014-02-22 17:11 - 2012-06-05 14:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-22 17:04 - 2013-02-14 11:51 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-02-22 15:05 - 2014-02-22 15:01 - 00000000 ____D () C:\Program Files (x86)\Level Quality Watcher Removal Tool
2014-02-22 14:28 - 2014-02-22 14:27 - 00000000 ____D () C:\ProgramData\IObit
2014-02-22 14:27 - 2014-02-22 14:27 - 00001177 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-02-22 14:27 - 2014-02-22 14:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\IObit
2014-02-22 14:27 - 2014-02-22 14:27 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-22 14:26 - 2014-02-22 14:26 - 26996352 _____ (IObit ) C:\Users\User\Downloads\imf-setup_2.3.0.10.exe
2014-02-22 14:13 - 2013-02-26 10:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-02-22 14:13 - 2013-02-26 10:34 - 00000000 ____D () C:\ProgramData\Skype
2014-02-22 14:12 - 2013-11-06 09:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 14:00 - 2012-12-12 11:54 - 00000000 ____D () C:\Users\User\Documents\Neuer Ordner
2014-02-22 13:48 - 2014-02-22 13:48 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2014-02-22 13:47 - 2014-02-22 13:47 - 00614816 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Skype - CHIP-Downloader.exe
2014-02-22 11:40 - 2014-02-22 11:39 - 02243616 _____ (Megaify Software ) C:\Users\User\Downloads\driver_setup (1).exe
2014-02-22 11:39 - 2014-02-22 11:39 - 94880463 _____ (Igor Pavlov) C:\Users\User\Downloads\realtek_high_definition_audio_6.01.7026.exe
2014-02-22 11:38 - 2014-02-22 11:38 - 02243616 _____ (Megaify Software ) C:\Users\User\Downloads\driver_setup.exe
2014-02-22 11:36 - 2012-06-14 09:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 11:36 - 2012-06-14 09:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-22 11:36 - 2012-06-14 09:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-22 11:30 - 2014-02-22 11:18 - 3192264704 _____ () C:\Users\User\Downloads\X15-65741.iso
2014-02-22 11:12 - 2014-02-22 11:12 - 00000000 ____D () C:\Users\User\Documents\Ashampoo Burning Studio 2014
2014-02-22 10:27 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft
2014-02-22 10:27 - 2014-02-15 13:14 - 00000000 ____D () C:\Program Files (x86)\CryptBox
2014-02-22 10:27 - 2014-02-14 18:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\System Speedup
2014-02-22 10:27 - 2014-02-12 13:20 - 00000000 ____D () C:\ProgramData\LGMOBILEAX
2014-02-22 10:27 - 2013-11-06 10:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2014-02-22 10:27 - 2013-11-06 09:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-22 10:27 - 2013-11-06 09:52 - 00000000 ____D () C:\Program Files (x86)\JAP
2014-02-22 10:27 - 2013-10-23 12:56 - 00000000 ____D () C:\Program Files (x86)\DVD Profiler
2014-02-22 10:27 - 2013-08-23 08:27 - 00000000 ____D () C:\Program Files\My Lockbox
2014-02-22 10:27 - 2013-04-29 21:26 - 00000000 ____D () C:\Users\User\Desktop\software
2014-02-22 10:27 - 2013-04-16 19:52 - 00000000 ____D () C:\Users\Gast
2014-02-22 10:27 - 2013-01-14 01:58 - 00000000 ____D () C:\Program Files (x86)\Sleeper
2014-02-22 10:27 - 2012-12-12 09:36 - 00000000 ____D () C:\Program Files\Eraser
2014-02-22 10:27 - 2012-07-27 12:02 - 00000000 ____D () C:\Program Files (x86)\RocketDock
2014-02-22 10:27 - 2012-06-23 22:36 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-22 10:27 - 2012-06-06 10:17 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-02-22 10:27 - 2012-06-05 15:49 - 00000000 ____D () C:\Program Files (x86)\avmwlanstick
2014-02-22 10:27 - 2012-06-05 14:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-22 10:27 - 2012-06-05 13:39 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-22 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-02-22 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-02-22 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-02-22 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-22 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-02-22 10:27 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-22 10:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-02-22 10:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-22 10:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-22 10:26 - 2014-02-18 17:41 - 00000000 ____D () C:\Program Files (x86)\Hobbyist Software
2014-02-22 10:26 - 2013-11-06 09:58 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-02-22 10:26 - 2012-07-07 07:25 - 00000000 ___RD () C:\Users\User\Dropbox
2014-02-22 10:26 - 2012-07-07 07:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-02-22 09:36 - 2014-02-21 18:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 09:36 - 2014-02-18 18:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2014-02-22 09:27 - 2014-02-18 18:18 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-21 20:35 - 2014-02-21 20:35 - 00030565 _____ () C:\Users\User\Downloads\Addition.txt
2014-02-18 18:18 - 2014-02-18 18:18 - 00001024 _____ () C:\.rnd
2014-02-18 18:18 - 2014-02-18 18:18 - 00000000 ____D () C:\Users\User\AppData\Local\LogMeIn
2014-02-18 18:17 - 2014-02-18 18:17 - 25010176 _____ () C:\Users\User\Downloads\LogMeIn.msi
2014-02-18 17:48 - 2014-02-18 17:48 - 00003276 _____ () C:\Windows\System32\Tasks\{EFEF7E74-023B-4682-9D01-E24FB5029237}
2014-02-18 17:41 - 2014-02-18 17:41 - 01324328 _____ ( ) C:\Users\User\Downloads\VLCSetup_5.47.exe
2014-02-18 17:13 - 2014-02-18 16:57 - 48321178 _____ () C:\Users\User\Downloads\10nelathtec3d.rar
2014-02-18 16:48 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-18 10:41 - 2013-02-19 13:14 - 00000000 ____D () C:\Users\User\Downloads\handy
2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\Documents\My Safes
2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Abelssoft
2014-02-15 13:13 - 2014-02-15 13:13 - 31581840 _____ (Abelssoft ) C:\Users\User\Downloads\cryptbox310.exe
2014-02-15 11:48 - 2014-02-15 11:48 - 01650072 _____ () C:\Users\User\Downloads\BusyBox Pro 11.zip
2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\Users\User\AppData\Local\bdch
2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\ProgramData\bdch
2014-02-13 11:30 - 2014-02-13 11:00 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-13 11:04 - 2014-02-13 11:04 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-02-13 11:04 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\Documents\3DMark
2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\IsolatedStorage
2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\Futuremark
2014-02-13 10:59 - 2014-02-13 10:56 - 1007522262 _____ () C:\Users\User\Downloads\3DMark-v1-2-250.zip
2014-02-12 17:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 13:33 - 2014-02-12 13:33 - 00003130 _____ () C:\Windows\System32\Tasks\{E1C1AB26-9304-455B-BDDD-44085F3E6938}
2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\UpdatusUser\Desktop\LGMobile Support Tool.lnk
2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\Gast\Desktop\LGMobile Support Tool.lnk
2014-02-12 13:33 - 2014-02-12 13:20 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2014-02-12 10:01 - 2014-02-12 10:01 - 00995769 _____ () C:\Users\User\Downloads\Odin_3.07.zip
2014-02-11 21:32 - 2013-07-10 17:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-11 21:31 - 2014-02-11 21:29 - 00000000 ____D () C:\e46c74c125fa678d89a3a83d66
2014-02-11 21:31 - 2012-07-04 05:39 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-11 21:29 - 2014-02-11 21:28 - 00000000 ____D () C:\6f32705bea4e48a3a39f3dfcee25969c
2014-02-11 21:29 - 2012-06-05 16:19 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\Documents\Aiseesoft Studio
2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\AppData\Local\Aiseesoft Studio
2014-02-09 17:30 - 2012-10-03 07:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ashampoo
2014-02-09 17:29 - 2014-02-09 17:29 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-02-09 17:29 - 2012-10-03 07:37 - 00000000 ____D () C:\ProgramData\ashampoo
2014-02-09 17:28 - 2014-02-09 17:28 - 00614792 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Vollversion Ashampoo Burning Studio 2014 - CHIP-Downloader.exe
2014-02-09 16:56 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-06 13:16 - 2014-02-11 21:32 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-11 21:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-11 21:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-11 21:32 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-11 21:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-11 21:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-11 21:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-11 21:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-11 21:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-11 21:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-11 21:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-11 21:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:48 - 2014-02-11 21:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector(101).exe
2014-02-06 11:38 - 2014-02-11 21:32 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-11 21:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-11 21:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-11 21:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-11 21:32 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-11 21:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-11 21:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-11 21:32 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-11 21:32 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-11 21:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-11 21:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-11 21:32 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-11 21:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-11 21:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-11 21:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-11 21:32 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-11 21:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-11 21:32 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-11 21:32 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-11 21:32 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-11 21:32 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-11 21:32 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-11 21:32 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-11 21:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-11 21:32 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-11 21:32 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-11 21:32 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 21:10 - 2013-08-24 11:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\.oit
2014-02-05 21:09 - 2013-08-24 11:29 - 00000000 ____D () C:\Program Files (x86)\Kroll Ontrack
2014-02-03 12:28 - 2013-12-02 14:39 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-02-03 12:28 - 2013-12-02 14:39 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-02-03 10:20 - 2013-04-26 07:17 - 00000000 ____D () C:\Users\User\Downloads\boerse-bz
2014-01-31 11:46 - 2012-06-05 15:58 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000UA.job
2014-01-31 11:46 - 2012-06-05 15:58 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000Core.job
2014-01-30 22:05 - 2014-01-30 22:05 - 00000000 ____D () C:\ProgramData\DriverGenius
2014-01-30 21:58 - 2012-06-05 15:58 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000UA
2014-01-30 21:58 - 2012-06-05 15:58 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000Core
2014-01-30 21:26 - 2014-01-30 21:15 - 00004096 _____ () C:\Users\Public\Documents\00001AEC.LCS
2014-01-30 21:26 - 2014-01-30 21:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\ProtectDisc
2014-01-30 21:24 - 2014-01-30 21:15 - 00003652 _____ () C:\Windows\System32\Tasks\TWIN 7 Live-Update
2014-01-30 21:24 - 2014-01-30 21:15 - 00003602 _____ () C:\Windows\System32\Tasks\TWIN 7 1-Klick-Optimierung
2014-01-30 21:11 - 2012-11-16 23:56 - 00000000 ____D () C:\Users\User\AppData\Local\Downloaded Installations
2014-01-30 21:11 - 2012-06-11 09:48 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-01-30 20:54 - 2012-06-05 15:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla
2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla
2014-01-29 18:05 - 2013-04-16 19:52 - 00001421 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-29 10:39 - 2014-01-29 10:33 - 00000000 ____D () C:\Windows\pss
2014-01-29 10:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-24 10:29 - 2012-12-13 11:37 - 00000000 ____D () C:\Users\User\Downloads\tattoo
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-19 09:52
==================== End Of Log ============================
|
|
24.02.2014, 16:32
| #6 |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus ,werbung und Browser schließt sich alleineESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Verdacht auf Virus ,werbung und Browser schließt sich alleine |
|
24.02.2014, 18:02
| #7 |
| | Verdacht auf Virus ,werbung und Browser schließt sich alleineCode:
ATTFilter SETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cd940cd1669bd548847e9915ed2051ad
# engine=17205
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-24 04:43:05
# local_time=2014-02-24 05:43:05 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=517 16777214 0 8 10611912 18666862 0 0
# compatibility_mode=5893 16776574 100 94 202538 144890035 0 0
# scanned=203407
# found=0
# cleaned=0
# scan_time=3221
Code:
ATTFilter Results of screen317's Security Check version 0.99.79
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Bitdefender Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 7 Update 5
Java version out of Date!
Adobe Flash Player 12.0.0.70 Flash Player out of Date!
Adobe Reader XI
Mozilla Firefox 17.0.9 Firefox out of Date!
Google Chrome 32.0.1700.102
Google Chrome 32.0.1700.76
````````Process Check: objlist.exe by Laurent````````
IObit IObit Malware Fighter IMFsrv.exe
IObit IObit Malware Fighter IMF.exe
Bitdefender Bitdefender vsserv.exe
Bitdefender Bitdefender updatesrv.exe
Bitdefender Bitdefender bdagent.exe
Bitdefender Bitdefender pmbxag.exe
Bitdefender Bitdefender antispam32 bdapppassmgr.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by User (administrator) on USER-PC on 24-02-2014 17:59:23
Running from C:\Users\User\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(FSPro Labs) C:\Program Files\My Lockbox\mylbx.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1737920 2014-02-09] (Bitdefender)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [IObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1566528 2014-01-15] (IObit)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-11] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-11] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-11] (Bitdefender)
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-11] (Bitdefender)
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-11] (Bitdefender)
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {1a6f5542-28f1-11e3-a6f9-bc0543032e9a} - E:\Startme.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {3ae506ce-e3bf-11e1-922d-bc0543032e9a} - K:\Startme.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {60ff99d2-1111-11e2-ab8f-bc0543032e9a} - E:\CTT-Startmenu.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {6a3e3576-1114-11e2-8858-bc0543032e9a} - E:\CTT-Startmenu.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {6a3e358d-1114-11e2-8858-bc0543032e9a} - L:\CTT-Startmenu.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {78ccc8e2-0934-11e2-ae81-bc0543032e9a} - E:\LGAutoRun.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {7c0f1419-93b3-11e2-94ce-bc0543032e9a} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {b222ac4a-af1b-11e1-b019-f80f41064d8e} - J:\pushinst.exe
HKU\S-1-5-21-3356507988-1370931183-2774963345-1000\...\MountPoints2: {f6975884-c52c-11e1-ae9e-bc0543032e9a} - L:\Set-up.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL =
SearchScopes: HKCU - {192A4B13-BE42-47B1-81A0-1FE74F251B8B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: 127.0.0.1 secure.tune-up.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A8A31078-1F2A-4BB8-AAE2-8AE9F38E4D73}: [NameServer]192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 1
FF Homepage: hxxp://de.search.yahoo.com/?type=800236&fr=spigot-yhp-ff
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\User\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\yahoo_ff.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013-12-02]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013-12-02]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\32.0.1700.102\gcswf32.dll No File
CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (ProxTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-01-20]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-05]
CHR Extension: (Bitdefender Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2013-12-02]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-01-25]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-05]
CHR Extension: (Blossom) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idjmedbobeakbopimfiicbonioiahhnd [2013-01-09]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-05]
CHR HKCU\...\Chrome\Extension: [ofahndfepeaeelmhdkjiihmofnokhmik] - C:\Users\User\AppData\Local\CRE\ofahndfepeaeelmhdkjiihmofnokhmik.crx [2012-06-05]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-02-11]
CHR HKLM-x32\...\Chrome\Extension: [ofahndfepeaeelmhdkjiihmofnokhmik] - C:\Users\User\AppData\Local\CRE\ofahndfepeaeelmhdkjiihmofnokhmik.crx [2014-02-11]
CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2014-01-03] (IObit)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe [68760 2008-12-27] (SiSoftware)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2014-02-09] (Bitdefender)
==================== Drivers (Whitelisted) ====================
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2012-11-02] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-03] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-03] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R0 CryptBox; C:\Windows\SysWow64\drivers\CryptBox.sys [221200 2013-08-14] (Abelssoft GmbH)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows (R) Win 7 DDK provider)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-22] (AVM GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-11-02] ()
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-24 17:59 - 2014-02-24 17:59 - 00000000 ____D () C:\Users\User\Downloads\PC
2014-02-24 17:59 - 2014-02-24 17:59 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-02-24 17:52 - 2014-02-24 17:52 - 00987425 _____ () C:\Users\User\Downloads\SecurityCheck.exe
2014-02-24 16:44 - 2014-02-24 16:45 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
2014-02-23 13:15 - 2014-02-24 17:59 - 02155520 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-02-23 13:06 - 2014-02-23 13:06 - 00040707 _____ () C:\Users\User\Desktop\JRT.txt
2014-02-23 12:38 - 2014-02-23 12:38 - 01037734 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-02-23 12:38 - 2014-02-23 12:38 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 12:30 - 2014-02-23 12:32 - 00000000 ____D () C:\AdwCleaner
2014-02-23 12:26 - 2014-02-24 09:29 - 00000168 _____ () C:\Windows\setupact.log
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-23 12:25 - 2014-02-23 12:26 - 00005900 _____ () C:\Windows\PFRO.log
2014-02-22 15:01 - 2013-11-05 14:38 - 01122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-02-22 15:01 - 2013-11-05 14:38 - 00274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-02-22 15:01 - 2012-12-10 11:04 - 00356352 _____ (eSellerate Inc.) C:\Windows\eSellerateEngine.dll
2014-02-22 15:01 - 2012-12-10 11:04 - 00081920 _____ (eSellerate Inc.) C:\Windows\eSellerateControl350.dll
2014-02-22 14:27 - 2014-02-22 14:28 - 00000000 ____D () C:\ProgramData\IObit
2014-02-22 14:27 - 2014-02-22 14:27 - 00001177 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-02-22 14:27 - 2014-02-22 14:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\IObit
2014-02-22 14:27 - 2014-02-22 14:27 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-22 14:26 - 2014-02-22 14:26 - 26996352 _____ (IObit ) C:\Users\User\Downloads\imf-setup_2.3.0.10.exe
2014-02-22 13:48 - 2014-02-22 13:48 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2014-02-22 13:47 - 2014-02-22 13:47 - 00614816 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Skype - CHIP-Downloader.exe
2014-02-22 11:39 - 2014-02-22 11:40 - 02243616 _____ (Megaify Software ) C:\Users\User\Downloads\driver_setup (1).exe
2014-02-22 11:39 - 2014-02-22 11:39 - 94880463 _____ (Igor Pavlov) C:\Users\User\Downloads\realtek_high_definition_audio_6.01.7026.exe
2014-02-22 11:38 - 2014-02-22 11:38 - 02243616 _____ (Megaify Software ) C:\Users\User\Downloads\driver_setup.exe
2014-02-22 11:18 - 2014-02-22 11:30 - 3192264704 _____ () C:\Users\User\Downloads\X15-65741.iso
2014-02-22 11:12 - 2014-02-22 11:12 - 00000000 ____D () C:\Users\User\Documents\Ashampoo Burning Studio 2014
2014-02-21 20:35 - 2014-02-24 17:59 - 00017040 _____ () C:\Users\User\Downloads\FRST.txt
2014-02-21 20:35 - 2014-02-21 20:35 - 00030565 _____ () C:\Users\User\Downloads\Addition.txt
2014-02-21 20:34 - 2014-02-24 17:59 - 00000000 ____D () C:\FRST
2014-02-21 18:41 - 2014-02-22 09:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-18 18:18 - 2014-02-22 09:36 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2014-02-18 18:18 - 2014-02-22 09:27 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-18 18:18 - 2014-02-18 18:18 - 00001024 _____ () C:\.rnd
2014-02-18 18:18 - 2014-02-18 18:18 - 00000000 ____D () C:\Users\User\AppData\Local\LogMeIn
2014-02-18 18:17 - 2014-02-18 18:17 - 25010176 _____ () C:\Users\User\Downloads\LogMeIn.msi
2014-02-18 17:48 - 2014-02-18 17:48 - 00003276 _____ () C:\Windows\System32\Tasks\{EFEF7E74-023B-4682-9D01-E24FB5029237}
2014-02-18 17:41 - 2014-02-22 10:26 - 00000000 ____D () C:\Program Files (x86)\Hobbyist Software
2014-02-18 17:41 - 2014-02-18 17:41 - 01324328 _____ ( ) C:\Users\User\Downloads\VLCSetup_5.47.exe
2014-02-18 16:57 - 2014-02-18 17:13 - 48321178 _____ () C:\Users\User\Downloads\10nelathtec3d.rar
2014-02-15 13:15 - 2014-02-22 21:22 - 00000373 _____ () C:\Users\User\cryptboxdrives.xml
2014-02-15 13:14 - 2014-02-22 10:27 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft
2014-02-15 13:14 - 2014-02-22 10:27 - 00000000 ____D () C:\Program Files (x86)\CryptBox
2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\Documents\My Safes
2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Abelssoft
2014-02-15 13:14 - 2013-08-14 14:47 - 00221200 _____ (Abelssoft GmbH) C:\Windows\SysWOW64\Drivers\CryptBox.sys
2014-02-15 13:13 - 2014-02-15 13:13 - 31581840 _____ (Abelssoft ) C:\Users\User\Downloads\cryptbox310.exe
2014-02-15 11:48 - 2014-02-15 11:48 - 01650072 _____ () C:\Users\User\Downloads\BusyBox Pro 11.zip
2014-02-14 18:52 - 2014-02-22 10:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\System Speedup
2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\Users\User\AppData\Local\bdch
2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\ProgramData\bdch
2014-02-13 17:05 - 2014-01-23 04:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-02-13 17:05 - 2014-01-23 04:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-02-13 11:04 - 2014-02-13 11:04 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-02-13 11:03 - 2014-02-13 11:04 - 00000000 ____D () C:\Users\User\Documents\3DMark
2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\IsolatedStorage
2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\Futuremark
2014-02-13 11:01 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-02-13 11:01 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-02-13 11:01 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-02-13 11:01 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-02-13 11:01 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-02-13 11:00 - 2014-02-13 11:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-13 10:56 - 2014-02-13 10:59 - 1007522262 _____ () C:\Users\User\Downloads\3DMark-v1-2-250.zip
2014-02-12 13:33 - 2014-02-12 13:33 - 00003130 _____ () C:\Windows\System32\Tasks\{E1C1AB26-9304-455B-BDDD-44085F3E6938}
2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\UpdatusUser\Desktop\LGMobile Support Tool.lnk
2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\Gast\Desktop\LGMobile Support Tool.lnk
2014-02-12 13:20 - 2014-02-22 10:27 - 00000000 ____D () C:\ProgramData\LGMOBILEAX
2014-02-12 13:20 - 2014-02-12 13:33 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2014-02-12 13:20 - 2011-05-06 19:37 - 00655872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll
2014-02-12 13:20 - 2011-05-06 19:37 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll
2014-02-12 13:20 - 2011-05-06 19:37 - 00224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcm90.dll
2014-02-12 13:20 - 2006-04-30 14:33 - 00053248 _____ () C:\Windows\SysWOW64\CommonDL.dll
2014-02-12 13:20 - 2005-09-30 07:39 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2014-02-12 10:01 - 2014-02-12 10:01 - 00995769 _____ () C:\Users\User\Downloads\Odin_3.07.zip
2014-02-11 21:32 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-11 21:32 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-11 21:32 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-11 21:32 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-11 21:32 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-11 21:32 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-11 21:32 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-11 21:32 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-11 21:32 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-11 21:32 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-11 21:32 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-11 21:32 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-11 21:32 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector(101).exe
2014-02-11 21:32 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-11 21:32 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-11 21:32 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-11 21:32 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-11 21:32 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-11 21:32 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-11 21:32 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-11 21:32 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-11 21:32 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-11 21:32 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-11 21:32 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-11 21:32 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-11 21:32 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-11 21:32 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-11 21:32 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-11 21:32 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-11 21:32 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-11 21:32 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-11 21:32 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-11 21:32 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-11 21:32 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-11 21:32 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-11 21:32 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-11 21:32 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-11 21:32 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-11 21:32 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-11 21:32 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-11 21:29 - 2014-02-11 21:31 - 00000000 ____D () C:\e46c74c125fa678d89a3a83d66
2014-02-11 21:28 - 2014-02-11 21:29 - 00000000 ____D () C:\6f32705bea4e48a3a39f3dfcee25969c
2014-02-11 21:28 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-11 21:28 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-11 21:27 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-11 21:27 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-11 21:27 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-11 21:27 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 21:26 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-11 21:26 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-11 21:26 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-11 21:26 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-11 21:24 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-11 21:24 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-11 21:23 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-11 21:23 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-11 21:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-11 21:23 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-11 21:23 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-11 21:23 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-11 21:23 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-11 21:23 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-11 21:23 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-11 21:23 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-11 21:23 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-11 21:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-11 21:23 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-11 21:23 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-11 21:23 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-11 21:23 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-11 21:23 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-11 21:23 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\Documents\Aiseesoft Studio
2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\AppData\Local\Aiseesoft Studio
2014-02-09 17:29 - 2014-02-09 17:29 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-02-09 17:28 - 2014-02-09 17:28 - 00614792 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Vollversion Ashampoo Burning Studio 2014 - CHIP-Downloader.exe
2014-01-30 22:05 - 2014-01-30 22:05 - 00000000 ____D () C:\ProgramData\DriverGenius
2014-01-30 21:15 - 2014-01-30 21:26 - 00004096 _____ () C:\Users\Public\Documents\00001AEC.LCS
2014-01-30 21:15 - 2014-01-30 21:24 - 00003652 _____ () C:\Windows\System32\Tasks\TWIN 7 Live-Update
2014-01-30 21:15 - 2014-01-30 21:24 - 00003602 _____ () C:\Windows\System32\Tasks\TWIN 7 1-Klick-Optimierung
2014-01-30 21:14 - 2014-01-30 21:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\ProtectDisc
2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla
2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla
2014-01-29 10:33 - 2014-01-29 10:39 - 00000000 ____D () C:\Windows\pss
==================== One Month Modified Files and Folders =======
2014-02-24 17:59 - 2014-02-24 17:59 - 00000000 ____D () C:\Users\User\Downloads\PC
2014-02-24 17:59 - 2014-02-24 17:59 - 00000000 ____D () C:\Users\User\Downloads\FRST-OlderVersion
2014-02-24 17:59 - 2014-02-23 13:15 - 02155520 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-02-24 17:59 - 2014-02-21 20:35 - 00017040 _____ () C:\Users\User\Downloads\FRST.txt
2014-02-24 17:59 - 2014-02-21 20:34 - 00000000 ____D () C:\FRST
2014-02-24 17:52 - 2014-02-24 17:52 - 00987425 _____ () C:\Users\User\Downloads\SecurityCheck.exe
2014-02-24 17:36 - 2012-06-14 09:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 16:45 - 2014-02-24 16:44 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_enu.exe
2014-02-24 12:29 - 2012-06-05 12:00 - 01961756 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 10:36 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-02-24 10:36 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-02-24 10:36 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-24 09:38 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 09:38 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 09:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 09:29 - 2014-02-23 12:26 - 00000168 _____ () C:\Windows\setupact.log
2014-02-23 21:15 - 2012-06-09 09:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-02-23 14:38 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-23 13:06 - 2014-02-23 13:06 - 00040707 _____ () C:\Users\User\Desktop\JRT.txt
2014-02-23 12:38 - 2014-02-23 12:38 - 01037734 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-02-23 12:38 - 2014-02-23 12:38 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 12:32 - 2014-02-23 12:30 - 00000000 ____D () C:\AdwCleaner
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-23 12:26 - 2014-02-23 12:25 - 00005900 _____ () C:\Windows\PFRO.log
2014-02-22 21:22 - 2014-02-15 13:15 - 00000373 _____ () C:\Users\User\cryptboxdrives.xml
2014-02-22 19:59 - 2012-07-02 15:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\dvdcss
2014-02-22 19:39 - 2013-10-06 21:17 - 00000000 ____D () C:\Users\User\Desktop\Neuer Ordner
2014-02-22 19:38 - 2013-10-23 13:00 - 00000000 ____D () C:\Users\User\AppData\Local\DVD Profiler
2014-02-22 18:58 - 2012-06-05 16:16 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-02-22 17:22 - 2013-09-14 21:56 - 00000000 ____D () C:\Windows\Minidump
2014-02-22 17:22 - 2013-08-26 09:15 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-02-22 17:22 - 2012-07-23 22:35 - 00000000 ____D () C:\ProgramData\install_clap
2014-02-22 17:22 - 2012-06-05 12:57 - 00000000 ____D () C:\Windows\Panther
2014-02-22 17:11 - 2012-06-05 14:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-22 17:04 - 2013-02-14 11:51 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-02-22 14:28 - 2014-02-22 14:27 - 00000000 ____D () C:\ProgramData\IObit
2014-02-22 14:27 - 2014-02-22 14:27 - 00001177 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-02-22 14:27 - 2014-02-22 14:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\IObit
2014-02-22 14:27 - 2014-02-22 14:27 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-22 14:26 - 2014-02-22 14:26 - 26996352 _____ (IObit ) C:\Users\User\Downloads\imf-setup_2.3.0.10.exe
2014-02-22 14:13 - 2013-02-26 10:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-02-22 14:13 - 2013-02-26 10:34 - 00000000 ____D () C:\ProgramData\Skype
2014-02-22 14:12 - 2013-11-06 09:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 14:00 - 2012-12-12 11:54 - 00000000 ____D () C:\Users\User\Documents\Neuer Ordner
2014-02-22 13:48 - 2014-02-22 13:48 - 00000000 ____D () C:\Users\User\AppData\Local\Skype
2014-02-22 13:47 - 2014-02-22 13:47 - 00614816 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Skype - CHIP-Downloader.exe
2014-02-22 11:40 - 2014-02-22 11:39 - 02243616 _____ (Megaify Software ) C:\Users\User\Downloads\driver_setup (1).exe
2014-02-22 11:39 - 2014-02-22 11:39 - 94880463 _____ (Igor Pavlov) C:\Users\User\Downloads\realtek_high_definition_audio_6.01.7026.exe
2014-02-22 11:38 - 2014-02-22 11:38 - 02243616 _____ (Megaify Software ) C:\Users\User\Downloads\driver_setup.exe
2014-02-22 11:36 - 2012-06-14 09:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 11:36 - 2012-06-14 09:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-22 11:36 - 2012-06-14 09:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-22 11:30 - 2014-02-22 11:18 - 3192264704 _____ () C:\Users\User\Downloads\X15-65741.iso
2014-02-22 11:12 - 2014-02-22 11:12 - 00000000 ____D () C:\Users\User\Documents\Ashampoo Burning Studio 2014
2014-02-22 10:27 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft
2014-02-22 10:27 - 2014-02-15 13:14 - 00000000 ____D () C:\Program Files (x86)\CryptBox
2014-02-22 10:27 - 2014-02-14 18:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\System Speedup
2014-02-22 10:27 - 2014-02-12 13:20 - 00000000 ____D () C:\ProgramData\LGMOBILEAX
2014-02-22 10:27 - 2013-11-06 10:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2014-02-22 10:27 - 2013-11-06 09:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-22 10:27 - 2013-11-06 09:52 - 00000000 ____D () C:\Program Files (x86)\JAP
2014-02-22 10:27 - 2013-10-23 12:56 - 00000000 ____D () C:\Program Files (x86)\DVD Profiler
2014-02-22 10:27 - 2013-08-23 08:27 - 00000000 ____D () C:\Program Files\My Lockbox
2014-02-22 10:27 - 2013-04-29 21:26 - 00000000 ____D () C:\Users\User\Desktop\software
2014-02-22 10:27 - 2013-04-16 19:52 - 00000000 ____D () C:\Users\Gast
2014-02-22 10:27 - 2013-01-14 01:58 - 00000000 ____D () C:\Program Files (x86)\Sleeper
2014-02-22 10:27 - 2012-12-12 09:36 - 00000000 ____D () C:\Program Files\Eraser
2014-02-22 10:27 - 2012-07-27 12:02 - 00000000 ____D () C:\Program Files (x86)\RocketDock
2014-02-22 10:27 - 2012-06-23 22:36 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-22 10:27 - 2012-06-06 10:17 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-02-22 10:27 - 2012-06-05 15:49 - 00000000 ____D () C:\Program Files (x86)\avmwlanstick
2014-02-22 10:27 - 2012-06-05 14:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-22 10:27 - 2012-06-05 13:39 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-22 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-02-22 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-02-22 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-02-22 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-22 10:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-02-22 10:27 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-22 10:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-02-22 10:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-22 10:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-22 10:26 - 2014-02-18 17:41 - 00000000 ____D () C:\Program Files (x86)\Hobbyist Software
2014-02-22 10:26 - 2013-11-06 09:58 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-02-22 10:26 - 2012-07-07 07:25 - 00000000 ___RD () C:\Users\User\Dropbox
2014-02-22 10:26 - 2012-07-07 07:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-02-22 09:36 - 2014-02-21 18:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 09:36 - 2014-02-18 18:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn
2014-02-22 09:27 - 2014-02-18 18:18 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-21 20:35 - 2014-02-21 20:35 - 00030565 _____ () C:\Users\User\Downloads\Addition.txt
2014-02-18 18:18 - 2014-02-18 18:18 - 00001024 _____ () C:\.rnd
2014-02-18 18:18 - 2014-02-18 18:18 - 00000000 ____D () C:\Users\User\AppData\Local\LogMeIn
2014-02-18 18:17 - 2014-02-18 18:17 - 25010176 _____ () C:\Users\User\Downloads\LogMeIn.msi
2014-02-18 17:48 - 2014-02-18 17:48 - 00003276 _____ () C:\Windows\System32\Tasks\{EFEF7E74-023B-4682-9D01-E24FB5029237}
2014-02-18 17:41 - 2014-02-18 17:41 - 01324328 _____ ( ) C:\Users\User\Downloads\VLCSetup_5.47.exe
2014-02-18 17:13 - 2014-02-18 16:57 - 48321178 _____ () C:\Users\User\Downloads\10nelathtec3d.rar
2014-02-18 16:48 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-18 10:41 - 2013-02-19 13:14 - 00000000 ____D () C:\Users\User\Downloads\handy
2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\Documents\My Safes
2014-02-15 13:14 - 2014-02-15 13:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Abelssoft
2014-02-15 13:13 - 2014-02-15 13:13 - 31581840 _____ (Abelssoft ) C:\Users\User\Downloads\cryptbox310.exe
2014-02-15 11:48 - 2014-02-15 11:48 - 01650072 _____ () C:\Users\User\Downloads\BusyBox Pro 11.zip
2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\Users\User\AppData\Local\bdch
2014-02-14 16:58 - 2014-02-14 16:58 - 00000000 ____D () C:\ProgramData\bdch
2014-02-13 11:30 - 2014-02-13 11:00 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-13 11:04 - 2014-02-13 11:04 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-02-13 11:04 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\Documents\3DMark
2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\IsolatedStorage
2014-02-13 11:03 - 2014-02-13 11:03 - 00000000 ____D () C:\Users\User\AppData\Local\Futuremark
2014-02-13 10:59 - 2014-02-13 10:56 - 1007522262 _____ () C:\Users\User\Downloads\3DMark-v1-2-250.zip
2014-02-12 17:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 13:33 - 2014-02-12 13:33 - 00003130 _____ () C:\Windows\System32\Tasks\{E1C1AB26-9304-455B-BDDD-44085F3E6938}
2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\UpdatusUser\Desktop\LGMobile Support Tool.lnk
2014-02-12 13:33 - 2014-02-12 13:33 - 00000831 _____ () C:\Users\Gast\Desktop\LGMobile Support Tool.lnk
2014-02-12 13:33 - 2014-02-12 13:20 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2014-02-12 10:01 - 2014-02-12 10:01 - 00995769 _____ () C:\Users\User\Downloads\Odin_3.07.zip
2014-02-11 21:32 - 2013-07-10 17:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-11 21:31 - 2014-02-11 21:29 - 00000000 ____D () C:\e46c74c125fa678d89a3a83d66
2014-02-11 21:31 - 2012-07-04 05:39 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-11 21:29 - 2014-02-11 21:28 - 00000000 ____D () C:\6f32705bea4e48a3a39f3dfcee25969c
2014-02-11 21:29 - 2012-06-05 16:19 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\Documents\Aiseesoft Studio
2014-02-10 10:29 - 2014-02-10 10:29 - 00000000 ____D () C:\Users\User\AppData\Local\Aiseesoft Studio
2014-02-09 17:30 - 2012-10-03 07:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Ashampoo
2014-02-09 17:29 - 2014-02-09 17:29 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-02-09 17:29 - 2012-10-03 07:37 - 00000000 ____D () C:\ProgramData\ashampoo
2014-02-09 17:28 - 2014-02-09 17:28 - 00614792 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Vollversion Ashampoo Burning Studio 2014 - CHIP-Downloader.exe
2014-02-09 16:56 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-06 13:16 - 2014-02-11 21:32 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-11 21:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-11 21:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-11 21:32 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-11 21:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-11 21:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-11 21:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-11 21:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-11 21:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-11 21:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-11 21:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-11 21:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:48 - 2014-02-11 21:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector(101).exe
2014-02-06 11:38 - 2014-02-11 21:32 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-11 21:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-11 21:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-11 21:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-11 21:32 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-11 21:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-11 21:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-11 21:32 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-11 21:32 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-11 21:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-11 21:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-11 21:32 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-11 21:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-11 21:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-11 21:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-11 21:32 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-11 21:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-11 21:32 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-11 21:32 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-11 21:32 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-11 21:32 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-11 21:32 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-11 21:32 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-11 21:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-11 21:32 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-11 21:32 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-11 21:32 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 21:10 - 2013-08-24 11:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\.oit
2014-02-05 21:09 - 2013-08-24 11:29 - 00000000 ____D () C:\Program Files (x86)\Kroll Ontrack
2014-02-03 12:28 - 2013-12-02 14:39 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-02-03 12:28 - 2013-12-02 14:39 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-02-03 10:20 - 2013-04-26 07:17 - 00000000 ____D () C:\Users\User\Downloads\boerse-bz
2014-01-31 11:46 - 2012-06-05 15:58 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000UA.job
2014-01-31 11:46 - 2012-06-05 15:58 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000Core.job
2014-01-30 22:05 - 2014-01-30 22:05 - 00000000 ____D () C:\ProgramData\DriverGenius
2014-01-30 21:58 - 2012-06-05 15:58 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000UA
2014-01-30 21:58 - 2012-06-05 15:58 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3356507988-1370931183-2774963345-1000Core
2014-01-30 21:26 - 2014-01-30 21:15 - 00004096 _____ () C:\Users\Public\Documents\00001AEC.LCS
2014-01-30 21:26 - 2014-01-30 21:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\ProtectDisc
2014-01-30 21:24 - 2014-01-30 21:15 - 00003652 _____ () C:\Windows\System32\Tasks\TWIN 7 Live-Update
2014-01-30 21:24 - 2014-01-30 21:15 - 00003602 _____ () C:\Windows\System32\Tasks\TWIN 7 1-Klick-Optimierung
2014-01-30 21:11 - 2012-11-16 23:56 - 00000000 ____D () C:\Users\User\AppData\Local\Downloaded Installations
2014-01-30 21:11 - 2012-06-11 09:48 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-01-30 20:54 - 2012-06-05 15:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla
2014-01-29 18:19 - 2014-01-29 18:19 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla
2014-01-29 18:05 - 2013-04-16 19:52 - 00001421 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-29 10:39 - 2014-01-29 10:33 - 00000000 ____D () C:\Windows\pss
2014-01-29 10:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-23 16:23
==================== End Of Log ============================
--- --- --- --- --- --- außer das der Browser sich schliest und öffnet merke ich nix |
|
25.02.2014, 17:17
| #8 | |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus ,werbung und Browser schließt sich alleine Java updaten. Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.02.2014, 17:20
| #9 |
| | Verdacht auf Virus ,werbung und Browser schließt sich alleine Google Chrome naja er schliest sich von alleine ein paar mal am tag,und öffnet sich von alleine |
|
26.02.2014, 14:22
| #10 |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus ,werbung und Browser schließt sich alleine Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, Reste entfernen lassen, neu installieren. Immer noch?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.02.2014, 16:54
| #11 |
| | Verdacht auf Virus ,werbung und Browser schließt sich alleine Hmm mein Pc ist jetzt 2 mal komplett abgestürzt und zeigt mir ein blaues bild wo dann irgendwas mit driver steht und pc damages geht leider zu schnell um es komplett zu lesen |
|
01.03.2014, 12:16
| #12 |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus ,werbung und Browser schließt sich alleine seit wann? Was ist mit Chrome?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.03.2014, 10:15
| #13 |
| | Verdacht auf Virus ,werbung und Browser schließt sich alleine Das ist jetzt in 1woche 2 mal passiert,vorher aber noch nie Chrome habe ich deinstalliert und wieder neu geladen stürzt aber auch noch ab |
|
04.03.2014, 09:32
| #14 |
| /// the machine /// TB-Ausbilder | Verdacht auf Virus ,werbung und Browser schließt sich alleine Schau mal ob du in C:\Windows\Minidump ein aktuelles Dumpfile findest.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.03.2014, 09:36
| #15 |
| | Verdacht auf Virus ,werbung und Browser schließt sich alleine der Ordner ist leer |
|
Linear-Darstellung
