Hallo,
ich habe ein großes Problem und ich hoffe mir kann jemand helfen. Ich glaube ich habe den Oxy-Virus auf meinem PC. Malewarebytes hat bereits einige schädliche Objekte gefunden und in Quarantäne verschoben aber ich glaube der Virus ist immer noch auf meinem PC. Außerdem kann ich die Programme Oxy und PileFile reminder nicht deinstallieren
Ich benutze Windows 7.
Danke für Hilfe schon im Vorraus.

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Paula-chan (administrator) on PAULA-CHAN-PC on 31-03-2014 21:03:10
Running from C:\Users\Paula-chan\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(APN LLC.) C:\Users\Paula-chan\AppData\Local\VNT\vntldr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [PLFSetL] - C:\Windows\\PLFSetL.exe
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [Guard.Mail.ru.gui] - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-02-05] ()
HKLM-x32\...\Run: [GDFirewallTray] - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-12-11] ()
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1801168 2014-03-19] (APN)
HKLM-x32\...\Run: [VNT] - C:\Program Files (x86)\VNT\vntldr.exe [196048 2014-03-19] (APN LLC.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1307518205-1141766383-1528977106-1000\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-1307518205-1141766383-1528977106-1000\...\Run: [Google+ Auto Backup] - "C:\Users\Paula-chan\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
HKU\S-1-5-21-1307518205-1141766383-1528977106-1000\...\Run: [GoogleChromeAutoLaunch_3B05FA9084BEB65019B27C284C96A728] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976 2014-03-15] (Google Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
Startup: C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396271007&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396271007&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396271007&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396271007&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=tb50-ie-opencandyDE-chromesbox-de-de
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch&babsrc=SP_ss&mntrId=020aa8b50000000000009439e5815d34
SearchScopes: HKCU - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=tb50-ie-opencandyDE-chromesbox-de-de
SearchScopes: HKCU - {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} URL = hxxp://eu.ask.com/web?l=dis&o=APN10020&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A4G &apn_uid=1957818974124355&p2=^A4G ^YYYYYY^YY^DE&q={searchTerms}
SearchScopes: HKCU - {DD0BCCE8-BE1E-4C35-A094-E580C08FC880} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=FE43DE64-0B63-4D8B-B009-91905ABDDCA7&apn_sauid=C38EB28F-B2ED-481E-9B3A-2058ECBB0847
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll No File
BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll No File
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default
FF user.js: detected! => C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\user.js
FF NewTab: hxxp://mystart.incredibar.com/mb178?a=6OyMZv7uR0&loc=FF_NT
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://mystart.incredibar.com/mb178?a=6OyMZv7uR0&i=26
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\searchplugins\askcom.xml
FF Extension: incredibar.com - C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\Extensions\ffxtlbr@incredibar.com [2012-09-03]
FF Extension: Ask Toolbar - C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\Extensions\toolbar@ask.com [2012-04-09]
FF Extension: DVDVideoSoftTB  - C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2012-12-28]
FF Extension: uTorrentBar_DE Community Toolbar - C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\Extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [2012-04-30]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-09-03]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-09-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] - C:\Program Files (x86)\PriceGong\2.6.2\FF

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Ask Toolbar) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajepeddfdaihpmdgnickofffkdlpb [2014-03-31]
CHR Extension: (Theme Creator) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2014-03-31]
CHR Extension: (Google Docs) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-31]
CHR Extension: (YouTube) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-31]
CHR Extension: (Google-Suche) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-31]
CHR Extension: (AdBlock) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-31]
CHR Extension: (New tab for Chrome™) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2014-03-31]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2014-03-31]
CHR Extension: (Little Alchemy) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-03-31]
CHR Extension: (Google Wallet) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-03-31]
CHR Extension: (Google Mail) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-31]
CHR Extension: (DVDVideoSoftTB) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo [2014-03-31]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-03]
CHR HKCU\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\Paula-chan\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [2012-09-03]
CHR HKCU\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Paula-chan\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-09-03]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-09-03]
CHR HKCU\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Users\Paula-chan\AppData\Local\CRE\plmlpkfpkijnlijgalnjaacllnjmoamo.crx [2012-12-01]
CHR HKLM-x32\...\Chrome\Extension: [aaaajepeddfdaihpmdgnickofffkdlpb] - C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7\CRX\ToolbarCR.crx [2014-03-27]
CHR HKLM-x32\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\Paula-chan\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [2014-03-27]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-03]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-09-03]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Paula-chan\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2012-09-03]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2012-12-24]
CHR HKLM-x32\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Users\Paula-chan\AppData\Local\CRE\plmlpkfpkijnlijgalnjaacllnjmoamo.crx [2012-12-01]

==================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-03-19] (APN LLC.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2562208 2013-10-15] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2942808 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-02-05] ()
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
S2 MOBKbackup; "C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2014-03-18] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2014-03-18] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2014-03-18] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2014-03-18] (G Data Software AG)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2014-03-18] (G Data Software AG)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-31] (Malwarebytes Corporation)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]

==================== NetSvcs (Whitelisted) ===================
         

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Paula-chan at 2014-03-31 21:02:08
Running from C:\Users\Paula-chan\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data InternetSecurity 2014 (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity 2014 (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Activision(R) (x32 Version: 1.00.0000 - Activision) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.600 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{EA4954FD-C685-1C7D-16F3-9BC2FD5E6BD3}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
AOL DE Toolbar (HKCU\...\AOL DE Toolbar) (Version:  - )
ArtRage Studio Pro (HKLM-x32\...\{E7C5374B-E41F-4634-9A64-7B9FF29089E9}) (Version: 3.0.7 - Ambient Design)
Ask Toolbar (HKLM-x32\...\{4646332D-5637-006A-76A7-A758B70C0A06}) (Version: 12.10.6.4917 - APN, LLC) <==== ATTENTION
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.14.1.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ATTENTION
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Explore (HKLM-x32\...\Bamboo Explore) (Version: 1.2010.1105.1650 - Wacom Europe GmbH)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.1013.754.12275 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1013.754.12275 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1013.754.12275 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.1013.754.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1013.754.12275 - Advanced Micro Devices, Inc.) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - ) <==== ATTENTION
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Elements 9 Organizer (x32 Version: 9.0 - Ihr Firmenname) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
ETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogaléria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
G Data InternetSecurity 2014 (HKLM-x32\...\{7765322A-8601-47D3-AC60-B66677450D7B}) (Version: 24.0.3.4 - G Data Software AG)
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotogràfica (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Guard.ICQ (HKLM-x32\...\Guard.Mail.ru) (Version:  - Mail.ru) <==== ATTENTION
ICQ Sparberater (HKLM-x32\...\{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD}) (Version: 1.3.671 - solute gmbh)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
LIMBO (HKLM-x32\...\LIMBO) (Version:  - )
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Madagascar (HKLM-x32\...\InstallShield_{0FB261F3-6F16-43FD-A404-F377C169B937}) (Version: 1.00.0000 - Activision)
Madagascar (TM) (x32 Version: 1.00.0000 - Activision) Hidden
Madagascar 2(TM) (HKLM-x32\...\InstallShield_{F8C02517-4AC3-4026-8292-ACF23E98A7D7}) (Version: 1.00.0000 - Activision)
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Manga Studio Debut 4.0 (HKLM-x32\...\Manga Studio Debut 4.0) (Version:  - )
McAfee Online Backup (Version: 1.16.4.0 - McAfee, Inc.) Hidden
McAfee Online Backup (x32 Version:  - McAfee, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Studio Platinum 12.0 (HKLM-x32\...\{DC759721-1CD2-11E2-AB1C-F04DA23A5C58}) (Version: 12.0.575 - Sony)
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{154C7340-7C70-11E3-A15F-F04DA23A5C58}) (Version: 13.0.879 - Sony)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Oxy (HKCU\...\{9AAF2503-6CD5-414A-B5BA-37639B76C91F}) (Version:  - LADY'S WOOD 2013 LIMITED)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PileFile reminder (HKCU\...\{56837588-F559-40CF-91D9-D439D405FB28}) (Version:  - LADY'S WOOD 2013 LIMITED)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.4 r1678 - )
RE: Alistair++ 1 (HKLM-x32\...\RE: Alistair++) (Version: 1 - sakevisual)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.6.5.5 - Reimage)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPGツクール2000 ランタイムパッケージ (HKLM-x32\...\{33F7A957-A66D-45A1-BADF-6576083B14E2}) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.12.9.24 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.115 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.115 - Sony)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Valokuvavalikoima (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
Web Assistant 2.0.0.604 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.604 - IncrediBar) <==== ATTENTION
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yume Nikki 0.10 English v3 (HKCU\...\Yume Nikki 0.10 English v3) (Version:  - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3508.0205 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

28-02-2014 15:38:23 Windows Update
07-03-2014 21:13:30 Windows Update
11-03-2014 15:42:23 Windows Update
15-03-2014 13:47:39 Windows Update
18-03-2014 21:46:41 Windows Update
23-03-2014 13:48:00 Installed GTA2
25-03-2014 08:40:28 Windows Update
27-03-2014 20:26:31 Removed Movie Studio Platinum 13.0 (64-bit)
28-03-2014 15:27:22 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05702E51-CEE3-4CD5-A274-0AD9DE2B987D} - System32\Tasks\AdobeAAMUpdater-1.0-Paula-chan-PC-Paula-chan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {212763EE-95DF-40D8-86CF-643071D649DE} - System32\Tasks\{C8E74612-CA1A-4743-BF08-47BCED463146} => C:\Users\Paula-chan\Desktop\Keygen by TheSoulboy12\Keygen by thesoulboy12\Keygen.exe
Task: {23E74613-2D58-4CB6-8177-6CDD5EAAF562} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1307518205-1141766383-1528977106-1000
Task: {5380924A-D158-4140-B24A-20F1DDC1D25A} - System32\Tasks\{FB772E16-6194-48F6-8C13-C02D2712B5B4} => C:\Users\Paula-chan\Desktop\Keygen by TheSoulboy12\Keygen by thesoulboy12\Keygen.exe
Task: {5A6D64D4-1419-4E8E-AB24-F01AB815E432} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09] (Google Inc.)
Task: {6B8D3FFA-1BA0-49C8-9C92-E445B414B218} - System32\Tasks\PileFile logon => C:\Users\PAULA-~1\AppData\Local\Temp\Goat Simulator InstallerDownload_4AB6\Goat_Simulator_Installer_Downloader.exe [2014-03-31] () <==== ATTENTION
Task: {7F9C2F47-78DB-4847-8642-7B57AF208834} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {9F067AEB-E4A4-4646-909A-9C80AE6E8980} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {A315615E-8157-46FA-98D4-2B8E15DB4094} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-01-03] () <==== ATTENTION
Task: {B59A8E32-8CDA-495E-8908-28CC594430C6} - System32\Tasks\Oxy => C:\Users\Paula-chan\AppData\Roaming\Oxy\Updater.exe [2014-03-31] () <==== ATTENTION
Task: {BEF45BAF-D4C0-450B-AF37-D7CC9006AC11} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {C6B564D2-90C6-4A4D-9B24-AAFD07B2234D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09] (Google Inc.)
Task: {C70C6581-772E-442C-AB0A-92FDDA52F5C2} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {E47BB288-775E-4D62-9C79-DF92D4B3DB37} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {ED7E3F1B-0E16-4CFC-A362-FE930D249661} - System32\Tasks\PileFile reminder => C:\Users\PAULA-~1\AppData\Local\Temp\Goat Simulator InstallerDownload_4AB6\Goat_Simulator_Installer_Downloader.exe [2014-03-31] () <==== ATTENTION
Task: {F366D71F-854C-46E8-B510-74B8CCBBAEAE} - System32\Tasks\{F452B5D8-347B-4F23-92E7-35758CD66B08} => C:\Users\Paula-chan\Desktop\Keygen by TheSoulboy12\Keygen by thesoulboy12\Keygen.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-02-05 15:22 - 2012-02-05 15:22 - 01564368 _____ () C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
2013-08-14 10:31 - 2013-08-14 10:31 - 00335312 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2009-01-21 17:45 - 2009-01-21 17:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-06-25 17:27 - 2012-12-11 14:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2011-10-20 11:00 - 2011-08-09 01:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-27 05:45 - 2012-12-11 20:15 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2012-11-04 16:25 - 2012-11-04 16:25 - 00041160 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2012-11-04 16:25 - 2012-11-04 16:25 - 00736968 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2012-11-04 16:22 - 2012-11-04 16:22 - 00026624 _____ () C:\Program Files\Rainmeter\Plugins\InputText.dll
2012-11-04 16:23 - 2012-11-04 16:23 - 00020480 _____ () C:\Program Files\Rainmeter\Plugins\WiFiStatus.DLL
2012-11-04 16:23 - 2012-11-04 16:23 - 00025088 _____ () C:\Program Files\Rainmeter\Plugins\QuotePlugin.DLL
2011-10-13 08:52 - 2011-10-13 08:52 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-14 15:21 - 2011-03-14 15:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-08-24 19:03 - 2011-08-24 19:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2011-01-17 17:19 - 2012-02-18 19:41 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-02-19 19:10 - 2014-02-19 19:10 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-10-20 10:18 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-03-31 19:55 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-31 19:55 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-31 19:55 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-31 19:55 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-31 19:55 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-31 19:55 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/31/2014 07:45:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 07:41:46 PM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 33.0.1750.154 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1dc8

Startzeit: 01cf4d084875d9f4

Endzeit: 3

Anwendungspfad: C:\Users\Paula-chan\AppData\Local\Google\Chrome\Application\chrome.exe

Berichts-ID: ac385cdd-b8fb-11e3-bc44-dc0ea11b19b4

Error: (03/31/2014 06:52:19 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (03/31/2014 06:42:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 03:48:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 03:39:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 03:38:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avkcks.exe, Version: 1.0.0.1, Zeitstempel: 0x46c04a9c
Name des fehlerhaften Moduls: avkcks.exe, Version: 1.0.0.1, Zeitstempel: 0x46c04a9c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001674
ID des fehlerhaften Prozesses: 0x590
Startzeit der fehlerhaften Anwendung: 0xavkcks.exe0
Pfad der fehlerhaften Anwendung: avkcks.exe1
Pfad des fehlerhaften Moduls: avkcks.exe2
Berichtskennung: avkcks.exe3

Error: (03/31/2014 03:35:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 03:16:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 03:14:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/31/2014 07:47:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "1%" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/31/2014 06:44:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "1%" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/31/2014 06:42:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IePlugin Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/31/2014 03:50:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "1%" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/31/2014 03:47:18 PM) (Source: BugCheck) (User: )
Description: 0x000000f4 (0x0000000000000003, 0xfffffa80080b6b30, 0xfffffa80080b6e10, 0xfffff80002bcf7b0)C:\Windows\MEMORY.DMP033114-31808-01

Error: (03/31/2014 03:47:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IePlugin Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/31/2014 03:42:48 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (03/31/2014 03:38:28 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (03/31/2014 03:38:28 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/31/2014 03:38:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (03/31/2014 07:45:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 07:41:46 PM) (Source: Application Hang)(User: )
Description: chrome.exe33.0.1750.1541dc801cf4d084875d9f43C:\Users\Paula-chan\AppData\Local\Google\Chrome\Application\chrome.exeac385cdd-b8fb-11e3-bc44-dc0ea11b19b4

Error: (03/31/2014 06:52:19 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (03/31/2014 06:42:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 03:48:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 03:39:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 03:38:08 PM) (Source: Application Error)(User: )
Description: avkcks.exe1.0.0.146c04a9cavkcks.exe1.0.0.146c04a9cc00000050000167459001cf4ce66ad813d0c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exec:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exeb1957c5c-b8d9-11e3-bd08-dc0ea11b19b4

Error: (03/31/2014 03:35:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 03:16:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/31/2014 03:14:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 46%
Total physical RAM: 5995.86 MB
Available physical RAM: 3229.58 MB
Total Pagefile: 11989.9 MB
Available Pagefile: 8433.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.66 GB) (Free:268.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 12F8515A)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

--- --- ---

--- --- ---


Ich hoffe ich habe es richtig gemacht

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.




Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Danke für die Hilfe, habe alles gemacht.

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 01.04.2014
Suchlauf-Zeit: 15:46:06
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.0.1000
Malware Datenbank: v2014.04.01.02
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Paula-chan

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 279464
Verstrichene Zeit: 1 Std, 19 Min, 6 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v3.023 - Bericht erstellt am 01/04/2014 um 16:20:28
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Paula-chan - PAULA-CHAN-PC
# Gestartet von : C:\Users\Paula-chan\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : APNMCP

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Perion
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Software Update Utility
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Program Files\Web Assistant
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\PAULA-~1\AppData\Local\Temp\apn
Ordner Gelöscht : C:\Users\PAULA-~1\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\PAULA-~1\AppData\Local\Temp\BabylonToolbar
Ordner Gelöscht : C:\Users\PAULA-~1\AppData\Local\Temp\boost_interprocess
Ordner Gelöscht : C:\Users\PAULA-~1\AppData\Local\Temp\Desk365
Ordner Gelöscht : C:\Users\PAULA-~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Paula-chan\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Paula-chan\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Oxy
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\ConduitCommon
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\Smartbar
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\CT2851647
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\Extensions\ffxtlbr@incredibar.com
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\Extensions\toolbar@ask.com
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Ordner Gelöscht : C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
[!] Ordner Gelöscht : C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
[!] Ordner Gelöscht : C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Paula-chan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022342291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033343391}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\APN DTX
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\Escolade
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\Web Assistant
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

[ Datei : C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default\prefs.js ]

Zeile gelöscht : user_pref("CT2269050.FirstTime", "true");
Zeile gelöscht : user_pref("CT2269050.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT2269050.UserID", "UN80019814975569787");
Zeile gelöscht : user_pref("CT2269050.autoDisableScopes", 0);
Zeile gelöscht : user_pref("CT2269050.fixUrls", true);
Zeile gelöscht : user_pref("CT2269050.isPerformedSmartBarTransition", "true");
Zeile gelöscht : user_pref("CT2269050.openThankYouPage", "FALSE");
Zeile gelöscht : user_pref("CT2269050.openUninstallPage", "FALSE");
Zeile gelöscht : user_pref("CT2269050.settingsINI", true);
Zeile gelöscht : user_pref("CT2269050.shouldFirstTimeDialog", "FALSE");
Zeile gelöscht : user_pref("CT2269050.smartbar.CTID", "CT2269050");
Zeile gelöscht : user_pref("CT2269050.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT2269050.smartbar.toolbarName", "DVDVideoSoftTB ");
Zeile gelöscht : user_pref("CT2851647..clientLogIsEnabled", false);
Zeile gelöscht : user_pref("CT2851647..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Zeile gelöscht : user_pref("CT2851647..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Zeile gelöscht : user_pref("CT2851647.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Zeile gelöscht : user_pref("CT2851647.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Zeile gelöscht : user_pref("CT2851647.CTID", "CT2851647");
Zeile gelöscht : user_pref("CT2851647.CurrentServerDate", "22-11-2012");
Zeile gelöscht : user_pref("CT2851647.DSChangedManually", false);
Zeile gelöscht : user_pref("CT2851647.DSInstall", true);
Zeile gelöscht : user_pref("CT2851647.DialogsAlignMode", "LTR");
Zeile gelöscht : user_pref("CT2851647.DialogsGetterLastCheckTime", "Thu Nov 22 2012 20:42:48 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.DownloadReferralCookieData", "");
Zeile gelöscht : user_pref("CT2851647.EMailNotifierPollDate", "Thu Nov 22 2012 20:42:45 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedLastCount2532783744689806690", 213);
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156812186649977", "Thu Nov 22 2012 20:42:47 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156813040823546", "Thu Nov 22 2012 20:42:47 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156813130095866", "Thu Nov 22 2012 20:42:46 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156813224203613", "Thu Nov 22 2012 20:42:46 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156813230837251", "Thu Nov 22 2012 20:42:47 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156813454291735", "Thu Nov 22 2012 20:42:47 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156813729834876", "Thu Nov 22 2012 20:42:46 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156813860870021", "Thu Nov 22 2012 20:42:47 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156814264681793", "Thu Nov 22 2012 20:42:47 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156814863075366", "Thu Nov 22 2012 20:42:47 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedPollDate2429156815257761081", "Thu Nov 22 2012 20:42:46 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.FeedTTL2429156813040823546", 15);
Zeile gelöscht : user_pref("CT2851647.FeedTTL2429156813130095866", 10);
Zeile gelöscht : user_pref("CT2851647.FeedTTL2429156813454291735", 5);
Zeile gelöscht : user_pref("CT2851647.FeedTTL2429156814264681793", 5);
Zeile gelöscht : user_pref("CT2851647.FirstServerDate", "27-5-2012");
Zeile gelöscht : user_pref("CT2851647.FirstTime", true);
Zeile gelöscht : user_pref("CT2851647.FirstTimeFF3", true);
Zeile gelöscht : user_pref("CT2851647.FixPageNotFoundErrors", true);
Zeile gelöscht : user_pref("CT2851647.GroupingServerCheckInterval", 1440);
Zeile gelöscht : user_pref("CT2851647.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Zeile gelöscht : user_pref("CT2851647.HPInstall", true);
Zeile gelöscht : user_pref("CT2851647.HasUserGlobalKeys", true);
Zeile gelöscht : user_pref("CT2851647.HomePageProtectorEnabled", true);
Zeile gelöscht : user_pref("CT2851647.HomepageBeforeUnload", "hxxp://mystart.incredibar.com/mb178?a=6OyMZv7uR0&i=26");
Zeile gelöscht : user_pref("CT2851647.Initialize", true);
Zeile gelöscht : user_pref("CT2851647.InitializeCommonPrefs", true);
Zeile gelöscht : user_pref("CT2851647.InstallationAndCookieDataSentCount", 3);
Zeile gelöscht : user_pref("CT2851647.InstallationId", "fftEB5A.tmp.exe");
Zeile gelöscht : user_pref("CT2851647.InstallationType", "XPE");
Zeile gelöscht : user_pref("CT2851647.InstalledDate", "Sun May 27 2012 19:51:05 GMT+0200");
Zeile gelöscht : user_pref("CT2851647.IsAlertDBUpdated", true);
Zeile gelöscht : user_pref("CT2851647.IsGrouping", false);
Zeile gelöscht : user_pref("CT2851647.IsInitSetupIni", true);
Zeile gelöscht : user_pref("CT2851647.IsMulticommunity", false);
Zeile gelöscht : user_pref("CT2851647.IsOpenThankYouPage", true);
Zeile gelöscht : user_pref("CT2851647.IsOpenUninstallPage", false);
Zeile gelöscht : user_pref("CT2851647.IsProtectorsInit", true);
Zeile gelöscht : user_pref("CT2851647.LanguagePackLastCheckTime", "Thu Nov 22 2012 20:42:48 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.LanguagePackReloadIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2851647.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Zeile gelöscht : user_pref("CT2851647.LastLogin_3.12.0.8", "Thu Nov 22 2012 20:42:47 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.LatestVersion", "3.16.0.3");
Zeile gelöscht : user_pref("CT2851647.Locale", "de");
Zeile gelöscht : user_pref("CT2851647.MCDetectTooltipHeight", "83");
Zeile gelöscht : user_pref("CT2851647.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Zeile gelöscht : user_pref("CT2851647.MCDetectTooltipWidth", "295");
Zeile gelöscht : user_pref("CT2851647.MyStuffEnabledAtInstallation", true);
Zeile gelöscht : user_pref("CT2851647.OriginalFirstVersion", "3.12.0.8");
Zeile gelöscht : user_pref("CT2851647.SavedHomepage", "hxxp://de.ask.com/?l=dis&o=1586&gct=hp");
Zeile gelöscht : user_pref("CT2851647.SearchCaption", "uTorrentBar_DE Customized Web Search");
Zeile gelöscht : user_pref("CT2851647.SearchEngineBeforeUnload", "Ask.com");
Zeile gelöscht : user_pref("CT2851647.SearchFromAddressBarIsInit", true);
Zeile gelöscht : user_pref("CT2851647.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&q=");
Zeile gelöscht : user_pref("CT2851647.SearchInNewTabEnabled", true);
Zeile gelöscht : user_pref("CT2851647.SearchInNewTabIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2851647.SearchInNewTabLastCheckTime", "Thu Nov 22 2012 20:42:44 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Zeile gelöscht : user_pref("CT2851647.SearchProtectorEnabled", true);
Zeile gelöscht : user_pref("CT2851647.SearchProtectorToolbarDisabled", false);
Zeile gelöscht : user_pref("CT2851647.SendProtectorDataViaLogin", true);
Zeile gelöscht : user_pref("CT2851647.ServiceMapLastCheckTime", "Thu Nov 22 2012 20:42:45 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.SettingsLastCheckTime", "Thu Nov 22 2012 20:42:43 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.SettingsLastUpdate", "1352142245");
Zeile gelöscht : user_pref("CT2851647.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13");
Zeile gelöscht : user_pref("CT2851647.ThirdPartyComponentsInterval", 504);
Zeile gelöscht : user_pref("CT2851647.ThirdPartyComponentsLastCheck", "Thu Nov 22 2012 20:42:43 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.ThirdPartyComponentsLastUpdate", "1331806000");
Zeile gelöscht : user_pref("CT2851647.ToolbarShrinkedFromSetup", false);
Zeile gelöscht : user_pref("CT2851647.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851647");
Zeile gelöscht : user_pref("CT2851647.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Zeile gelöscht : user_pref("CT2851647.UserID", "UN63200146362813212");
Zeile gelöscht : user_pref("CT2851647.WeatherNetwork", "");
Zeile gelöscht : user_pref("CT2851647.WeatherPollDate", "Thu Nov 22 2012 20:42:47 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.WeatherUnit", "C");
Zeile gelöscht : user_pref("CT2851647.alertChannelId", "1243681");
Zeile gelöscht : user_pref("CT2851647.autoDisableScopes", 0);
Zeile gelöscht : user_pref("CT2851647.backendstorage.cbcountry_000", "4445");
Zeile gelöscht : user_pref("CT2851647.backendstorage.cbfirsttime", "53756E204D617920323720323031322031393A35313A303620474D542B30323030");
Zeile gelöscht : user_pref("CT2851647.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Zeile gelöscht : user_pref("CT2851647.globalFirstTimeInfoLastCheckTime", "Thu Nov 22 2012 20:42:49 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.homepageProtectorEnableByLogin", true);
Zeile gelöscht : user_pref("CT2851647.initDone", true);
Zeile gelöscht : user_pref("CT2851647.isAppTrackingManagerOn", true);
Zeile gelöscht : user_pref("CT2851647.myStuffEnabled", true);
Zeile gelöscht : user_pref("CT2851647.myStuffPublihserMinWidth", 400);
Zeile gelöscht : user_pref("CT2851647.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Zeile gelöscht : user_pref("CT2851647.myStuffServiceIntervalMM", 1440);
Zeile gelöscht : user_pref("CT2851647.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Zeile gelöscht : user_pref("CT2851647.navigateToUrlOnSearch", false);
Zeile gelöscht : user_pref("CT2851647.oldAppsList", "129351532244963279,129351532245275780,1000234,129791456886122866,1000034,129416031642500897,129351532245744535,2532783744689806690,129351532247619549,12935153224761[...]
Zeile gelöscht : user_pref("CT2851647.revertSettingsEnabled", true);
Zeile gelöscht : user_pref("CT2851647.searchProtectorDialogDelayInSec", 10);
Zeile gelöscht : user_pref("CT2851647.searchProtectorEnableByLogin", true);
Zeile gelöscht : user_pref("CT2851647.testingCtid", "");
Zeile gelöscht : user_pref("CT2851647.toolbarAppMetaDataLastCheckTime", "Thu Nov 22 2012 20:42:48 GMT+0100");
Zeile gelöscht : user_pref("CT2851647.toolbarContextMenuLastCheckTime", "Thu Nov 22 2012 20:42:48 GMT+0100");
Zeile gelöscht : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13");
Zeile gelöscht : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentBar_DE Customized Web Search");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851647/CT2851647", "\"c0d1d4054600b9e9acfea80be6b9274f3\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851647", "\"1334672089\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=de", "oIwsta2spzadhjRgiY1Nhw==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=de", "WiZSpHJzJ/uTUKvfHHyj/w==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=de", "9H/gICSaMqbmx+Gd+8W4Sg==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=de", "eJfMrdrGnhGHiiPiYjgAww==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.8", "\"0343677cfb1cd1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851647", "\"f1c77625c0e9bd1c80a2fd6901845fa9\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"4c5784a6c422779465551b626ad7059c\"");
Zeile gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Paula-chan\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\vrkrs3uy.default\\conduitCommon\\modules\\3.12.0.8");
Zeile gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Zeile gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2851647");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2851647");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT2851647");
Zeile gelöscht : user_pref("CommunityToolbar.globalUserId", "42a51a34-8108-4d96-9a4d-58f4dc4db594");
Zeile gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851647");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Nov 22 2012 20:42:47 GMT+0100");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Nov 22 2012 20:42:45 GMT+0100");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.userId", "eff807eb-9f63-4efb-9cb8-badc92380bcc");
Zeile gelöscht : user_pref("CommunityToolbar.originalHomepage", "hxxp://de.ask.com/?l=dis&o=1586&gct=hp");
Zeile gelöscht : user_pref("CommunityToolbar.originalSearchEngine", "Ask.com");
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb178?a=6OyMZv7uR0&loc=FF_NT");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "uTorrentBar_DE Customized Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://mystart.incredibar.com/mb178?a=6OyMZv7uR0&i=26");
Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Zeile gelöscht : user_pref("extensions.enabledAddons", "{c840e246-6b95-475e-9bd7-caa1c7eca9f2}:3.12.0.8,crossriderapp3491@crossrider.com:0.81.19,{ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10,{872b5b88-9db5-4310-bdd0-a[...]
Zeile gelöscht : user_pref("CT2269050.autoDisableScopes",  0);

-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [36746 octets] - [01/04/2014 16:19:37]
AdwCleaner[S0].txt - [34264 octets] - [01/04/2014 16:20:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [34325 octets] ##########
         

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Paula-chan on 01.04.2014 at 16:48:24,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1307518205-1141766383-1528977106-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1307518205-1141766383-1528977106-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2059CF48-25F3-40d7-9D37-24A3142FD20B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DD0BCCE8-BE1E-4C35-A094-E580C08FC880}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2059CF48-25F3-40d7-9D37-24A3142FD20B}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\shoE2FA.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF75F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF7D5.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Paula-chan\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Paula-chan\appdata\local\software"
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{0008D88B-9EC5-4311-835B-5BA4E29383FE}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{03E185E6-2647-4028-B386-AB7A035E3104}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{05490FEC-E618-4B8A-BE44-30F449E3E41E}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{056E8499-E8AB-4AD7-8EC9-67A1B5FB977E}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{06E99417-5435-4265-AD23-61DF75CF254B}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{0DCB473D-C2C2-4C71-A2CA-416277E0DFEA}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{0FEB9CAB-EAE8-43AB-812E-B8474A73A95B}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{11832866-634A-4BF3-A155-E25D896D9C46}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{15900437-95E5-44A9-94D5-CE23552AEB6C}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{1862A034-2B24-4845-BB35-B86C292BC3BB}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{1B5FED07-05B2-43C9-8B18-6454F7022A90}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{1B9CEAB5-1498-4AEF-B462-07AC990D6D47}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{1D6B701D-E410-4EAB-9C16-D28C056A43F8}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{212B7BB4-0F52-4A12-A178-1C83AD8CF1D8}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{21B804EF-D58B-41B3-9A88-44DCA8E3861A}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{22B9791D-2C01-40C6-BA2A-4ED1BC6794C4}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{2403E973-4392-4CAF-9452-E2534BD019BA}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{290AE06F-D451-4EFC-8E18-5C85BC3B43A7}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{2ADC2005-8CB3-446E-AC2D-73730555E637}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{2B0F04F1-39D7-4995-8B24-4D78D0729B0C}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{2C221F82-F248-4C69-8BD0-3BE84E00259D}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{2C354CF9-30C5-492D-8CD0-384DF59C19B6}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{2DD039FC-BD10-400A-8714-5210EDF99D4B}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{2E2E2BE2-51B5-485A-8D6B-2C6A4EF410E7}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{2FEE49F4-0322-42B9-A965-A1B7E1125B74}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{35B1F873-BD54-4809-AD7E-1959BF77456C}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{38095CDE-CC0D-41EB-8429-23A9E9CE1C78}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{38EAEB90-5CF3-4FEA-961F-B9A9007527AD}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{3E66238D-9C77-4634-866F-A6F16292694E}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{3FD2B006-1FF2-4841-91C3-31066FCAC3CE}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{41D6EED1-B569-4267-AC3C-F4DEA1FC1E59}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{430B1BEF-5C5D-4780-A855-4A56399616A7}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{4573D9E0-F6DE-432D-A39F-939F6A5C827A}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{45F27310-3F73-4B83-8761-519903BC2578}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{469656BC-CFA2-40D7-BA31-343C4D9D6706}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{4830EA40-1186-43E4-9F4B-16366EC6C89E}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{48D84646-1285-4FD5-A0CF-6E3075847699}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{4923754A-10D7-4572-A0C0-2848C3BAA382}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{4A3DB198-7D1A-4B2C-BD58-7C0D803E31EA}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{4A640841-5DED-420E-B2EC-850D7090357F}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{4B579526-6AA3-48B3-93F5-B7D8F33752CF}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{4E1DB5A9-99E6-4F79-9E33-6B4644FBD339}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{4E513E54-E660-4207-8F9F-A35D2AE4A9A1}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{50255C60-4628-4001-8232-B1448B2609A0}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{52C36717-CADD-4CCC-8B51-7BDE54047440}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{52EF1FA8-9900-46A5-AF55-2D37ED06DCAC}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{53438443-097B-4D8A-AD4A-D92A924A60DF}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{55705C1F-15D7-42BB-94D9-B5BDC8405D16}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{571DB20A-1E55-477D-B538-6FE7B6C61BDE}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{5808680B-CC22-4704-AC1A-24CCCEF05F3D}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{5BC4EA1A-62F3-46CD-84F7-AC09EA91990C}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{62F607D9-5BFB-4AB7-8E58-40BB3822A69E}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{63DC115D-7696-46D3-A8F3-954F41B889F9}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{6608F8CB-DB10-4A7C-B09E-F24D8E14EC6C}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{66EEEAD0-C790-43C4-9C6C-5335F7CFED6D}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{69732482-CA59-4587-8032-68B2603B52B4}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{6A79C021-4BD8-45CC-89B1-E30C6B790A86}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{7035878F-68A8-42AC-B648-36D4F112A257}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{70A99846-B002-4266-BBF4-3227C8212B22}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{77C62850-C033-4678-BFB0-CF5DD99B681F}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{78439E2A-4008-49ED-941E-DE12BF3DBDAE}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{78896E85-BF46-42C1-B82C-F13CEFC3CF0D}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{7980EE19-BC87-435D-A105-B1D7C174AA71}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{79B07726-FA82-4F8F-9766-BEA6C8A7B588}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{79F9ABB6-1D04-41E7-91B4-ABD8B2BF6C41}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{8116BA05-AADE-40AB-9D39-08E8C183EDA5}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{8397D400-91C1-4967-8334-5E58182C9334}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{848154AC-9C16-4B87-BEB5-22B7BDFD4B75}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{874E2AA0-B6C6-4F2A-8310-1CA08BE74213}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{89D68F04-7D79-4F18-B44F-CB0C1EB9BB56}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{8D5DE053-8159-485B-8C17-7C442F329291}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{8E04D6AD-083C-45A0-A788-97076F05A703}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{8F0A9D14-0C17-4537-A474-382C17CEF1A0}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{91167A24-04E6-4561-93D9-CCC2593E287B}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{944F460D-3EE4-4D3E-95CB-3B4377D9B570}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{96AC1DC1-4405-41B0-A4DA-B5A51A75B820}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{9BCADD3D-1353-4404-8B3D-1CCE462C5EAE}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{9C694E28-3EA1-405E-94E4-7FB94D26D9F7}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{9E0C4959-0F0D-4D8C-8100-F31DD9223E2F}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{A46CDDFC-733D-4BAC-8C64-59C21BB7B612}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{A4D75C2F-9BF2-493A-99F6-4789150971A8}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{A5686F02-2865-4BE1-8924-CAEDD6B6D94B}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{A593F948-2925-444C-9633-904C7665DA6D}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{A688BC14-616B-4518-A889-20DAB8209EF2}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{A7323DE4-76EF-415D-8E64-DDC2B11DE239}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{A73AF5C5-6605-49B1-BB5A-4C552EA58379}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{A9F26AC9-6C00-4690-981A-C56D0DF3AF9C}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{AB05F70A-A39E-47DC-BC5D-BB0D281B1B56}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{ADDE0177-E398-45DE-8AA0-576E5F66712B}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{B97D7528-8843-4289-B80A-C1CB6D196A55}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{BB1BAC0E-1F87-461E-B7C3-9F17B4A398D4}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{BDE2CC15-E2F4-4C1B-8DEC-A4BC01D8E844}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{C03CAE2C-C5B7-48F6-8B86-5AA047FC46C3}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{C2CF1BAD-1984-46C5-9B5D-C458EAA3C2E9}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{C3867CD5-2332-4AB8-95EC-9829C7DD88AA}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{C3899490-8C27-4CAF-B5FB-555003453BA5}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{C3E33DA7-690F-44B5-A5F2-C83C435B976A}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{CA0E7BED-F576-4EBA-8F9D-EE627C840AD0}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{CFE1D140-09E0-4481-89A7-52D8D60A7D3B}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{D20E4869-7740-468E-901E-51673BB77B6B}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{D224164E-6C7F-40AC-AD07-698A9348A28C}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{DA09706B-09D2-46D6-A240-42A58C67EA6B}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{DB78272E-9F90-48BA-81A0-8FEFAE7A80E6}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{DF6D1554-9532-48BA-B8DE-36E9EDB19692}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{E0718D40-9537-4991-A3E4-61A2513FB64B}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{E57EB1A0-7999-40C5-93CA-773D9C37B700}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{E8D50DC2-1528-4F69-9399-552F4CDBB11A}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{EAF27170-A68A-4038-8640-AFE973AB3A5F}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{ECE30E01-F39B-431A-866D-86A17C0DBFBC}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{ED84028C-18F2-422E-94E9-C5DA44112D57}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{F16D310B-550F-4F7B-A776-E6A611C6D797}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{F2B573F0-6761-4E69-B823-0A53CF238E85}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{F66D3A87-CA79-40F6-8CCB-7B42B2C520CF}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{F866514B-48B1-4513-9AB4-054389169422}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{FBC89227-CAA3-41F4-8FA5-3305466DFEA0}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{FC5B49F4-F616-4587-BF63-B8DA8E135174}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{FEB3ECBE-1E87-445A-A603-E854B3D9B60F}
Successfully deleted: [Empty Folder] C:\Users\Paula-chan\appdata\local\{FFBE018A-7B42-4D22-8E2E-E18E3D2FB9F0}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.04.2014 at 16:54:09,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Paula-chan (administrator) on PAULA-CHAN-PC on 01-04-2014 16:58:34
Running from C:\Users\Paula-chan\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN LLC.) C:\Users\Paula-chan\AppData\Local\VNT\vntldr.exe
() C:\Users\PAULA-~1\AppData\Local\Temp\Download_733B\Goat_Simulator_Installer_Downloader.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [PLFSetL] - C:\Windows\\PLFSetL.exe
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [GDFirewallTray] - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-12-11] ()
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VNT] - C:\Program Files (x86)\VNT\vntldr.exe [196048 2014-03-19] (APN LLC.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1307518205-1141766383-1528977106-1000\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-1307518205-1141766383-1528977106-1000\...\Run: [Google+ Auto Backup] - "C:\Users\Paula-chan\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
HKU\S-1-5-21-1307518205-1141766383-1528977106-1000\...\Run: [GoogleChromeAutoLaunch_3B05FA9084BEB65019B27C284C96A728] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976 2014-03-15] (Google Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
Startup: C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Ask Toolbar) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajepeddfdaihpmdgnickofffkdlpb [2014-03-31]
CHR Extension: (Theme Creator) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2014-03-31]
CHR Extension: (Google Docs) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-31]
CHR Extension: (YouTube) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-31]
CHR Extension: (Google-Suche) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-31]
CHR Extension: (AdBlock) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-31]
CHR Extension: (Akira Isogawa) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\igmggajponoffjmhekbonemlgidfgdao [2014-03-31]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2014-03-31]
CHR Extension: (Little Alchemy) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-03-31]
CHR Extension: (Google Wallet) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-03-31]
CHR Extension: (Google Mail) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-31]
CHR HKCU\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\Paula-chan\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [2014-03-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-03-31]
CHR HKLM-x32\...\Chrome\Extension: [aaaajepeddfdaihpmdgnickofffkdlpb] - C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7\CRX\ToolbarCR.crx [2014-03-31]
CHR HKLM-x32\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\Paula-chan\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [2014-03-31]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2012-12-24]

==================== Services (Whitelisted) =================

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2562208 2013-10-15] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2942808 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
S2 MOBKbackup; "C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2014-03-18] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2014-03-18] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2014-03-18] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2014-03-18] (G Data Software AG)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2014-03-18] (G Data Software AG)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-01 16:54 - 2014-04-01 16:54 - 00015178 _____ () C:\Users\Paula-chan\Documents\JRT.txt
2014-04-01 16:54 - 2014-04-01 16:54 - 00015178 _____ () C:\Users\Paula-chan\Desktop\JRT.txt
2014-04-01 16:47 - 2014-04-01 16:47 - 01038974 _____ (Thisisu) C:\Users\Paula-chan\Downloads\JRT.exe
2014-04-01 16:47 - 2014-04-01 16:47 - 01038974 _____ (Thisisu) C:\Users\Paula-chan\Desktop\JRT.exe
2014-04-01 16:44 - 2014-04-01 16:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-01 16:34 - 2014-04-01 16:34 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
2014-04-01 16:32 - 2014-04-01 16:32 - 00034566 _____ () C:\Users\Paula-chan\Documents\AdwCleaner[S0].txt
2014-04-01 16:31 - 2014-04-01 16:34 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Oxy
2014-04-01 16:19 - 2014-04-01 16:21 - 00000000 ____D () C:\AdwCleaner
2014-04-01 16:18 - 2014-04-01 16:18 - 00001160 _____ () C:\Users\Paula-chan\Documents\mbam.txt
2014-04-01 14:45 - 2014-04-01 14:45 - 01426178 _____ () C:\Users\Paula-chan\Downloads\adwcleaner.exe
2014-04-01 14:09 - 2014-04-01 14:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-01 14:08 - 2014-04-01 14:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Paula-chan\Downloads\revosetup95.exe
2014-03-31 21:02 - 2014-03-31 21:04 - 00041599 _____ () C:\Users\Paula-chan\Downloads\Addition.txt
2014-03-31 21:01 - 2014-04-01 16:58 - 00019648 _____ () C:\Users\Paula-chan\Downloads\FRST.txt
2014-03-31 21:00 - 2014-04-01 16:58 - 00000000 ____D () C:\FRST
2014-03-31 20:59 - 2014-03-31 20:59 - 02157056 _____ (Farbar) C:\Users\Paula-chan\Downloads\FRST64.exe
2014-03-31 20:59 - 2014-03-31 20:59 - 00000482 _____ () C:\Users\Paula-chan\Downloads\defogger_disable.log
2014-03-31 20:59 - 2014-03-31 20:59 - 00000000 _____ () C:\Users\Paula-chan\defogger_reenable
2014-03-31 20:58 - 2014-03-31 20:58 - 00050477 _____ () C:\Users\Paula-chan\Downloads\Defogger.exe
2014-03-31 20:17 - 2014-04-01 14:25 - 00000000 ___RD () C:\Users\Paula-chan\Desktop\Programme
2014-03-31 19:52 - 2014-04-01 16:57 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-31 19:52 - 2014-03-31 19:52 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-31 19:52 - 2014-03-31 19:52 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 19:51 - 2014-04-01 16:30 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-31 19:39 - 2014-03-31 19:42 - 00000000 ____D () C:\Users\Paula-chan\Documents\Default
2014-03-31 15:54 - 2014-04-01 14:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-31 15:54 - 2014-03-31 15:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-31 15:54 - 2014-03-31 15:54 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-31 15:54 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-31 15:54 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-31 15:54 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 15:51 - 2014-03-31 15:53 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Paula-chan\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-31 15:47 - 2014-03-31 15:47 - 00271720 _____ () C:\Windows\Minidump\033114-31808-01.dmp
2014-03-31 15:24 - 2014-03-31 15:24 - 00000000 ____D () C:\ProgramData\CDB
2014-03-31 15:23 - 2014-03-31 15:25 - 00000000 ____D () C:\rei
2014-03-31 15:23 - 2014-03-31 15:23 - 00000000 ____D () C:\Program Files\Reimage
2014-03-31 15:20 - 2014-03-31 15:25 - 00000155 _____ () C:\Windows\Reimage.ini
2014-03-31 15:03 - 2014-03-31 15:03 - 00003622 _____ () C:\Windows\System32\Tasks\Oxy
2014-03-31 15:02 - 2014-03-31 15:02 - 00003630 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-03-31 15:02 - 2014-03-31 15:02 - 00003240 _____ () C:\Windows\System32\Tasks\PileFile logon
2014-03-27 21:53 - 2014-03-27 22:36 - 00002588 _____ () C:\Users\Paula-chan\Documents\Register Movie Studio Platinum.htm
2014-03-27 21:51 - 2014-03-29 17:32 - 00000000 ____D () C:\Users\Paula-chan\Documents\Movie Studio Platinum 13.0 Projects
2014-03-27 21:45 - 2014-03-27 21:45 - 00000000 ____D () C:\Program Files\Sony
2014-03-23 15:49 - 2014-03-23 15:49 - 00000000 ____D () C:\Program Files (x86)\directx
2014-03-23 15:48 - 2014-03-23 15:48 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-03-20 23:18 - 2014-03-20 23:18 - 00000000 ____D () C:\Users\Paula-chan\Downloads\kage_pro_osu_skin_by_juvia_fullbuster_by_lyra_kizzle08-d6vf3in
2014-03-18 21:37 - 2014-03-18 21:37 - 02700064 _____ () C:\Users\Paula-chan\Downloads\colour_me___challenge_by_ryky-d7aop7x.psd
2014-03-17 23:22 - 2014-03-18 21:26 - 00274419 _____ () C:\Users\Paula-chan\Documents\april.odt
2014-03-16 13:46 - 2014-03-20 21:09 - 03421415 _____ () C:\Users\Paula-chan\Documents\bday.odt
2014-03-14 17:34 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 17:34 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 17:34 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 17:34 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 17:34 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 17:34 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 17:34 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 17:34 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 17:34 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 17:34 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 17:34 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 17:34 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 17:34 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 17:34 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 17:34 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 17:34 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 17:34 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 17:34 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 17:34 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 17:34 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 17:34 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 17:34 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 17:34 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 17:34 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 17:34 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 17:34 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 17:34 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 17:34 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 17:34 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 17:34 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 17:34 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 17:34 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 17:34 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 17:34 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 17:34 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 17:34 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 17:34 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 17:34 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 17:34 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 17:34 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 17:34 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 17:34 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 17:34 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 17:34 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 17:32 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 17:32 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 17:32 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 17:32 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-04-01 16:58 - 2014-03-31 21:01 - 00019648 _____ () C:\Users\Paula-chan\Downloads\FRST.txt
2014-04-01 16:58 - 2014-03-31 21:00 - 00000000 ____D () C:\FRST
2014-04-01 16:57 - 2014-03-31 19:52 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-01 16:54 - 2014-04-01 16:54 - 00015178 _____ () C:\Users\Paula-chan\Documents\JRT.txt
2014-04-01 16:54 - 2014-04-01 16:54 - 00015178 _____ () C:\Users\Paula-chan\Desktop\JRT.txt
2014-04-01 16:47 - 2014-04-01 16:47 - 01038974 _____ (Thisisu) C:\Users\Paula-chan\Downloads\JRT.exe
2014-04-01 16:47 - 2014-04-01 16:47 - 01038974 _____ (Thisisu) C:\Users\Paula-chan\Desktop\JRT.exe
2014-04-01 16:44 - 2014-04-01 16:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-01 16:38 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-01 16:38 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-01 16:34 - 2014-04-01 16:34 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
2014-04-01 16:34 - 2014-04-01 16:31 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Oxy
2014-04-01 16:32 - 2014-04-01 16:32 - 00034566 _____ () C:\Users\Paula-chan\Documents\AdwCleaner[S0].txt
2014-04-01 16:32 - 2012-02-03 16:03 - 00000000 ____D () C:\ProgramData\clear.fi
2014-04-01 16:30 - 2014-03-31 19:51 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-01 16:30 - 2010-11-21 05:47 - 00677648 _____ () C:\Windows\PFRO.log
2014-04-01 16:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-01 16:30 - 2009-07-14 06:51 - 00128535 _____ () C:\Windows\setupact.log
2014-04-01 16:22 - 2011-12-13 11:17 - 01341578 _____ () C:\Windows\WindowsUpdate.log
2014-04-01 16:21 - 2014-04-01 16:19 - 00000000 ____D () C:\AdwCleaner
2014-04-01 16:21 - 2012-02-02 22:18 - 00001009 _____ () C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-01 16:20 - 2012-02-05 15:22 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-01 16:20 - 2011-12-13 20:10 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-04-01 16:20 - 2011-12-13 20:10 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-04-01 16:20 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 16:18 - 2014-04-01 16:18 - 00001160 _____ () C:\Users\Paula-chan\Documents\mbam.txt
2014-04-01 16:17 - 2012-04-05 15:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-01 14:45 - 2014-04-01 14:45 - 01426178 _____ () C:\Users\Paula-chan\Downloads\adwcleaner.exe
2014-04-01 14:26 - 2014-03-31 15:54 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-01 14:25 - 2014-03-31 20:17 - 00000000 ___RD () C:\Users\Paula-chan\Desktop\Programme
2014-04-01 14:09 - 2014-04-01 14:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-01 14:08 - 2014-04-01 14:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Paula-chan\Downloads\revosetup95.exe
2014-03-31 21:04 - 2014-03-31 21:02 - 00041599 _____ () C:\Users\Paula-chan\Downloads\Addition.txt
2014-03-31 20:59 - 2014-03-31 20:59 - 02157056 _____ (Farbar) C:\Users\Paula-chan\Downloads\FRST64.exe
2014-03-31 20:59 - 2014-03-31 20:59 - 00000482 _____ () C:\Users\Paula-chan\Downloads\defogger_disable.log
2014-03-31 20:59 - 2014-03-31 20:59 - 00000000 _____ () C:\Users\Paula-chan\defogger_reenable
2014-03-31 20:59 - 2012-02-02 22:16 - 00000000 ____D () C:\Users\Paula-chan
2014-03-31 20:58 - 2014-03-31 20:58 - 00050477 _____ () C:\Users\Paula-chan\Downloads\Defogger.exe
2014-03-31 19:57 - 2012-04-30 18:19 - 00000000 ____D () C:\Users\Paula-chan\AppData\Local\Google
2014-03-31 19:54 - 2012-08-01 17:57 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-31 19:52 - 2014-03-31 19:52 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-31 19:52 - 2014-03-31 19:52 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 19:42 - 2014-03-31 19:39 - 00000000 ____D () C:\Users\Paula-chan\Documents\Default
2014-03-31 18:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-03-31 15:54 - 2014-03-31 15:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-31 15:54 - 2014-03-31 15:54 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-31 15:53 - 2014-03-31 15:51 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Paula-chan\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-31 15:47 - 2014-03-31 15:47 - 00271720 _____ () C:\Windows\Minidump\033114-31808-01.dmp
2014-03-31 15:47 - 2012-06-28 20:20 - 00000000 ____D () C:\Windows\Minidump
2014-03-31 15:47 - 2012-06-28 20:19 - 401884526 _____ () C:\Windows\MEMORY.DMP
2014-03-31 15:25 - 2014-03-31 15:23 - 00000000 ____D () C:\rei
2014-03-31 15:25 - 2014-03-31 15:20 - 00000155 _____ () C:\Windows\Reimage.ini
2014-03-31 15:24 - 2014-03-31 15:24 - 00000000 ____D () C:\ProgramData\CDB
2014-03-31 15:23 - 2014-03-31 15:23 - 00000000 ____D () C:\Program Files\Reimage
2014-03-31 15:04 - 2011-06-11 01:58 - 00773680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-03-31 15:04 - 2011-06-11 01:58 - 00420912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-03-31 15:03 - 2014-03-31 15:03 - 00003622 _____ () C:\Windows\System32\Tasks\Oxy
2014-03-31 15:02 - 2014-03-31 15:02 - 00003630 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-03-31 15:02 - 2014-03-31 15:02 - 00003240 _____ () C:\Windows\System32\Tasks\PileFile logon
2014-03-30 21:45 - 2012-02-27 23:18 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\SoftGrid Client
2014-03-29 17:32 - 2014-03-27 21:51 - 00000000 ____D () C:\Users\Paula-chan\Documents\Movie Studio Platinum 13.0 Projects
2014-03-28 17:19 - 2014-01-26 21:36 - 00000000 ____D () C:\Users\Paula-chan\AppData\Local\VNT
2014-03-27 22:36 - 2014-03-27 21:53 - 00002588 _____ () C:\Users\Paula-chan\Documents\Register Movie Studio Platinum.htm
2014-03-27 22:30 - 2012-02-08 18:01 - 00000000 ____D () C:\ProgramData\Sony
2014-03-27 22:29 - 2012-02-08 17:02 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Sony
2014-03-27 22:21 - 2012-02-08 17:03 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-03-27 21:45 - 2014-03-27 21:45 - 00000000 ____D () C:\Program Files\Sony
2014-03-27 20:58 - 2014-01-26 21:36 - 00000000 ____D () C:\Program Files (x86)\VNT
2014-03-24 21:03 - 2013-05-16 18:18 - 00000000 ___RD () C:\Users\Paula-chan\Desktop\Games
2014-03-24 11:51 - 2012-09-27 20:38 - 00000000 ____D () C:\Users\Paula-chan\Documents\Schule
2014-03-23 21:47 - 2012-02-05 16:01 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\vlc
2014-03-23 15:49 - 2014-03-23 15:49 - 00000000 ____D () C:\Program Files (x86)\directx
2014-03-23 15:49 - 2011-10-20 11:07 - 00029527 _____ () C:\Windows\DirectX.log
2014-03-23 15:48 - 2014-03-23 15:48 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-03-23 15:48 - 2011-10-20 10:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-23 15:47 - 2013-10-29 14:39 - 00000000 ____D () C:\Users\Paula-chan\Downloads\Games
2014-03-21 13:07 - 2012-06-09 12:30 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-03-20 23:18 - 2014-03-20 23:18 - 00000000 ____D () C:\Users\Paula-chan\Downloads\kage_pro_osu_skin_by_juvia_fullbuster_by_lyra_kizzle08-d6vf3in
2014-03-20 21:09 - 2014-03-16 13:46 - 03421415 _____ () C:\Users\Paula-chan\Documents\bday.odt
2014-03-20 12:42 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-18 23:49 - 2013-08-14 23:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 23:47 - 2012-04-24 16:26 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 21:37 - 2014-03-18 21:37 - 02700064 _____ () C:\Users\Paula-chan\Downloads\colour_me___challenge_by_ryky-d7aop7x.psd
2014-03-18 21:30 - 2013-06-01 15:09 - 00065368 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2014-03-18 21:30 - 2012-04-01 22:35 - 00130392 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-03-18 21:30 - 2012-04-01 22:35 - 00064856 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-03-18 21:30 - 2012-04-01 22:35 - 00063320 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2014-03-18 21:30 - 2012-04-01 22:35 - 00060248 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-03-18 21:26 - 2014-03-17 23:22 - 00274419 _____ () C:\Users\Paula-chan\Documents\april.odt
2014-03-17 23:22 - 2013-09-23 21:17 - 00000000 ____D () C:\Users\Paula-chan\Documents\Sonstiges
2014-03-16 13:29 - 2012-09-27 20:37 - 00000000 ____D () C:\Users\Paula-chan\Documents\Zeichnungen
2014-03-16 12:13 - 2009-07-14 06:45 - 00354000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-16 12:12 - 2013-03-14 20:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-16 12:12 - 2013-03-14 20:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 21:33 - 2013-10-11 13:33 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-03-12 19:04 - 2012-02-07 21:05 - 00000000 ____D () C:\Users\Paula-chan\AppData\Local\Adobe
2014-03-12 19:03 - 2012-04-05 15:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 19:03 - 2012-04-05 15:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 19:03 - 2011-10-20 11:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-05 09:26 - 2014-03-31 15:54 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-31 15:54 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-31 15:54 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Paula-chan\AppData\Local\Temp\ApnStub.exe
C:\Users\Paula-chan\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Paula-chan\AppData\Local\Temp\AskSLib.dll
C:\Users\Paula-chan\AppData\Local\Temp\contentDATs.exe
C:\Users\Paula-chan\AppData\Local\Temp\dotNetFx35setup.exe
C:\Users\Paula-chan\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Paula-chan\AppData\Local\Temp\drm_dyndata_7380007.dll
C:\Users\Paula-chan\AppData\Local\Temp\GuardICQ.exe
C:\Users\Paula-chan\AppData\Local\Temp\htmlayout.dll
C:\Users\Paula-chan\AppData\Local\Temp\incredibar_installer.exe
C:\Users\Paula-chan\AppData\Local\Temp\IZArc4.1.6.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\Keygen.exe
C:\Users\Paula-chan\AppData\Local\Temp\MyBabylonTB_I.exe
C:\Users\Paula-chan\AppData\Local\Temp\Quarantine.exe
C:\Users\Paula-chan\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Paula-chan\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Paula-chan\AppData\Local\Temp\setup.exe
C:\Users\Paula-chan\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Paula-chan\AppData\Local\Temp\tbDVDV.dll
C:\Users\Paula-chan\AppData\Local\Temp\tbuTor.dll
C:\Users\Paula-chan\AppData\Local\Temp\tmp6327.tmp.exe
C:\Users\Paula-chan\AppData\Local\Temp\tmp7916.tmp.exe
C:\Users\Paula-chan\AppData\Local\Temp\tmpAB5F.tmp.exe
C:\Users\Paula-chan\AppData\Local\Temp\tmpDB71.exe
C:\Users\Paula-chan\AppData\Local\Temp\uninst.exe
C:\Users\Paula-chan\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Paula-chan\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Paula-chan\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Paula-chan\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Paula-chan\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Paula-chan\AppData\Local\Temp\vpsetup.exe
C:\Users\Paula-chan\AppData\Local\Temp\_is2970.exe
C:\Users\Paula-chan\AppData\Local\Temp\_is5D0D.exe
C:\Users\Paula-chan\AppData\Local\Temp\_is6ED9.exe
C:\Users\Paula-chan\AppData\Local\Temp\_isA1DA.exe
C:\Users\Paula-chan\AppData\Local\Temp\_isBFD5.exe
C:\Users\Paula-chan\AppData\Local\Temp\_isD81.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-20 19:23

==================== End Of Log ============================
         

--- --- ---

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Leider habe ich immer noch Probleme mit dem Virus
Nach dem Hochfahren öffnet sich von selbst das Programm Pilefile Reminder obwohl ich es bereits mit Revo deinstalliert habe. Außerdem kommt wenn ich Chrome öffne als Startseite Qone8.

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=5be304ba45247f479ca95065cbc17722
# engine=17724
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-02 05:25:21
# local_time=2014-04-02 07:25:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 96052 148089371 0 0
# scanned=256057
# found=1
# cleaned=0
# scan_time=16112
sh=B70F371A8C6416FC7C9735F478FC3EEF399B1F27 ft=1 fh=d73ad9000665fbf8 vn="multiple threats" ac=I fn="C:\Windows\Temp\RegistryOptimizer.exe"
         

Code: Alles auswählenAufklappen

ATTFilter

 Results of screen317's Security Check version 0.99.80  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
G Data InternetSecurity 2014   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 JavaFX 2.1.1    
 Java 7 Update 51  
 Adobe Flash Player 12.0.0.77  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 G Data InternetSecurity Firewall GDFwSvcx64.exe 
 G Data InternetSecurity Firewall GDFirewallTray.exe 
 Symantec Norton Online Backup NOBuAgent.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Paula-chan (administrator) on PAULA-CHAN-PC on 02-04-2014 20:17:36
Running from C:\Users\Paula-chan\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN LLC.) C:\Users\Paula-chan\AppData\Local\VNT\vntldr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [PLFSetL] - C:\Windows\\PLFSetL.exe
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [GDFirewallTray] - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-12-11] ()
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VNT] - C:\Program Files (x86)\VNT\vntldr.exe [196048 2014-03-19] (APN LLC.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1307518205-1141766383-1528977106-1000\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
HKU\S-1-5-21-1307518205-1141766383-1528977106-1000\...\Run: [Google+ Auto Backup] - "C:\Users\Paula-chan\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
Startup: C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Paula-chan\AppData\Roaming\Mozilla\Firefox\Profiles\vrkrs3uy.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Ask Toolbar) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajepeddfdaihpmdgnickofffkdlpb [2014-03-31]
CHR Extension: (Theme Creator) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2014-03-31]
CHR Extension: (Google Docs) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-31]
CHR Extension: (YouTube) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-31]
CHR Extension: (Google-Suche) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-31]
CHR Extension: (AdBlock) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-31]
CHR Extension: (Akira Isogawa) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\igmggajponoffjmhekbonemlgidfgdao [2014-03-31]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2014-03-31]
CHR Extension: (Little Alchemy) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-03-31]
CHR Extension: (Google Wallet) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR Extension: (Google Mail) - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-31]
CHR HKCU\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\Paula-chan\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [2014-03-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-03-31]
CHR HKLM-x32\...\Chrome\Extension: [aaaajepeddfdaihpmdgnickofffkdlpb] - C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7\CRX\ToolbarCR.crx [2014-03-31]
CHR HKLM-x32\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\Paula-chan\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [2014-03-31]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2012-12-24]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Paula-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-04-02]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://start.qone8.com/?type=sc&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX

==================== Services (Whitelisted) =================

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2562208 2013-10-15] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2942808 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [688240 2014-03-31] (Cherished Technololgy LIMITED)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-04-02] (Cherished Technololgy LIMITED)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
S2 MOBKbackup; "C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe" [X]

==================== Drivers (Whitelisted) ====================

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2014-03-18] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2014-03-18] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [63320 2014-03-18] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2014-03-18] (G Data Software AG)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2014-03-18] (G Data Software AG)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-02 20:07 - 2014-04-02 20:07 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\SupTab
2014-04-02 20:07 - 2014-04-02 20:07 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-02 20:07 - 2014-04-02 20:07 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-02 20:06 - 2014-04-02 20:06 - 00000000 ____D () C:\ProgramData\WPM
2014-04-02 20:04 - 2014-04-02 20:04 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\qone8
2014-04-02 19:38 - 2014-04-02 19:38 - 00000979 _____ () C:\Users\Paula-chan\Documents\checkup.txt
2014-04-02 19:32 - 2014-04-02 19:32 - 00987442 _____ () C:\Users\Paula-chan\Downloads\SecurityCheck.exe
2014-04-02 19:32 - 2014-04-02 19:32 - 00987442 _____ () C:\Users\Paula-chan\Desktop\SecurityCheck.exe
2014-04-02 14:28 - 2014-04-02 14:28 - 00000851 _____ () C:\Users\Paula-chan\.recently-used.xbel
2014-04-01 16:54 - 2014-04-01 16:54 - 00015178 _____ () C:\Users\Paula-chan\Documents\JRT.txt
2014-04-01 16:47 - 2014-04-01 16:47 - 01038974 _____ (Thisisu) C:\Users\Paula-chan\Downloads\JRT.exe
2014-04-01 16:44 - 2014-04-01 16:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-01 16:34 - 2014-04-01 16:34 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
2014-04-01 16:32 - 2014-04-01 16:32 - 00034566 _____ () C:\Users\Paula-chan\Documents\AdwCleaner[S0].txt
2014-04-01 16:31 - 2014-04-02 20:04 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Oxy
2014-04-01 16:19 - 2014-04-01 16:21 - 00000000 ____D () C:\AdwCleaner
2014-04-01 16:18 - 2014-04-01 16:18 - 00001160 _____ () C:\Users\Paula-chan\Documents\mbam.txt
2014-04-01 14:45 - 2014-04-01 14:45 - 01426178 _____ () C:\Users\Paula-chan\Downloads\adwcleaner.exe
2014-04-01 14:09 - 2014-04-01 14:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-01 14:08 - 2014-04-01 14:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Paula-chan\Downloads\revosetup95.exe
2014-03-31 21:02 - 2014-03-31 21:04 - 00041599 _____ () C:\Users\Paula-chan\Downloads\Addition.txt
2014-03-31 21:01 - 2014-04-02 20:17 - 00022766 _____ () C:\Users\Paula-chan\Downloads\FRST.txt
2014-03-31 21:00 - 2014-04-02 20:17 - 00000000 ____D () C:\FRST
2014-03-31 20:59 - 2014-03-31 20:59 - 02157056 _____ (Farbar) C:\Users\Paula-chan\Downloads\FRST64.exe
2014-03-31 20:59 - 2014-03-31 20:59 - 00000482 _____ () C:\Users\Paula-chan\Downloads\defogger_disable.log
2014-03-31 20:59 - 2014-03-31 20:59 - 00000000 _____ () C:\Users\Paula-chan\defogger_reenable
2014-03-31 20:58 - 2014-03-31 20:58 - 00050477 _____ () C:\Users\Paula-chan\Downloads\Defogger.exe
2014-03-31 20:17 - 2014-04-01 20:18 - 00000000 ___RD () C:\Users\Paula-chan\Desktop\Programme
2014-03-31 19:52 - 2014-04-02 19:57 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-31 19:52 - 2014-03-31 19:52 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-31 19:52 - 2014-03-31 19:52 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 19:51 - 2014-04-02 19:59 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-31 19:39 - 2014-03-31 19:42 - 00000000 ____D () C:\Users\Paula-chan\Documents\Default
2014-03-31 15:54 - 2014-04-01 14:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-31 15:54 - 2014-03-31 15:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-31 15:54 - 2014-03-31 15:54 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-31 15:54 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-31 15:54 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-31 15:54 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 15:51 - 2014-03-31 15:53 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Paula-chan\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-31 15:47 - 2014-03-31 15:47 - 00271720 _____ () C:\Windows\Minidump\033114-31808-01.dmp
2014-03-31 15:24 - 2014-03-31 15:24 - 00000000 ____D () C:\ProgramData\CDB
2014-03-31 15:23 - 2014-03-31 15:25 - 00000000 ____D () C:\rei
2014-03-31 15:23 - 2014-03-31 15:23 - 00000000 ____D () C:\Program Files\Reimage
2014-03-31 15:20 - 2014-03-31 15:25 - 00000155 _____ () C:\Windows\Reimage.ini
2014-03-31 15:03 - 2014-03-31 15:03 - 00003622 _____ () C:\Windows\System32\Tasks\Oxy
2014-03-31 15:02 - 2014-03-31 15:02 - 00003630 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-03-31 15:02 - 2014-03-31 15:02 - 00003240 _____ () C:\Windows\System32\Tasks\PileFile logon
2014-03-27 21:51 - 2014-03-29 17:32 - 00000000 ____D () C:\Users\Paula-chan\Documents\Movie Studio Platinum 13.0 Projects
2014-03-27 21:45 - 2014-03-27 21:45 - 00000000 ____D () C:\Program Files\Sony
2014-03-23 15:49 - 2014-03-23 15:49 - 00000000 ____D () C:\Program Files (x86)\directx
2014-03-23 15:48 - 2014-03-23 15:48 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-03-20 23:18 - 2014-03-20 23:18 - 00000000 ____D () C:\Users\Paula-chan\Downloads\kage_pro_osu_skin_by_juvia_fullbuster_by_lyra_kizzle08-d6vf3in
2014-03-18 21:37 - 2014-03-18 21:37 - 02700064 _____ () C:\Users\Paula-chan\Downloads\colour_me___challenge_by_ryky-d7aop7x.psd
2014-03-17 23:22 - 2014-03-18 21:26 - 00274419 _____ () C:\Users\Paula-chan\Documents\april.odt
2014-03-16 13:46 - 2014-03-20 21:09 - 03421415 _____ () C:\Users\Paula-chan\Documents\bday.odt
2014-03-14 17:34 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 17:34 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 17:34 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 17:34 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 17:34 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 17:34 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 17:34 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 17:34 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 17:34 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 17:34 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 17:34 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 17:34 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 17:34 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 17:34 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 17:34 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 17:34 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 17:34 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 17:34 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 17:34 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 17:34 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 17:34 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 17:34 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 17:34 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 17:34 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 17:34 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 17:34 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 17:34 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 17:34 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 17:34 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 17:34 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 17:34 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 17:34 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 17:34 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 17:34 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 17:34 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 17:34 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 17:34 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 17:34 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 17:34 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 17:34 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 17:34 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 17:34 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 17:34 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 17:34 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 17:32 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 17:32 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 17:32 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 17:32 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-04-02 20:18 - 2014-03-31 21:01 - 00022766 _____ () C:\Users\Paula-chan\Downloads\FRST.txt
2014-04-02 20:17 - 2014-03-31 21:00 - 00000000 ____D () C:\FRST
2014-04-02 20:17 - 2012-04-05 15:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-02 20:07 - 2014-04-02 20:07 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\SupTab
2014-04-02 20:07 - 2014-04-02 20:07 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-02 20:07 - 2014-04-02 20:07 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-02 20:07 - 2011-06-11 01:58 - 00773680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2014-04-02 20:07 - 2011-06-11 01:58 - 00420912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2014-04-02 20:07 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-02 20:07 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-02 20:06 - 2014-04-02 20:06 - 00000000 ____D () C:\ProgramData\WPM
2014-04-02 20:04 - 2014-04-02 20:04 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\qone8
2014-04-02 20:04 - 2014-04-01 16:31 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Oxy
2014-04-02 20:04 - 2012-02-02 22:18 - 00001219 _____ () C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-02 20:01 - 2012-02-03 16:03 - 00000000 ____D () C:\ProgramData\clear.fi
2014-04-02 19:59 - 2014-03-31 19:51 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-02 19:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-02 19:59 - 2009-07-14 06:51 - 00128703 _____ () C:\Windows\setupact.log
2014-04-02 19:58 - 2010-11-21 05:47 - 00678474 _____ () C:\Windows\PFRO.log
2014-04-02 19:57 - 2014-03-31 19:52 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-02 19:57 - 2011-12-13 11:17 - 01364399 _____ () C:\Windows\WindowsUpdate.log
2014-04-02 19:38 - 2014-04-02 19:38 - 00000979 _____ () C:\Users\Paula-chan\Documents\checkup.txt
2014-04-02 19:32 - 2014-04-02 19:32 - 00987442 _____ () C:\Users\Paula-chan\Downloads\SecurityCheck.exe
2014-04-02 19:32 - 2014-04-02 19:32 - 00987442 _____ () C:\Users\Paula-chan\Desktop\SecurityCheck.exe
2014-04-02 19:25 - 2011-12-13 20:10 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-04-02 19:25 - 2011-12-13 20:10 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-04-02 19:25 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-02 14:50 - 2012-02-22 13:02 - 00000000 ____D () C:\Users\Paula-chan\.gimp-2.6
2014-04-02 14:28 - 2014-04-02 14:28 - 00000851 _____ () C:\Users\Paula-chan\.recently-used.xbel
2014-04-02 14:28 - 2012-02-02 22:16 - 00000000 ____D () C:\Users\Paula-chan
2014-04-01 22:26 - 2012-02-27 23:18 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\SoftGrid Client
2014-04-01 20:18 - 2014-03-31 20:17 - 00000000 ___RD () C:\Users\Paula-chan\Desktop\Programme
2014-04-01 16:54 - 2014-04-01 16:54 - 00015178 _____ () C:\Users\Paula-chan\Documents\JRT.txt
2014-04-01 16:47 - 2014-04-01 16:47 - 01038974 _____ (Thisisu) C:\Users\Paula-chan\Downloads\JRT.exe
2014-04-01 16:44 - 2014-04-01 16:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-01 16:34 - 2014-04-01 16:34 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
2014-04-01 16:32 - 2014-04-01 16:32 - 00034566 _____ () C:\Users\Paula-chan\Documents\AdwCleaner[S0].txt
2014-04-01 16:21 - 2014-04-01 16:19 - 00000000 ____D () C:\AdwCleaner
2014-04-01 16:20 - 2012-02-05 15:22 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-01 16:18 - 2014-04-01 16:18 - 00001160 _____ () C:\Users\Paula-chan\Documents\mbam.txt
2014-04-01 14:45 - 2014-04-01 14:45 - 01426178 _____ () C:\Users\Paula-chan\Downloads\adwcleaner.exe
2014-04-01 14:26 - 2014-03-31 15:54 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-01 14:09 - 2014-04-01 14:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-01 14:08 - 2014-04-01 14:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Paula-chan\Downloads\revosetup95.exe
2014-03-31 21:04 - 2014-03-31 21:02 - 00041599 _____ () C:\Users\Paula-chan\Downloads\Addition.txt
2014-03-31 20:59 - 2014-03-31 20:59 - 02157056 _____ (Farbar) C:\Users\Paula-chan\Downloads\FRST64.exe
2014-03-31 20:59 - 2014-03-31 20:59 - 00000482 _____ () C:\Users\Paula-chan\Downloads\defogger_disable.log
2014-03-31 20:59 - 2014-03-31 20:59 - 00000000 _____ () C:\Users\Paula-chan\defogger_reenable
2014-03-31 20:58 - 2014-03-31 20:58 - 00050477 _____ () C:\Users\Paula-chan\Downloads\Defogger.exe
2014-03-31 19:57 - 2012-04-30 18:19 - 00000000 ____D () C:\Users\Paula-chan\AppData\Local\Google
2014-03-31 19:54 - 2012-08-01 17:57 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-31 19:52 - 2014-03-31 19:52 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-31 19:52 - 2014-03-31 19:52 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 19:42 - 2014-03-31 19:39 - 00000000 ____D () C:\Users\Paula-chan\Documents\Default
2014-03-31 18:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-03-31 15:54 - 2014-03-31 15:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-31 15:54 - 2014-03-31 15:54 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-31 15:53 - 2014-03-31 15:51 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Paula-chan\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-31 15:47 - 2014-03-31 15:47 - 00271720 _____ () C:\Windows\Minidump\033114-31808-01.dmp
2014-03-31 15:47 - 2012-06-28 20:20 - 00000000 ____D () C:\Windows\Minidump
2014-03-31 15:47 - 2012-06-28 20:19 - 401884526 _____ () C:\Windows\MEMORY.DMP
2014-03-31 15:25 - 2014-03-31 15:23 - 00000000 ____D () C:\rei
2014-03-31 15:25 - 2014-03-31 15:20 - 00000155 _____ () C:\Windows\Reimage.ini
2014-03-31 15:24 - 2014-03-31 15:24 - 00000000 ____D () C:\ProgramData\CDB
2014-03-31 15:23 - 2014-03-31 15:23 - 00000000 ____D () C:\Program Files\Reimage
2014-03-31 15:03 - 2014-03-31 15:03 - 00003622 _____ () C:\Windows\System32\Tasks\Oxy
2014-03-31 15:02 - 2014-03-31 15:02 - 00003630 _____ () C:\Windows\System32\Tasks\PileFile reminder
2014-03-31 15:02 - 2014-03-31 15:02 - 00003240 _____ () C:\Windows\System32\Tasks\PileFile logon
2014-03-29 17:32 - 2014-03-27 21:51 - 00000000 ____D () C:\Users\Paula-chan\Documents\Movie Studio Platinum 13.0 Projects
2014-03-28 17:19 - 2014-01-26 21:36 - 00000000 ____D () C:\Users\Paula-chan\AppData\Local\VNT
2014-03-27 22:30 - 2012-02-08 18:01 - 00000000 ____D () C:\ProgramData\Sony
2014-03-27 22:29 - 2012-02-08 17:02 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Sony
2014-03-27 22:21 - 2012-02-08 17:03 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-03-27 21:45 - 2014-03-27 21:45 - 00000000 ____D () C:\Program Files\Sony
2014-03-27 20:58 - 2014-01-26 21:36 - 00000000 ____D () C:\Program Files (x86)\VNT
2014-03-24 21:03 - 2013-05-16 18:18 - 00000000 ___RD () C:\Users\Paula-chan\Desktop\Games
2014-03-24 11:51 - 2012-09-27 20:38 - 00000000 ____D () C:\Users\Paula-chan\Documents\Schule
2014-03-23 21:47 - 2012-02-05 16:01 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\vlc
2014-03-23 15:49 - 2014-03-23 15:49 - 00000000 ____D () C:\Program Files (x86)\directx
2014-03-23 15:49 - 2011-10-20 11:07 - 00029527 _____ () C:\Windows\DirectX.log
2014-03-23 15:48 - 2014-03-23 15:48 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-03-23 15:48 - 2011-10-20 10:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-23 15:47 - 2013-10-29 14:39 - 00000000 ____D () C:\Users\Paula-chan\Downloads\Games
2014-03-21 13:07 - 2012-06-09 12:30 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-03-20 23:18 - 2014-03-20 23:18 - 00000000 ____D () C:\Users\Paula-chan\Downloads\kage_pro_osu_skin_by_juvia_fullbuster_by_lyra_kizzle08-d6vf3in
2014-03-20 21:09 - 2014-03-16 13:46 - 03421415 _____ () C:\Users\Paula-chan\Documents\bday.odt
2014-03-20 12:42 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-18 23:49 - 2013-08-14 23:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 23:47 - 2012-04-24 16:26 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 21:37 - 2014-03-18 21:37 - 02700064 _____ () C:\Users\Paula-chan\Downloads\colour_me___challenge_by_ryky-d7aop7x.psd
2014-03-18 21:30 - 2013-06-01 15:09 - 00065368 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2014-03-18 21:30 - 2012-04-01 22:35 - 00130392 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-03-18 21:30 - 2012-04-01 22:35 - 00064856 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-03-18 21:30 - 2012-04-01 22:35 - 00063320 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2014-03-18 21:30 - 2012-04-01 22:35 - 00060248 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-03-18 21:26 - 2014-03-17 23:22 - 00274419 _____ () C:\Users\Paula-chan\Documents\april.odt
2014-03-17 23:22 - 2013-09-23 21:17 - 00000000 ____D () C:\Users\Paula-chan\Documents\Sonstiges
2014-03-16 13:29 - 2012-09-27 20:37 - 00000000 ____D () C:\Users\Paula-chan\Documents\Zeichnungen
2014-03-16 12:13 - 2009-07-14 06:45 - 00354000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-16 12:12 - 2013-03-14 20:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-16 12:12 - 2013-03-14 20:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 21:33 - 2013-10-11 13:33 - 00000000 ____D () C:\Users\Paula-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
2014-03-12 19:04 - 2012-02-07 21:05 - 00000000 ____D () C:\Users\Paula-chan\AppData\Local\Adobe
2014-03-12 19:03 - 2012-04-05 15:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 19:03 - 2012-04-05 15:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 19:03 - 2011-10-20 11:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-05 09:26 - 2014-03-31 15:54 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-31 15:54 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-31 15:54 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Paula-chan\AppData\Local\Temp\ApnStub.exe
C:\Users\Paula-chan\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Paula-chan\AppData\Local\Temp\AskSLib.dll
C:\Users\Paula-chan\AppData\Local\Temp\contentDATs.exe
C:\Users\Paula-chan\AppData\Local\Temp\dotNetFx35setup.exe
C:\Users\Paula-chan\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Paula-chan\AppData\Local\Temp\drm_dyndata_7380007.dll
C:\Users\Paula-chan\AppData\Local\Temp\GuardICQ.exe
C:\Users\Paula-chan\AppData\Local\Temp\htmlayout.dll
C:\Users\Paula-chan\AppData\Local\Temp\incredibar_installer.exe
C:\Users\Paula-chan\AppData\Local\Temp\IZArc4.1.6.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Paula-chan\AppData\Local\Temp\Keygen.exe
C:\Users\Paula-chan\AppData\Local\Temp\MyBabylonTB_I.exe
C:\Users\Paula-chan\AppData\Local\Temp\Quarantine.exe
C:\Users\Paula-chan\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Paula-chan\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Paula-chan\AppData\Local\Temp\setup.exe
C:\Users\Paula-chan\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Paula-chan\AppData\Local\Temp\tbDVDV.dll
C:\Users\Paula-chan\AppData\Local\Temp\tbuTor.dll
C:\Users\Paula-chan\AppData\Local\Temp\tmp360F.exe
C:\Users\Paula-chan\AppData\Local\Temp\tmp4B76.exe
C:\Users\Paula-chan\AppData\Local\Temp\tmp4DB5.exe
C:\Users\Paula-chan\AppData\Local\Temp\tmp6327.tmp.exe
C:\Users\Paula-chan\AppData\Local\Temp\tmp7916.tmp.exe
C:\Users\Paula-chan\AppData\Local\Temp\tmpAB5F.tmp.exe
C:\Users\Paula-chan\AppData\Local\Temp\tmpDB71.exe
C:\Users\Paula-chan\AppData\Local\Temp\uninst.exe
C:\Users\Paula-chan\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Paula-chan\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Paula-chan\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Paula-chan\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Paula-chan\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Paula-chan\AppData\Local\Temp\vpsetup.exe
C:\Users\Paula-chan\AppData\Local\Temp\_is2970.exe
C:\Users\Paula-chan\AppData\Local\Temp\_is5D0D.exe
C:\Users\Paula-chan\AppData\Local\Temp\_is6ED9.exe
C:\Users\Paula-chan\AppData\Local\Temp\_isA1DA.exe
C:\Users\Paula-chan\AppData\Local\Temp\_isBFD5.exe
C:\Users\Paula-chan\AppData\Local\Temp\_isD81.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-20 19:23

==================== End Of Log ============================
         

--- --- ---

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.




Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Vielen Dank für die Hilfe jetzt funktioniert glaube ich wieder alles

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Paula-chan at 2014-04-03 15:51:13 Run:1
Running from C:\Users\Paula-chan\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396461871&from=mp3&uid=HitachiXHTS547550A9E384_J2150050HNW4PCHNW4PCX&q={searchTerms}
         
*****************

"C:\\PROGRA~2\\SupTab\\SEARCH~1.DLL" => Value Data removed successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.

==== End of Fixlog ====
         

Fertig

Die Reihenfolge ist hier entscheidend.

1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
   • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
   • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
   • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
3. Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
   • Schließe alle offenen Programme.
   • Starte die delfix.exe mit einem Doppelklick.
   • Setze vor jede Funktion ein Häkchen.
   • Klicke auf Start.
   • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
   • Starte deinen Rechner abschließend neu.
4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

• Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
• Windows Updates
  • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
  • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
• Gehe sicher das die automatischen Updates aktiviert sind.
• Software Updates
  Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
  Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

• Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

• MalwareBytes Anti Malware
  Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
  Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
  Ein Tutorial zur Verwendung findest Du hier.
• WinPatrol
  Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

• SpywareBlaster
  Eine kurze Einführung findest du Hier
• MVPs hosts file
  Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
• WOT (Web of trust)
  Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

• Opera
• Mozilla Firefox.
  • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    
  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
    Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts

• Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
• verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
• Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
• Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Okay jetzt ist alles erledigt
Noch mal danke für die Hilfe!

Gern Geschehen